Operating System - HP-UX
1748181 Members
3914 Online
108759 Solutions
New Discussion юеВ

Re: scrubbing tapes in hp-ux

 
g3jza
Esteemed Contributor

scrubbing tapes in hp-ux

Hi,
How do you scrub tapes (LTO in my case) that contain sensitive data? I've checked 'mediainit' , but this command should only handle the scrubbing of disks. Does anyone know about something similar to this? The tapes are going to be scrubbed physically, but I want to make sure. Thanks
14 REPLIES 14
Viktor Balogh
Honored Contributor

Re: scrubbing tapes in hp-ux

Hi,

one good way is to overwrite data with dd:

# dd if=/dev/zero of=

Regards,
Viktor

****
Unix operates with beer.
Steven Schweda
Honored Contributor

Re: scrubbing tapes in hp-ux

> How do you scrub tapes [...]

Define "scrub".

> [...] that contain sensitive data? [...]

Define "sensitive".

> [...] The tapes are going to be scrubbed
> physically, [...]

Define "scrubbed physically".

> [...] I want to make sure.

Define "sure".

If you _really_ want the data gone, then fire
(or at least a very high temperature) works
very well. If money is no object, then data
may be recoverable from a tape which has been
"erased" by many other methods.

If you want the data gone for most practical
purposes, then a big magnet can do a
reasonable job in a reasonable amount of
time, and does not destroy the tape. Writing
over a whole tape (using "dd", or some other
program) also does a reasonable job, but is
much slower.

A Forum or more general Web search should
find many previous related discussions
involving disks and/or tapes. Many people
_say_ that they want perfect security (data
destruction), but many of those are not
willing to destroy the medium itself, and
that destruction is the only perfectly secure
method.
Doug Burton
Respected Contributor

Re: scrubbing tapes in hp-ux

You can use a third party that will destroy the tapes for you and give you a document certifying the destruction.

A good way to get rid of those old pesky tapes and meet your legal obligations as well.
g3jza
Esteemed Contributor

Re: scrubbing tapes in hp-ux

Steven:
By scrubbing I mean, making it hard for someone to possibly recover it.
Sensitive in our case = mostly database data.
The physical scrubbing (destroying the tapes) is not done by us but by some other company. I just wanted to 'pre-srub' the data on those tapes so that it will not be possible for that company(which is doing the physical destruction) to read those data :) .

Thanks for all your ideas.
Viktor Balogh
Honored Contributor

Re: scrubbing tapes in hp-ux

> making it hard for someone to possibly recover it.

making it hard not equals to making it impossible, but I know what you mean ;)
****
Unix operates with beer.
Larry Klasmier
Honored Contributor

Re: scrubbing tapes in hp-ux

I would assume you have a non-disclosure agreement with the third party company who will destroy the tapes, correct? In our case that company is also the company that handles the offsite storage of our backup tapes, guessing this probably the same for you?

Seems to me you are just making extra work for yourself.
Bill Hassell
Honored Contributor

Re: scrubbing tapes in hp-ux

> big magnet...

For DDS, DLT and LTO, this not only destroys the data, it will destroy the tape completely by erasing the pre-recorded servo information. The tape can never be reused as the drive will reject it.

Technically, (for modern media) you can simply write a single record (a few bytes) then rewind the tape. The drive will write an end-of-data marker and now the tape cannot be positioned to read anything beyond this marker. For use inside your company, this is by far the easiest and fastest method. Try it on one of your tapes and see if anyone can read the data past the first record.


Bill Hassell, sysadmin
Steven Schweda
Honored Contributor

Re: scrubbing tapes in hp-ux

> > big magnet...
>
> For DDS, DLT and LTO, this not only
> destroys the data, it will destroy the tape
> completely by erasing the pre-recorded
> servo information. The tape can never be
> reused as the drive will reject it.

Really? I'm pretty sure that I've
bulk-erased DAT and DLT tapes, and I remain
unaware of any "servo information" on these
media. LTO is too modern for me, so I know
nothing about those, but I'm dubious. Can
you offer a credible reference for this
claim? (Or is it confined to the oral
tradition?)
Steven Schweda
Honored Contributor

Re: scrubbing tapes in hp-ux

> For DDS, DLT and LTO, [...]

A quick Google search for:

magnetic tape servo track

found, among others:

http://www.webuyusedtape.net/degaussing.html

I quote:

[...] Media products such as 3480, 3490e,
DLT, SDLT can be degaussed and the media
reused. However, 3590, LTO, 9840 and 9940
cartridges cannot be degaussed without
destroying the servo track(s). [...]

These folks apparently do this for a living,
so they may know something. (So, that's one
out of three right in that "DDS, DLT and LTO"
list, as I suspected.)

> Seems to me you are just making extra work
> for yourself.

I agree, but if your plan is to have the
media destroyed, and not reused, then the big
magnet still seems to me to be a reasonable
tool for the job. (If you insist on doing
the job.) If the plan is to reuse the media,
and LTO tape does seem to use a servo track,
then bulk erasure would seem to be a big
mistake. Unless you have the equipment (and
time) to re-write the servo track (on each
medium).