Data Protection

For Donors:

Bristol Wireless endeavours to ensure that original data from donated hard disk drives is irrecoverable as far as practicably possible.

Our policy is to wipe machines on receipt to ensure there is no easy way to access the data using a variety of commonly accepted freely available techniques for overwriting random data to used drives.

The Bristol Wireless Management Committee (currently in the person of our Company Secretary) seeks to include fully trained and accredited data protection staff, who can advise and direct our Data Protection Policy.

Alex Butcher, one of our active contributors, writes :-

"First of all, with modern disk recording schemes, a few passes with random data (e.g. for i in 1 2 3; do dd if=/dev/urandom of=/dev/hda bs=512; done) is about as good as you get without bypassing a drive's on-board electronics or knowing precisely how the data is recorded on the disk (See the epilogue of http://www.cs.auckland.ac.nz/pgut001/pubs/secure_del.html ).

(E)PRML has been used in commodity drives since at least 1998 (when I bought a 6GB IBMdrive which used EPRML). As I understand it, the utilities for wiping classified information to the satisfaction of CESG are aware of the design characteristics of each model of drive that they are able to wipe, and use specially-created patterns to minimize the ability to recover old data.

Quite honestly, though, unless the data is important enough that the original user is worried about someone ripping open the drive and laboriously examining the magnetic domains on the platter with an electronmicroscope, even 'dd if=/dev/zero of=/dev/hda bs=512' is probably good enough (and much better than both fdisk'ing or using the DOS/Windows FORMAT command)."

However, if we are donated systems from organisations with a security classification on their network, or if requested, we would endeavour to sanitise disks using a CESG approved software package such as Blanco ( http://www.blancco.com/ ). A charge for expenses may be levied for this service.

If you have any questions or anything to contribute about any of the above, then please feel free to contact us; we are always seeking to improve our practices and share knowledge in this area.