Totally erasing pc before reinstalling Op.System?

added question(sorry but although I am learning many things, I ignore many others!)

Noting that I am not versed in these subjects after running DBAN on any PC laptop or netbook, will installing Windows be as easy as inserting CD and wait? I have been Reading some reports of people supposedly having problems after DBAN erasing some partiton tables needed to install Windows. roll

I guess we need some disambiguation.
Truecrypt can do (mainly) two things
http//www.truecrypt.org/

1. encrypt a (existing) volume (please read as primary partition or logical volume inside extended that would get a drive letter assigned BEFORE and independently from using Truecrypt) -> "real" volume
2. create an encrypted container (that will later behave as if it was a volume and get a drive letter ONLY through Truecrypt mounting) -> "virtual" volume (or container)

[/listo]

If #1, the WHOLE disk area corresponding to the volume is encrypted.
You don't need (or want to) wipe ANYTHING on a disk that hosts such "real" volumes.
If #2, the disk area corresponding to the container file is "allocated" by the Truecrypt container, then anything outside such containers may contain "slack space", old data, or "whatever", but not the areas allocated to these containers (actually they may, but that content will be as encrypted as the rest).

Anyway I am completely losing (if I had ever understood it) what your actual goal is.

You plan to re-sell a PC and/or an hard disk?
Just wipe the whole disk and - if needed - reinstall the OS.

What is the scope of cleaning the unallocated data inside an encrypted "real" volume? 😯
(that data is anyway encrypted)

What is the scope of cleaning the unallocated data on a disk outside one or more "virtual" encrypted volumes (containers)?
(if you plan to re-sell the hard disk, you will - I hope - also delete the containers, and thus you are with a "normal" hard disk" that you can wipe entirely)

c. Then, a wiping made on an external HDD or USB stick using a software as sdelete or any similar software not run by commands will be AS SECURE as that wiping performed on a laptop or PC,s HARD DRIVE Operating System run, using DBAN? Have both the same security level?

Sorry but this makes NO sense to me.
I will try again

1. writing (once) a 00 is enough to make sure that only that 00 is read EVER.
2. the tool you use to write that 00 is utterly irrelevant, you could use a hex editor and type 00 for a few hundred years and you would have in the end exactly the same result.
3. the ONLY discrimination is then WHERE these 00's are written, i.e. the extension of the area on which these 00's are written.

[/listo]

The ATA secure erase provides means to write them 00's EVERYWHERE.
The DBan (or similar software which BTW may have more than a single "operation mode") can write them 00's ALMOST everywhere.
The Sdelete (or similar) can write them 00's ONLY on SOME limited areas of the disk that the filesystem has "unallocated".

If you just read the actual sdelete page
http//technet.microsoft.com/en-us/sysinternals/bb897443.aspx
you should be able to understand how in order to "zero free space" TWO relevant factors are involved

1. trusting the filesystem structures
2. interpreting correctly the data in it

[/listo]
Sdelete, having being written by one of the most famous Windows developers (that used to have his own firm and that was later "bought" by MS, Sysinternals) has obviously a very good reputation, and anyway it simply cannot delete securely some of the info (name of files/folders previously normally deleted).
Would you prefer, seen the complexity (and theoretically the delicacy) of the matter, trust blindly an unknown (possibly very good programmer, Author of a nice GUI app, with all the bells and whistles you may think of) or open a command prompt and in it type (example, replace "D" with the whatever dirve letter you want to wipe the free space on)
sdelete -z Dand press the [ENTER] key?

How hard can it be?
http//en.wikipedia.org/wiki/Top_Gear_challenges#How_hard_can_it_be.3F
Consider that you are basically entering a (say) pub frequented by professional engineers/mechanics and car enthusiasts and asking them to suggest a way to completely disassemble (and reassemble) an engine without using spanners, nor screwdrivers or socket wrenches because you are not familiar with those tools.

jaclaz

1. the first point I asked for is regarded to #2Creating an encrypted container. When you delete files into that container, I asked if free space left by those files can be wiped, so in the case anyone could access your password and mount the volumen, can´t find old files.

