root kit

Chip Fetrow tacos at fetrow.org
Wed Aug 3 21:46:29 CDT 2011 

Rob's answer is correct (of course), and he is many yards ahead of me  
in IT stuff, but I do believe there is more to be said.

In the days of DOS, Format really meant something.  It was a real disk  
format, it ignored what was on the disk, and it bombed everything on  
the disk.

Today, that is not so.  That "low level formatting" is mostly not  
available.  Today it is "high level formatting" which mostly just sets  
up the file system in Windoz.  A high level format does NOT remove  
your data.

I am no expert, so I suggest you read:

http://en.wikipedia.org/wiki/Disk_formatting

Plus there is a lot of other information on both Wikipedia and on the  
Errornet.

The bottom line is that unless you use something like DBAN, the disk  
is not "erased."

Frankly, it is so bad that I won't throw out hard drives.  I will  
disassemble them then pour freon into them, which removes the magnetic  
surface from the platters.  Rob tells me there is a place where you  
can take the drives and actually watch them shred them.  Both are  
good, and the shred method is more enviornmently friendly.

Today, drives are nearly free, so I don't see the point in attempting  
to use used drives from outside sources.  Just drop them off for  
recycling and install new drives.

I bought two 500 GB 2.5 inch drives that failed EARLY.  It was when  
they were very new, and bleeding edge technology.  I COULD have  
returned them for warranty replacement, but I had no way to clean them  
-- thus, they are sitting on a shelf waiting to be destroyed.  My  
privacy is more important than the cost of the drives.

--chip

On Aug 3, 2011, at 11:53 AM, tacos-request at amrad.org wrote:

> Message: 2
> Date: Wed, 03 Aug 2011 08:55:53 -0400
> From: "Robert E. Seastrom" <rs at seastrom.com>
> To: Robert Stratton <bob at stratton.net>
> Cc: tacos at amrad.org, Alex Fraser <beatnic at comcast.net>
> Subject: Re: root kit
>
> DBAN is your friend.  http://www.dban.org/
>
> -r
>
> Robert Stratton <bob at stratton.net> writes:
>
>> That will work for most of them, as long as you take care to  
>> overwrite the Master Boot Record, as many hide in there these days.  
>> If I were going to try that, I'd do the reformatting from a  
>> computer booted off of read-only media, like a "live CD."
>>
>> It is not certain however as there's at least one proof-of-concept  
>> of a rootkit that survives disk wipes.
>>
>> http://www.tomshardware.com/news/bios-virus-rootkit-security-backdoor,7400.html
>>
>> --Bob S.

More information about the Tacos mailing list