FL11 - Securely Erasing, Accessing and Dismounting a Macintosh Partition (11-January-99)
Q: I have heard that data from an erased volume can be easily recovered. I am concerned about the confidentially of the data on my disk, and am trying to write code to securely erase the contents of a Macintosh disk partition (and automatically re-initialize it as a Mac OS volume). I plan to write zeros into the data a number of times, but I am not sure how to gain write access to a partition in some absolute manner from the start to end. How can I accomplish this?
A: The first piece of advice I have for you is that the best way to ensure that data stays confidential is to never ever write to a disk in clear-text. The best solution is to use something like PGPdisk to encrypt information automatically before it gets written to disk.
The other thing you need to consider is that simply writing an alternating pattern of zeros and ones to a disk is no longer sufficient to "securely erase" a drive. The recent research on the behavior of erase bands of magnetic media recording and the availability of magnetic force microscopy for the analysis of magnetic media suggests the feasibility of a recovery attack on erased data. Further, it has been suggested that the media sanitization guidelines might also be inadequate for the magnetic encoding scheme used by modern disk drives. Knowing what pattern to write is a science in itself. I suggest you read Peter Gutmann's paper, "Secure Deletion of Data from Magnetic and Solid-State Memory", for more information on this subject.
Assuming that you do have a pattern in mind, the best way to erase the Mac OS volume is to access the partition itself through the disk driver. Once you know the disk driver's refnum and the length of the volume, you can simply make low level
Your first step is to familiarize yourself with the data structures used in the Mac OS file system, which are all documented in Inside Macintosh: Files and Devices.
You might also consider breaking into MacsBug and typing the '
What your code needs to do is as follows:
You should find that accessing the partition with the device manager is very simple, but I also warn you (from experience) that writing this kind of code can be risky. Make sure that you do your development on a machine other than your everyday production machine; otherwise, you risk losing your own important files. Be careful.