#32 HPA and bad sector overwrite support requested

[Markus Jansson]

OK, so DBAN does not wipe Host Protected Area, because
some hdd creators want to store some lame recovery data
on it. But I dont see the point on not-wiping this
area, since if you are going to nuke the disk, you want
to really nuke the disk, not just wipe some dust out of
it. :) Maybe it should be an optional choice?

Also, from what I understand, DBAN does not wipe bad
sectors either. This is pretty, forgive me, stupid. As
an anecdote, a friend of mine discovered that he had
sensitive data stored in hes hdd:s "bad sectors". I
understand that it might require some extra tweaking to
do and to get into the low-level stuff, but Blancco for
example does that without hassle (but its commercial
product). Wiping of bad sectors is, in security
perspective, very important and this is something that
should be implemented quickly.

Third thing that I want to nag about ;) is the fact
that DBAN does not wipe remapped sectors either. As
sayed above about bad sectors, it applies here too.
Make it compulsory too.

(Personally, if I want to use DBAN, Im pretty sure that
I want that hdd totally nuked off. I dont care about
recovery data, I dont care if I have to run checkdisk
to rediscover bad sectors, and I dont care if there are
some remapped sectors or other voodoo-magic on the
disk. I want it gone. All. Period. And I belive that
most other people want that too. Besides, if I get bad
sectors in my hdd, I usually dump that hdd because it
has become unreliable and can break totally anytime
soon...but I would not like to dump that hdd without
first being able to WIPE it properly.)

Cheers, and I hope you can share some comments, etc. :)

[Chubbypants]

Logged In: YES
user_id=1535795

Hi

Thanks Markus for the warning, this has been a surprise to me.

I totally agree with the original post here. I always thought that DBAN wiped everything on a chosen drive. The fact that it doesn’t has come as a bit of a shock to me. I don’t believe many people are aware that DBAN doesn’t completely wipe the drive.

Please could there perhaps be an option to wipe these areas ? I would think many people would appreciate the option to completely wipe their disks as opposed to a partial wipe.

Great, I see there is a new release of DBAN ! Could the new feature to totally wipe a disk including HPA, bad sectors and remapped sectors please be added before this new version leaves BETA ?

Thanks Darik for your work, its still a great program !

[Darik Horn]

Logged In: YES
user_id=560878

Changes to HPA handling will not happen in the DBAN 1.0
release series. The DBAN FAQ explains the design decision.

HPA handling may be exposed as an option in the DBAN 1.1
release series.

DBAN does indeed wipe bad sectors that are exposed by drive
firmware. Accessing bad sectors, which get remapped by
modern hard drives, requires an intimate understanding of
the drive firmware.

Implementing support for the ATA SE command is on the
development schedule.

The post by Markus is an advertisement for a commercial
software product, not a legitimate warning. The forums have
been getting a lot of this astroturf chatter since DBAN
began dominating the market.

[Chubbypants]

Logged In: YES
user_id=1535795

Hi Darik !

Thank you for your prompt reply ! I am pleased to learn from you that DBAN does indeed wipe the bad sectors of a drive, phew ! I am also very pleased to learn that there is still much work being done on DBAN. I was starting to worry that things had died down a bit and you may have lost interest. Thankfully you still seem as keen as ever.

To be honest I didn’t realise that the original post was an advertisement. I understand this must be a problem for you. Mind you though I don’t believe many “truly” security minded people will ever swap free and open source software for commercial closed software. DBAN will always be the secure deletion software for the pro !

Actually, I have just done a quick search on Markus and as a quick personal opinion / guess I don’t believe he was actually meaning to advertise as he seems to be an open source advocate. I do however think he was wrong to name a commercial product in his post. Also it may have been better if he had asked about the points he made on your forum before posting a kind of warning message.

http://www.cipherserver.com/phpbb2/viewforum.php?f=6&sid=d972d3d2ee7dc6f26d836ecb5c987263

Thanks again Darik for the cool software and reassuring reply. I have read a few of your posts on your forum and I am pleased to see that there is a very lively and full “development schedule” or wish list. Please keep up the great work as it really makes a positive difference to people’s security.

Cheers.

[stromdal]

Logged In: YES
user_id=1713793
Originator: NO

Greetings Darik, and thanx for a great piece of software. I do, however disagree with your not-wiping-HPA policy, primarily for two reasons:

1. The HPA is a popular place to hide rootkits. If a rootkit has invaded your computer, most sysadmins will tell you that there's nothing to do but a total reformat and reinstall. This is, in many cases, not true. That is: a reformat/reinstall will not help, since the rootkit is hiding in the HPA. I was looking to DBAN to solve this problem, so naturally, I am somewhat disappointed by finding that a HPA wipe is not possible.