2. question 'c' was referred to the main subject of ths thread, that is I have understood that, for a HDD run by an O.S, (i.d. the HDD on a computer) for a secure wipind reaching all zones where an O.S can Access, is booting with DBAN. Then I asked if a single, 1, 0s pass type wiping, performed by any of the software doing that -Privazer, Ccleaner etc- and running from the O.S, is in this case similarly effective as when you perform if outside the O.S with DBAN.

3. The ATA secure erase although I am pretty sure it is the fast way(and you told me that such an highly level perhaphs wouldn´t be necessary for me), is very difficult to perfom by me as I haven´t knowledge enough and I have read that, if not done properly you can ruin the HDD.

4. I know that sdelete is made by one of the most renowned developers. However, I asked if you know other software not run by commands, which is also reliable for wiping external HDDs and other USB devices.
5.Finally, I would like to know if, once the OS run drive is totally DBAN wiped, all will be as easy as a CD, Windows install, althought DBAN had wiped partition tables? thanks

I missed again the main point of '2' I was referring again to an external device(I have one to sell or give to a charity organisation).

1. the first point I asked for is regarded to #2Creating an encrypted container. When you delete files into that container, I asked if free space left by those files can be wiped, so in the case anyone could access your password and mount the volumen, can´t find old files.

Sure it can, as a matter of fact it should (though of course it would be smarter to use sdelete for deleting files inside the container since the beginning, if you are paranoid about this), though of course if an attacker/nosy guy can manage to decrypt that volume you are pretty much pwned
http//www.rationallyparanoid.com/articles/truecrypt-sleuth.pdf

2. question 'c' was referred to the main subject of ths thread, that is I have understood that, for a HDD run by an O.S, (i.d. the HDD on a computer) for a secure wipind reaching all zones where an O.S can Access, is booting with DBAN. Then I asked if a single, 1, 0s pass type wiping, performed by any of the software doing that -Privazer, Ccleaner etc- and running from the O.S, is in this case similarly effective as when you perform if outside the O.S with DBAN.

Let's make an example.
Let's say that you have a disk (internal disk inside the PC from which you boot) with two volumes (or partitions) on it
C\
D\
Let's say that Windows is installed to C\.
From the Windows installed on C\ you can run a wiping app ONLY on D\ BUT YOU CANNOT do so on C\ (nor - obviously - on the whole disk).
Dban (like any other wiping software run when a "second" OS is loaded, as an example from a CD or USB stick) can wipe

• the whole disk

OR

• ALL volumes in it

If it is an external hard disk (and the OS is not booted from it) then of course you can access the "whole" disk and/or each and every volume in it and wipe it alright, but you already have the need for a self-standing tool (let's say DBAN), so why not using it also for the "external disk" as well ?
One tool -> two uses sounds to me better/faster/easier than two tools -> two uses.

3. The ATA secure erase although I am pretty sure it is the fast way(and you told me that such an highly level perhaphs wouldn´t be necessary for me), is very difficult to perfom by me as I haven´t knowledge enough and I have read that, if not done properly you can ruin the HDD.

Well, the chances of "ruining" a hard disk are actually remote, but of course anything, if done not properly may have adverse consequences.

4. I know that sdelete is made by one of the most renowned developers. However, I asked if you know other software not run by commands, which is also reliable for wiping external HDDs and other USB devices.

I know tens of softwares designed to wiping external hard disks and other USB devices, what I desperately tried to convey to you and evidently failed is that it is easy and trivial to wipe a whole disk or a whole partition, and as such any and all "disk wiping" and "volume wiping" tools may be considered "reliable", BUT when it comes to deleting unallocated or "free" space the matter becomes much more delicate and even sdelete does not (cannot) completely wipe any and all informations.
Here is a short list of related software
http//pcsupport.about.com/od/toolsofthetrade/tp/free-data-destruction-software.htm
Most probably, if you want an "easy" windows tool you should go for Eraser.
Just like DBAN, Eraser offers a whole lot of unneeded and potentially dangerous for the wealth of the hard disk "wiping methods", but it should have also a "plain" zero write.
Do I somehow endorse it? No.
Do I support the perpetuation of the myth of the several passes? No.
For me a plain dd with 00's is more than enough, or - as another example - killdisk, which the good guy at pcsupport.about.com ranks "low" 😯 (yet another contribution to spreading the myth)

The reason I ranked KillDisk so low is that the free version only supports the write zero method of data destruction and only one pass at that.

