 |
 |
|
 | |  |
|
Guest10
| Joined: 27 Apr 2008 |
| Posts: 4398 |
| Location: Ohio, USA |
|
|
 Posted: Tue Sep 30, 2008 5:08 pm |
|
 |
 |
|
|
On the Delete Command sandbox setting, it's nice that pre-selected commands are available for SDelete and Eraser. Perhaps a note that the sdelete.exe program must be put into a folder that's in the PATH, such as the Windows folder, since there's no pre-defined place to put the program after extracting it from its .zip file.
Also, setting up Eraser to use the Gutmann method seems to be over-kill, to me. Even Gutmann has acknowledged that the hard drives of today don't need 35 overwrites in order to be effective at secure deleting files.
Unless I'm wrong about the options, it looks like the pre-defined delete command you use for Sdelete is to run Quiet (-q), and yet Eraser is setup to show Results (-results). I use SDelete and have never seen a need for the -q option.
----
Also, in regard to the note underneath the Delete Command box, shouldn't it say
"%SANDBOX%", not just "SANDBOX" (with quote marks)
 |
|
_________________
Paul
XP Pro SP3 (Admin rights), Zone Alarm Pro Firewall, Malwarebytes Pro, Firefox 21, Thunderbird 17
|
 |
| | |
|
tzuk
| Joined: 22 Jun 2004 |
| Posts: 15154 |
|
|
|
| Posted: Tue Sep 30, 2008 6:11 pm |
|
|
|
|
|
Actually, I only put these as examples from stuff I found in the forum. I really want your (and others') input about the best command lines for these delete tools. Also if you want to suggest more delete utilities (and command line), feel free.
And I'm splitting this off into a separate topic.
|
|
_________________
tzuk
|
|
| | |
|
Guest10
| Joined: 27 Apr 2008 |
| Posts: 4398 |
| Location: Ohio, USA |
|
|
| Posted: Tue Sep 30, 2008 6:44 pm |
|
|
|
|
|
For Eraser, the eraserl.exe program is already installed in the Windows\System32 folder for the latest versions of Eraser, so the complete path to the file would not normally be needed.
To speed up the deletion, and based on what I've read about 1 pass of random data being enough for today's hard drives, I would use:
Eraserl.exe -folder "%SANDBOX%" -subfolders -method random 1 -queue -resultsonerror
For sdelete.exe:
sdelete.exe -p 1 -s "%SANDBOX%"
However, since SDelete is distributed via a .zip file and does not have an installer, it should be noted that the sdelete.exe program should be placed in the Windows folder, or the command line should be edited to include the complete path to sdelete.exe - to ensure that it will be found.
|
|
|
|
| | |
|
tzuk
| Joined: 22 Jun 2004 |
| Posts: 15154 |
|
|
|
| Posted: Tue Sep 30, 2008 7:11 pm |
|
|
|
|
|
Well I think it's always a good idea to give an explicit path. Other than that I accept your suggestions. But let's let other people review them as well.
|
|
|
|
soccerfan
| Joined: 25 Sep 2007 |
| Posts: 421 |
|
|
|
| Posted: Tue Sep 30, 2008 7:52 pm |
|
|
|
|
|
| tzuk wrote: |
| Well I think it's always a good idea to give an explicit path. Other than that I accept your suggestions. But let's let other people review them as well. |
I put sdelete.exe in the sandboxie folder (where the sandboxie application files reside) and use the command:
DeleteCommand=sdelete.exe -p 3 -s "%SANDBOX%"
No path information needed this way. |
|
_________________
soccerfan
|
|
Guest
|
|
| Posted: Tue Oct 14, 2008 2:53 am |
|
|
|
|
|
Hi. I think that for Eraser that the "Schneier 7 pass" is good. I seen somewhere that it is the best way to secure destroy data. If I am wrong, please correct me.
