======= Data removal in accordance with Datatilsynets requirements =======
This guide describes how to delete data permanently,
following, as recommended in http://www.datatilsynet.dk/offentlig/sikkerhed/sletning-af-datamedier/ , the specification DOD 5220.22-M,
====== Intro / Background ======
When giving hardware away, IT University has to follow the danish Datatilsynets guideline for the deletion of data,
related page in english: http://www.datatilsynet.dk/english/processing-of-sensitive-personal-data-in-a-cloud-solution/
====== scrub ======
A software tool compliant with the DOD 5220.22-M specification is
It is also available as a binary in Ubuntu repos for versions 10 and 11, and contained in security tool collections like Backtrack.
Here, we will be using Backtrack 4 Live CD,
====== Time estimate ======
The time needed for this procedure depends on size of systems,
however a reasonable estimate is
15 mns for preparation and boot of machine, and half and some hours for the actual deletion process,
//Since the process runs unattended for several hours, we suggest that the task is performed on a "one laptop per day" basis ("start in the morning, let it run, finish when leaving") - not as a dedicated task.//
====== Step-by-step Guide ======
1) Use bootable dvd or USB with backtrack 4 -
2) Insert dvd drive (if not in place already) and boot from dvd
Alternatively, boot backtrack from USB stick - if the BIOS supports this.
3) start backtrack in default mode, then boot into GUI by typing
3a) If relevant, go to Control Panel and change keyboard settings for easier use. The default keyboard is "US".
4) From the menu, open Backtrack > Digital Forensics > Anti-Forensics > scrub
or just open a console.
5) On the opening console, type
# fdisk -l
to identify the partitions you would like to shred.
Output of fdisk command might look like this:
Device Boot Start End Blocks Id System /dev/sda1 * 1 7708 61907816 7 HPFS/NTFS /dev/sda2 7709 16218 68356575 83 Linux /dev/sda3 16219 16704 3903795 82 Linux swap / Solaris /dev/sda4 16705 19457 22113472+ b W95 FAT32
6) Shred the partition with
# scrub -p dod <dev>
In doubt check the manpage at
Example: to shred the Windows HPFS/NTFS partition on system above, type
# scrub -p dod /dev/sda1
During the process, you will see output like
scrub: 0x00 scrub: 0xff scrub: random
scrub in dod mode will take 7 rounds total while the default mode (NNSA Policy Letter NAP-14.x) takes 3 rounds.
7) Verify the deletion.
When booting the machine from a LiveCD again, and looking at the partitions, it should report that "No operating system can be found". Strictly speaking, this isnt proof of complete data removal either, but together with scrub's own verification, it fulfills the requirements.