5

There are already several posts here discussing the specificities of magnetic hard disks and SSD and how to properly wipe their content:

  • With magnetic disk a complete overwrite of the disk content is the way to go, even like several over-writing following some defined patterns (a character, its complement, then random characters) was the historical preferred way even if it may be less sensible nowadays,
  • SSD has different properties making overwriting being not only less reliable but also harmful for the disk itself, so the best option remains using manufacturer's SecureErase feature.

What about wiping rewriteable optical media data?
How to securely erase rewriteable CDs and DVDs content before reuse?

A discussion on SuperUser mentions using a simple erase using any computers CD/DVD writer. Would this really erase all data present on the disk and not, for instance, act as a basic HDD reformat and limit itself to remove only some table of content while keeping the actual disk data readily available?

Community
  • 1
WhiteWinterWolf
  • 19,082
  • 4
  • 58
  • 104
  • 2
    As for CDs and DVDs why not use a shredder? – Jeroen Jul 19 '15 at 13:11
  • Microwave oven. You can't just a regular writer to wipe non-rewritable discs – Natanael Jul 19 '15 at 13:35
  • @Jeroen-ITNerdbox That's why I mentioned "reuse" in my question ;). I was surprised to find the use of a computer CD writer as one of the proposed method to destroy disk content in the linked article, and figured out that I was not sure what was going on when an optical disk content was being erased (as opposed to magnetic HDD were there is a clear distinction between low-level and quick formatting for instance). – WhiteWinterWolf Jul 19 '15 at 13:35
  • @Natanael I'm talking only about rewriteable media in this question, I would not dare to try to "reuse" a non-rewriteable disk ;) ! I'm mainly wondering if the "erase" functionality proposed by CD-Rom burning software just remove some table of content (comparable to HDD quick formatting) or go through all the disk to delete all stored data (comparable to an HDD low-level formatting or a `dd if=/dev/zero of=/dev/mydevice`). – WhiteWinterWolf Jul 19 '15 at 13:41
  • @WhiteWinterWolf: Ahh, read it properly this time. Sorry! :) – Jeroen Jul 19 '15 at 13:50
  • @WhiteWinterWolf if the section with the data you want to wipe is writable, just overwrite it. – Natanael Jul 19 '15 at 13:50

2 Answers2

2

The DoD 5220.22-M document, which is often allegedly "quoted" for describing the 3-pass wiping on hard-disks, distinguishes the two following situations (see section 8-301):

  • Clearing. Clearing is the process of eradicating the data on media before reusing the media in an environment that provides an acceptable level of protection for the data that was on the media before clearing. All internal memory, buffer, or other reusable memory shall be cleared to effectively deny access to previously stored information.
  • Sanitization. Sanitization is the process of removing the data from media before reusing the media in an environment that does not provide an acceptable level of protection for the data that was in the media before sanitizing. IS resources shall be sanitized before they are released from classified information controls or released for use at a lower classification level.

Sanitization will therefore very often lead to the media destruction. However, here in this post we are merely focusing on clearing.

I will share below my few findings on the subject.

Data deletion is handled by the disk writer, not the software

Disk erasing is somewhat similar to HDD's SecureErase feature mentioned in the question. Indeed, when asking a software to erase a disk, all it will do is send an ATAPI BLANK message to the disk writer's firmware, and it will be up to the firmware to handle actual data erasing and send back the operation result to the software.

However, unlike the SDD, I did not encountered any information leading to think that some writer may be more or less efficient than other to erase a rewriteable disk content.

There is two level of erasing

Some writers actually allow even more fine-grained data erasing, like per-track erasing, but as per our concern it is very interesting to note that they propose at least two erasing level:

  • A quick erase, used by default when erasing a disk, will only delete the disk's Table Of Content (TOC) and a few other related information, but the data themselves will remain on the disk. It seems very similar to a quick HDD formatting. I also strongly suspect that a lot of end-user software may only propose this mode.
  • A full erase will take a long longer since the software will instruct the firmware to go through all the disk surface to erase all data from it to turn back the disk into pristine state.

Full disk erase are efficient

My few searches did not point out any weakness to a rewriteable disk full erase. On the contrary, all forensics vendor I went through seem to limit efficiency of their products (whether it is software or hardware) to quick-erased disks.

While from a pure theoretical point-of-view one may still imagine some tiny weakness exploitable by a large and well-founded organization, as a reminder we are here in the scope of data clearance and not sanitization. For clearance goal, a full disk erase is therefore fine, the trick being to not mistakenly use a quick erase where, on the contrary, the data could be retrieved relatively easily.

How to proceed

On Unix platforms, a full disk erase can be achieved using the cdrecord tool. It can be used the following way:

cdrecord blank=all dev=/dev/scd0
  • blank=all: to be opposed to blank=fast, this the actual argument which will initiate the full disk erase process,
  • dev=/dev/scd0: to indicate the path to your disk writer device,
  • -force: this usefull parameter can be added to allow cdrecord to use "some tricks" which may allow to erase a disk which would not be erasable otherwise (damaged disks for instance). cdrecord manpage.
Community
  • 1
WhiteWinterWolf
  • 19,082
  • 4
  • 58
  • 104
0

You could use wodim to detect all CD/DVDROM drives:

# wodim --devices

Then create a mount point:

# mkdir /media/cdrom

Mount the drive:

# mount -t iso9660 /dev/scdX /media/cdrom

where scdX is the drive you want to erase. Erase the data:

# shred /media/cdrom/*

and unmount the device:

# umout /dev/scdX
Sebi
  • 1,391
  • 9
  • 16
  • 1
    Thanks for the suggestion, however are you sure that `iso9660` can be mounted read-write? Personnally I do not think so... (same [here](https://www.redhat.com/archives/redhat-list/2000-November/msg01628.html), [here](https://lists.debian.org/debian-user/2003/09/msg02346.html) and [there](https://www.linuxquestions.org/questions/linux-general-1/mount-iso-rw-625621/)) – WhiteWinterWolf Jul 19 '15 at 20:03
  • 2
    You're right, iso9660 is a write once read only file system. Other CD file system formats are described here:http://www.osta.org/technology/cdqa2.htm – Sebi Jul 19 '15 at 20:09
  • If the disk is mounted read-only, then the `shred` command will systematically fail, won't it? And therefore this method is not usable, is it? (unless of course we do not deal with standard ISO disks, but this may sound a bit far fetched...) – WhiteWinterWolf Jul 22 '15 at 17:40
  • Yes, as the file format is read only. It will work on a writeable format though(udf for example). – Sebi Jul 22 '15 at 19:07
  • 2
    UDF implements [wear-levelling](https://en.wikipedia.org/wiki/Wear_leveling) to increase the disk lifespan, therefore when you "shred" the file, you do not actually rewrite any data since free blocks will be used for the write operations, leaving the original data intact on the disk. So file shredding on such file system has no effect. – WhiteWinterWolf Jul 23 '15 at 08:06