|
|
|
|
MitchE323
| Joined: 02 Nov 2006 |
| Posts: 2268 |
|
|
|
| Posted: Tue Oct 14, 2008 3:29 pm |
|
|
|
|
|
| Guest10 wrote: |
For sdelete.exe:
sdelete.exe -p 1 -s "%SANDBOX%"
However, since SDelete is distributed via a .zip file and does not have an installer, it should be noted that the sdelete.exe program should be placed in the Windows folder, or the command line should be edited to include the complete path to sdelete.exe - to ensure that it will be found. |
Also, it seems that if are using SDelete for the first time, you need to double-click the sdelete.exe to get to "Agree" - after that it seems to work fine. |
|
|
|
| | |
|
Guest10
| Joined: 27 Apr 2008 |
| Posts: 4398 |
| Location: Ohio, USA |
|
|
| Posted: Tue Oct 14, 2008 10:34 pm |
|
|
|
|
|
| Guest10 wrote: |
Also, in regard to the note underneath the Delete Command box, shouldn't it say
"%SANDBOX%", not just "SANDBOX" (with quote marks) |
From my first post in this thread, I still believe that the Delete Command screen should have the text underneath the delete command box changed:
from
"SANDBOX"
to
"%SANDBOX%"
v3.31.04 |
|
|
|
| | |
|
Guest10
| Joined: 27 Apr 2008 |
| Posts: 4398 |
| Location: Ohio, USA |
|
|
| Posted: Tue Oct 14, 2008 10:55 pm |
|
|
|
|
|
From a paper by Peter Gutmann
Secure Deletion of Data from Magnetic and Solid-State Memory
http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
| Quote: |
...
Epilogue
In the time since this paper was published, some people have treated the 35-pass overwrite technique described in it more as a kind of voodoo incantation to banish evil spirits than the result of a technical analysis of drive encoding techniques. As a result, they advocate applying the voodoo to PRML and EPRML drives even though it will have no more effect than a simple scrubbing with random data. In fact performing the full 35-pass overwrite is pointless for any drive since it targets a blend of scenarios involving all types of (normally-used) encoding technology, which covers everything back to 30+-year-old MFM methods (if you don't understand that statement, re-read the paper). If you're using a drive which uses encoding technology X, you only need to perform the passes specific to X, and you never need to perform all 35 passes. For any modern PRML/EPRML drive, a few passes of random scrubbing is the best you can do. As the paper says, "A good scrubbing with random data will do about as well as can be expected". This was true in 1996, and is still true now.
Looking at this from the other point of view, with the ever-increasing data density on disk platters and a corresponding reduction in feature size and use of exotic techniques to record data on the medium, it's unlikely that anything can be recovered from any recent drive except perhaps a single level via basic error-cancelling techniques. In particular the drives in use at the time that this paper was originally written have mostly fallen out of use, so the methods that applied specifically to the older, lower-density technology don't apply any more. Conversely, with modern high-density drives, even if you've got 10KB of sensitive data on a drive and can't erase it with 100% certainty, the chances of an adversary being able to find the erased traces of that 10KB in 80GB of other erased traces are close to zero. |
So make 1 pass with random data if you aren't overly concerned with the data being reconstructed by the authorities (and thereby speed up the secure delete process), or use several passes of random data if you have to get rid of evidence that might be used against you. |
|
|
|
| | |
|
tzuk
| Joined: 22 Jun 2004 |
| Posts: 15154 |
|
|
|
| Posted: Thu Oct 16, 2008 12:08 am |
|
|
|
|
|
| Guest10 wrote: |
| From my first post in this thread, I still believe that the Delete Command screen should have the text underneath the delete command box changed: from "SANDBOX" to "%SANDBOX%" v3.31.04 |
Clearly you're right. I fixed it now, should appear correctly in the next version.
As for the actual deletion commands, I'm still willing to put there whatever programs and command lines you guys decide. |
|
|
You cannot post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
 Use the RSS feed to watch this topic for replies
|
|
|
|
| |