2. When adding HPA wipe you should, in my opinion, make the HPA wipe default, with possibility to omit by choice. Any user sufficiently knowledgeable to use DBAN will know whether or not HPA contains any rescue material.

Also, I understand that "accessing bad sectors, which get remapped by modern hard drives, requires an intimate understanding of the drive firmware", but perhaps a warning about DBAN not wiping bad sectors should be displayed on the main page? Perhaps a "Limitations" section where the limitations of DBAN is disclosed?

[Darik Horn]

Logged In: YES
user_id=560878
Originator: NO

> Any user sufficiently knowledgeable to use DBAN will know whether or not HPA contains any rescue material.

No, based on our support traffic, you are very incorrect. I estimate that less than 1% of DBAN users know the purpose of the HPA. You are the atypical user.

HPA wiping will likely be enabled in the next beta, but it will be disabled in the release if I get too much support chatter.

> but perhaps a warning about DBAN not wiping bad sectors
> should be displayed on the main page?

No, DBAN already fails disks with exposed bad sectors.

Futhermore, remapped sectors are generally inaccessible without talking directly to the drive firmware or issuing a pre-specification ATA command, which is a limitation suffered by all software products.

> Perhaps a "Limitations" section where the limitations of DBAN is disclosed?

What "limitations"? You must qualify this statement.

[Darik Horn]

Logged In: YES
user_id=560878
Originator: NO

> I realize you’re doing this on your own time

I now get paid to work on DBAN and its related projects. The project has sponsors now.

> To me, these two are serious limitations.

Again, regarding the default setting of the HPA option, you are not the typical user. DBAN is intended for people cannot make this choice. My current opinion is that the inconvenience, frustration, and distress caused by removing rescue materials from the HPA currently outweigh the risks of leaving a buried rootkit intact.

However, like I said previously, I am testing my opinion and will revisit the decision later.

Ultimately, if you care about this issue enough, then buy an EBAN license or recompile DBAN with the default behavior that you want.

Furthermore, if you can provide an example of a competing product that handles remapped sectors to your satisfaction, then I will add the same behavior to DBAN, or I will advertise the deficiency more prominently in the product documentation.

[stromdal]

Logged In: YES
user_id=1713793
Originator: NO

> distress caused by removing rescue materials from the HPA currently outweigh the risks of leaving a buried rootkit intact.

I suppose a reasonable compromise would be including the feature but leaving it default disabled, allowing experienced users to wipe the HPA while not ruining the day for novice users.

> Ultimately, if you care about this issue enough, then buy an EBAN license or recompile DBAN with the default behavior that you want.

Since I'm a tin-foil clad private user with ambitions rather than money, I don't have the luxury of paying > $1500 for _any_ software. Recompiling DBAN might be an alternative, but my programming knowledge is limited, so unless the behavior already is in the source code and just needed to be included in the compile, I won't be customizing the SW myself any time soon. The HPA problem is one thing, I might figure that one out for myself, but the bad sector problem is way out of my league.

> Furthermore, if you can provide an example of a competing product that
handles remapped sectors to your satisfaction...

Since the original poster got stamped as an astroturfer I hate to repeat his words, but since he named a specific product, I looked it up.

From the Product Sheet of the "Lite" product ($19):
"Key Features
* Erasure of locked/hidden sectors such as DCO, HPA and remapped sectors"

So it would seem like the original poster was correct. At 19$ it's certainly obtainable. The downside is of course that the program is closed source.

Anyway, thanks for replying, and I hope to see at least an HPA wipe option in the future.

Cheers!
/stromdal

[Darik Horn]

Logged In: YES
user_id=560878
Originator: NO

> Since the original poster got stamped as an astroturfer I hate to repeat
> his words, but since he named a specific product, I looked it up.

If you have ambition and tinfoil, then purchase this product, test it to discover whether the bill matches the goods, and publish the results.

In this software market, none of the customers that matter will publish the results of their in-house product trials or give product endorsements. You will become famous (for a small value of 'famous') in the security community if you do a formal study, and I will link to it even if the results for DBAN are unfavorable (if your testing methodology is kosher and reproducible).

Places to start are:

* Wipe a big 250 GB IDE disk in a 486 computer or a 586 computer with a bad BIOS. This will eliminate all but four or five products. (Products that use a Microsoft runtime or other proprietary platform do poorly.)

* Wipe disks with exposed bad sectors and then peek through the disk with a hex viewer. Most of the consumer grade products will report a false positive and leave data intact. (Consumers get angry when bad media is reported as such.)

* Wipe a disk with a bad firmware implementation, like one that reports a bogus block count or has an odd sector count. (This disks can be difficult to find.)