5.Finally, I would like to know if, once the OS run drive is totally DBAN wiped, all will be as easy as a CD, Windows install, althought DBAN had wiped partition tables? thanks

Think a bit about this.
When you buy a brand new hard disk, what does it contain?

1. Dante's Divina Commedia in PDF 😯
2. A partition table ?
3. all 00's

[/listo]
What happens if by mistake the partition table (or the whole MBR ) is deleted?

1. the hard disk is ruined forever
2. in most cases the partitions or the data in them can be recovered and anyway a new OS can be reinstalled
3. since I don't care about the data the OS can rewrite the MBR code and a new partition table and be reinstalled alright

[/listo]
Give yourself a point corresponding to the answers number.
If you get less than 5 points you failed the test wink .

jaclaz

Anything BUT a SINGLE (ONLY ONE or ONCE) pass with 00's is enough.
Doing more than a single pass on the same area is unneeded.
Using more than one program to write 00's on the same areas is foolish.
Once a byte is set to 00, it is set to 00, and remains set to 00.
/quote]

Thank god someone has realised !!!!

But also factor in the time…. 00 a 1TB or 3TB hard drive…

But also factor in the time…. 00 a 1TB or 3TB hard drive…

And not only time, factor in "stress".

Talking of software solutions, let's say a plain dd, a fastish SATA 3 may allow (if you are lucky, have a good controller and what not) 120÷130 Mb/s, i.e. hopefully a 1 TB disk should "go" in something more than 2 hours, but it is more likely (when it comes to selling old hardware, the hardware is old wink ) that as much as 6 hours are needed.
For a USB 2.0 connected disk, it may take as much as 12 hours.

(on perfectly working disks, with no "slow sectors" or the like)

Now consider how writing all 00's is most probably faster than generating specific or random patterns, but let's forget about this and multiply those times by 2,4, 7 or 35!

A disk being run in continuous write operations for several hours is however, in my experience, useful to cook eggs (to remain in terms related to cryptography/security, scrambled eggs) 😯 .

jaclaz

I subscribe to the belief that one pass of 0x00 is good enough and besides, like jaclaz said, for 1TB or larger drives one pass take a VERY long time.

I like dban and use it often. It will wipe multiple drives simultaneously given a PC with enough controllers and ports. Version 2.2.7 will detect and wipe USB attached drives.

Nobody mentioned another program to wipe a non boot drive. If you have a machine with Windows Vista or higher you don't need to buy, download or install anything. The long format in Windows, GUI or command line, writes 0x00 to each sector before formatting, see http//support.microsoft.com/kb/941961

TonyC

Nobody mentioned another program to wipe a non boot drive. If you have a machine with Windows Vista or higher you don't need to buy, download or install anything. The long format in Windows, GUI or command line, writes 0x00 to each sector before formatting, see http//support.microsoft.com/kb/941961

TonyC

Really? roll

There are 4 "options"

1. Entire disk
2. Parts of the entire disk accessible by software (\\.\PhysicalDrive)
3. Parts of the disk accessible as "volume" (please read as "drive letter" or \\.\LogicalDrive)
4. Parts of the disk not used by files and filesystem.

[/listo]
#1 is "most secure" BUT unneeded in most cases.
#2 is "secure" BUT unneeded in most cases.
#3 is "secure enough" (and corresponds to running FORMAT on the volumes without the /q switch in recent - since Vista - Windows)
#4 is "largely insecure" because it only relies on the "wiping software" capabilities and features, but still it might be "secure enough", as long as it is a "good, reliable" software and if it doesn't "botch"anything.

😉

jaclaz

jaclaz,

Yes, really. The KB Article I reference documents it for Vista. I discovered it as a result of some testing I did on Vista (when Vista was the current version of Windows). Some months after I did my testing I found the KB article that officially documented it.

I have not personally tested Windows 7 but I have been told by a couple of other forensic analysts that they have and the long format wipes the drive.

Seems to be something that is not well known. I try to mention it forensics analysts and data recovery specialists every chance I get. When I do, they usually look at me like I have 2 heads. I point them to the KB and suggest they do their own test.

TonyC