Since I saw a lot of people here on the forum asking the same question; how can I securely erase, delete, wipe my hard disk before selling, RMA etc and all the suggestions led to one general solution; put the hard disks in a normal pc and boot with a utility like DBAN and also since the "Secure Erase option for RAIDar" isn't available for these older devices, I came up with a far more easy solution for the paranoid and/or the legally obligated ones when selling or disposing your ReadyNAS including hard disks.
Some background info, this was done on an old NV+ (sparc processor) with a X-Raid setup, so just one volume. I used the srm utility, part of the secure delete package for Debian, for some background see the Wikipedia page about srm.
Step 1:The EnableRootSSH addon. Again, install using the Frontview web UI under System -> Update -> Local Update. This will allow you to SSH in to the ReadyNAS and bring up a shell command prompt.
Step 2: Login to your ReadyNAS as root via ssh.
Step 3: Download the Sparc binary version of the Secure Delete package, I found a deb for Debian Sarge Sparc here.
Step 5: Either use this command if your volumes aren't empty yet:
srm -rv /c/
or this command if your volume was already cleaned out and there is only free space left:
sfill -v /c/
Step 6: Wait, depends on how fast your ReadyNAS is of course, but this could take days/weeks to finish. Alternatively you could use the -f (no urandom) and/or -l (less passes) option(s).
Please let me know how this works out for you, hope this helps a bit for users who want to securely wipe their hard disks before sending them home or to a new owner.
RAIDar has secure erase built in (certainly with sparc platforms, and I think the others). It requires 4.1.7 or later firmware. Note sure if it uses 35-pass Gutmann or some other over-writing method.
Note that the 35-pass Gutmann method referenced in the wiki link is no longer viewed as the best method. Simple scrubbing with random data is really about the best you can do with over-writing on a modern disk. You can theoretically do better with a degausser, however that makes the disk unusable.
Is the secure erase option available for Sparc? I didn't think it was.
You might be meaning RAIDar 4.1.7 or later is needed? Or something like that?
I think you're right. http://www.readynas.com/?cat=19 lists it for RAIDiator 4.2.7 and then says RAIDar 4.1.7 is also needed. I saw the 4.1.7 and jumped to the wrong conclusion.
BTW, you can also just use the vendor diagnostic tools to write 0s to the drive. Though not as good as random writes, I think the security risk is extremely low.
In any case unless you are paranoid or have a legal requirement to do a secure wipe, doing an ordinary factory default should be sufficient. With a 3 or more disk array, disposing of disks separately would also be something that could be done. With e.g. a 3 disk X-RAID array two disks would be needed to recover data and even then if you got those two disks and a factory default had been done on those two disks to wipe them you wouldn't recover data. Other things like connecting the disk up to a PC and formatting it using NTFS could be done. If a disk is formatted with NTFS most people would assume it was taken from a Windows Machine.
In any case unless you are paranoid or have a legal requirement to do a secure wipe, doing an ordinary factory default should be sufficient. With a 3 or more disk array, disposing of disks separately would also be something that could be done. With e.g. a 3 disk X-RAID array two disks would be needed to recover data and even then if you got those two disks and a factory default had been done on those two disks to wipe them you wouldn't recover data. Other things like connecting the disk up to a PC and formatting it using NTFS could be done. If a disk is formatted with NTFS most people would assume it was taken from a Windows Machine.
That "should" in your post was just the part I was trying to eliminate for myself, I just wanted to be sure without having to move hard disks out of the ReadyNAS and without having to sell them separately. I just wanted an easy solution where I can sell the complete ReadyNAS including disks without having doubts about anyone being able to recover data.
I would say that it would be sufficient. If you do a factory default NetGear will not help you recover data. However if you're worried take the disks out and wipe them securely for that extra peace of mind
You can of course abort a factory default by powering down before the 10 minute countdown finishes. Only after the countdown or RAID mode choice would the disks be wiped by the NAS.
In any case unless you are paranoid or have a legal requirement to do a secure wipe, doing an ordinary factory default should be sufficient. With a 3 or more disk array, disposing of disks separately would also be something that could be done. With e.g. a 3 disk X-RAID array two disks would be needed to recover data and even then if you got those two disks and a factory default had been done on those two disks to wipe them you wouldn't recover data. Other things like connecting the disk up to a PC and formatting it using NTFS could be done. If a disk is formatted with NTFS most people would assume it was taken from a Windows Machine.
Just imagining paranoia for a moment... :twisted:
-I agree that an ordinary factory default should do the job for most users, since the raid array is completely rebuilt, which writes to every block on the disk (at least all the blocks in the raid partitions). AFAIK trying to recover the over-written data requires very special tools, and even then they probably don't get a lot of the data.
-Your separate disposal idea is much riskier. In your three disk example, if I had one of your disks (using XRAID-2) and was attempting forensic recovery I would have direct access to 1/3 of the array - 2/3 the blocks on the disk are data blocks, the rest are parity. The pattern is regular, so I could fairly easily tell where the data blocks were. So while I couldn't see all the data, I could see a fair amount of it. If you store passwords or personal information, there's a 33% chance it is on the disk I got from you. With X-RAID, I believe that the parity blocks are all on one drive. So in that case, if I happened to get a data disk I would have access to 50% of the data blocks, not 33%. And if it were a 2-disk array, it is mirrored, so I have all the data blocks.
My take - if you don't think reformatting a single disk volume is enough when you dispose of it, then you certainly won't feel comfortable with the separate disposal strategy. Even if you do think reformatting is enough, you could reasonably feel nervous about handing someone unknown a significant fraction of your data.
