Category Archives: [:ja]パソコン[:en]Personal Computer[:]

The DoD5220.22-M (U.S. Department of Defense) method of erasing data from a hard disk.


This is a method to erase data from a hard disk.

The DoD5220.22-M (U.S. Department of Defense) method

This is a method to write 0, 1, and random numbers to the entire HDD. A total of three writes are performed.

This is the initial version of DoD5220.22-M, and a different guideline has been created now.

History

In , the first version was issued. This version specified a procedure to overwrite data on a hard disk drive (HDD) with zero and one patterns three times. This became known as the DoD 5220.22-M sanitization method.

In , the Department of Defense designated the DoD 5220.22-M ECE sanitization method as an extension of DoD 5220.22-M. This method required seven overwrite passes.

In , the latest version of DoD 5220.22-M was issued. In this version, the overwrite pattern was no longer specified as a data erasure method for HDDs. Instead, other sanitization methods such as erasure, degaussing, and physical destruction were recommended.

In , DoD 5220.22-M was revised. In this version, the sanitization method guidelines were updated to accommodate new technologies such as flash-based storage and mobile devices.

In , the Department of Defense stopped referring to DoD 5220.22-M and instead complied with the media sanitization guidelines of the National Institute of Standards and Technology (NIST SP 800-88).

Commands

In Linux, you can use the dd command to delete data.

Write 0

  • dd is a command to copy data¹.
  • if=/dev/zero specifies /dev/zero as the input file. /dev/zero is a special file that outputs zeros indefinitely.
  • of=/dev/sdb specifies /dev/sdb as the output file. /dev/sdb is a device file for hard disks, USB memory, etc.¹.
  • bs=4096 specifies 4096 bytes as the block size. The block size is the unit of data to read and write at a time.

This command copies zeros from /dev/zero to /dev/sdb in 4096-byte increments, overwriting and erasing the data on /dev/sdb.

Confirm

Check the beginning of the disk

Displays the first 512 bytes of the device such as a hard disk or USB memory in hexadecimal.

  • dd is a command to copy data.
  • if=/dev/sdb specifies /dev/sdb as the input file.
  • bs=512 specifies 512 bytes as the block size.
  • count=1 specifies 1 as the number of blocks to read. This reads only the first 512 bytes.
  • hexdump -C is a command to display the data received by the pipe in hexadecimal and ASCII code. -C is an option to display the hexadecimal and ASCII code in columns.

From this result, you can see that the beginning of the hard disk is filled with zeros.

If you specify of=output.bin or something like that as a parameter of the dd command, you can write the first 512 bytes to the output.bin file.

Check the end of the disk

Displays the last 512 bytes of the device such as a hard disk or USB memory in hexadecimal. This command passes the value obtained by subtracting 1 from the total number of sectors of the hard disk to skip and reads only the last one block.

  • As mentioned earlier, dd is a command to copy data.
  • if=/dev/sdb specifies /dev/sdb as the input file.
  • bs=512 specifies 512 bytes as the block size.
  • skip=(((blockdev --getsz /dev/sdb) - 1)) specifies the number of blocks to skip
    • blockdev --getsz /dev/sdb is a command to get the total number of sectors of the hard disk.
    • $(()) is a notation for arithmetic operations.

Write 1

  • tr is a command that converts characters.
  • '0', '377' convert the input characters from \0 (0 in octal) to \377 (255 in octal). This converts 0 bits to 1 bits.
    • ((3 x 8) + 7) x 8 + 7 = 255
  • < /dev/zero specifies /dev/zero as the standard input source.
  • > /dev/sdb specifies /dev/sdb as the standard output destination.

This command reads 0 from /dev/zero, converts it to 1 in tr, and converts it to 1 in /dev/sdb By continuing to write , the data in /dev/sdb will be overwritten and erased.

Confirm

I checked it just like when I wrote 0.

Check the beginning of the disc
Check the end of the disk

Write random numbers

Reads random data from the device /dev/urandom and writes it to /dev/sdb.

Using /dev/urandom takes longer than using /dev/zero. This is simply because generating random numbers takes time. /dev/urandom generates random numbers from environmental noise (device related conditions such as mouse, keyboard, etc.).

Confirm

I checked it just like when I wrote 0.

Check the beginning of the disc
Check the end of the disk

Managing test specifications with Git: Creating Excel from Markdown


Are you writing a test specification?

There are various ways to write test specifications, such as making them as test specifications or as test code, depending on the company. I think it is common for large, historical companies to create test specifications in Excel files. When editing by multiple people, I think it is also common, at least in Japan, to use suffixes such as _latest, _latest_20230103, _latest_5 to manage versions.

I would like to know the best practices for handling Excel files, but I have no good idea at the moment, so I decided to use a program to make the differences visible in a Git repository and manage them.

However, if you put the Excel file directly into Git, the difference lines are not clearly displayed. TortoiseGit and other tools will also show you the difference, but can you make pull requests and comments there? You usually see the difference on the web page of the repository anyway. And CSV is also a bit unsatisfactory. There are tools that can edit CSV in table format like spreadsheet, but the diff display of the repository should be a simple character-delimited text, which is not easy to read. So, I thought about managing test cases in Markdown. If you can manage it in text, you can also use *nix commands. You can write test cases even if you don’t have Excel, and if you can convert it to Excel, no one will have any trouble. (The tool I used can also convert to CSV, TSV.)

Continue reading Managing test specifications with Git: Creating Excel from Markdown