EDIT - if you are proposing separate disposal after a factory default, then of course that only reduces risk over a factory default. My paranoia was imagining simply removing the disks of an intact array and doing separate disposal.
Actually you'd probably only need one disk to recover the data in the OS partition, which contains the config (including passwords etc.). However wiping the disk would make it extremely difficult to recover even that data.
This thread is slightly dated but I wanted to reply and say that the instructions above seem to have worked for me on my old ReadyNAS NV.
I followed the instructions and installed the Secure Delete package, then ran the "srm -rv /c/" command via SSH. It was a piece of cake. I could see where it deleted a couple empty directories as well as the admin and home folders. Then it got to a folder where I still had some non-sensitive files. It got to the first file and displayed a "Wiping (file name) **" message... and it has been sitting at that for about 40 minutes now. So I don't see any indication of exactly what it is doing now but the activity LED on my NAS is steadily flashing so I assume it is wiping the drives successfully. I don't know if it is still on that first file or if it is just not updating the console any more. And of course I will have no way to check how good a job it is doing with the actual obliteration process.
I did spend quite a bit of time backing up my files and the deleting them from the NAS for what it's worth. So just to be clear, can I assume that those deleted files will be wiped as well or do I need to run another command to wipe the free space?
Also, my ReadyNAS NV partitions were created with the old 4K block size. My plan was to do a factory reset after this which will rebuild the array/partitions with a 16K block size. Will this have any impact one way or the other on making it easier or harder for someone to recover any data from my drives? I was thinking of trying to sell them on eBay either separately or as a group.
If you do a secure delete of your files they would be gone. If you do a factory default with the drives in place that would make data recovery even more difficult (if it wasn't already impossible).
If you're wanting to sell your drives (not with your NAS) you could hook them up to your PC and format them to use NTFS as I suggested earlier. Most people would assume, that they were connected to a Windows PC and wouldn't suspect they were formatted using the EXT3 filesystem
If you do a secure delete of your files they would be gone. If you do a factory default with the drives in place that would make data recovery even more difficult (if it wasn't already impossible).
If you're wanting to sell your drives (not with your NAS) you could hook them up to your PC and format them to use NTFS as I suggested earlier. Most people would assume, that they were connected to a Windows PC and wouldn't suspect they were formatted using the EXT3 filesystem
Well I just did a normal delete of most of my files using a mapped drive from a PC. These were the files that I was most concerned with as they contained backups of several systems with potentially some sensitive information. The files that I am deleting now using srm are ones I'm not so concerned with. (so perhaps I did this backwards).
I'm not opposed to using a PC to format my drives but if I can avoid it I would prefer not to. And I was thinking that there may be other ReadyNAS users out there who bought the same drives that I did and are looking for some spares so trying to hide their history would not work in that case.
So my question is whether srm will have any impact on the available free space where my previously deleted files potentially still exist. If it does then I think that, along with a factory reset would put my mind at ease. But if the free space is not overwritten securely then I need to find a way to do that.
StephenB wrote:
Vendor tools also allow you to write zeros to every sector of the drive.
I'm not quite sure what you mean by Vendor Tools. How would I go about doing that?
You would hook your drives up to an internal SATA port in your PC and say boot off the Ultimate Boot CD. You could then use disk wiping tools such as DBAN or vendor tools e.g. SeaTools for SeaGate disks to securely wipe the disks.
OK I see... yes this is the step I'm trying to avoid if possible. So I guess that means srm does not take care of the free space but just the actual files it deletes?
srm would just delete files, I think. A factory default would wipe the partition table off the disks and create a new partition table and create a new volume.
Update: I realized that I was going to spend many hours or days waiting for srm to securely wipe several hundred GB of media files that I don't really care about. So I decided to abort that process after 6 hours. The files I care about are already deleted and just need to be wiped somehow. Of course there are many theories and opinions about this... but the idea of just overwriting the data blocks by filling the drive space with zeros makes sense to me. And I am not some secret government body with classified secrets to hide. I just don't want some stranger to be able to recover my personal info, photos, or passwords.
I just came across the following suggestion as a way to write zero filled files to every free block on the disk and then delete them:
So I could probably be happy with something like that... but then I noticed that the OP of this thread already addressed the free space question with the sfill command.
sfill -v /c/
That's running now with the full 38 passes using random data, so I expect that could run a while. When that's done I believe I will run it a second time with the -l switch for 2 more passes... just for fun.
sfill -l -v /c/
Then I will do the factory reset. I think after that I'll feel pretty good about it without having to plug each drive into a PC and reformat etc. And if I can sell each drive separately all the better. I will probably keep at least one for myself.
OK I see... yes this is the step I'm trying to avoid if possible. So I guess that means srm does not take care of the free space but just the actual files it deletes?
From the srm man page:
Some of your data might have a temporary (deleted) copy somewhere on the disk. You should use sfill which comes with the secure_deletion package to ensure to wipe also the free diskspace. However, If already a small file aquired a block with your precious data, no tool known to me can help you here. For a secure deletion of the swap space sswap is available.
For anyone still following along - I can report that trying to use sfill in secure mode (full 38 wipes with random data) was going to quite literally take a couple of weeks to complete on my 1TB array. I think it had only completed something like 36GB after 24 hours. So I decided to abort it and go with a couple variations of the less secure options:
sfill -l -v -z /c/ sfill -f -l -v /c/
These took several hours each but at least hit the entire array with a few overwrites.
I did also erase the swap space using sswap as follows: Identify your swap partitions
