NOTICE: As of March 3, 2005, Autoclave is no longer supported. Please see the End-Of-Life Notice for details and an alternative.

Autoclave v0.3

April 9, 2002

hard drive sterilization on a bootable floppy

Note: Autoclave only works on x86 PCs (386 and higher processors and compatibles such as AMD) with more than 8MB of RAM and a floppy drive (for now. A cd image is on the way). It seems to have problems on some laptops. I don't know enough about the boot process on Macs, Sparcs, Alphas and other types of machine to port it. If you know how to make a bootable floppy for other architectures and want to help port Autoclave, please drop me a line.

  • Frequently asked questions <- Please read this before asking me questions
  • Downloading/Installation Instructions <- Go here to download Autoclave
  • Usage Instructions <- Go here to see what Autoclave looks like when it's running
  • Legalese <- Licensing, disclaimers, etc
  • Links

  • 2001.05.03 - v0.1
  • 2001.07.13 - added contributed batch file
  • 2002.04.05 - v0.2 (still IDE-only, though)
  • 2002.04.09 - v0.3 fixes a serious bug in 0.2 which prevented it from running on older machines (also, slightly better instructions on these pages

    Have you ever bought a used computer, possibly at a failed dot-com auction or Boeing Surplus? Ever taken a look at what's on the hard drive? When the last dotcom I worked for went out of business, all the computers were auctioned off. I heard a few weeks after the auction that a bartender had been asking one of my former co-workers about the details of another co-worker's love life, details he picked up from reading the personal email which had been left on a computer sold at the auction.

    One of my current co-workers says that whenever he buys a used computer he pokes around on the hard drive to see what's left over. Given how many dotcoms are going out of business these days, I'm sure there are plenty of hard drives out there with interesting data.

    So, let's say you want to sell your old computer, but you don't want folks reading all your old email or getting your bank account number. What do you do? Reformat the drive? It took me less than a minute of searching google to find a company which sells a utility specifically for recovering data from drives which have been reformatted, hit by viruses, and whatnot.

    Maybe you already know about such utilities, and you've gone to the trouble of filling your entire hard drive with zeros. That'll take care of the commercial recovery utilities. But according to this paper someone with a few thousand dollars and the know-how could recover your data even from that. (Keep in mind that this is theoretical. Nobody seems to know even a friend of a friend who's actually been able to recover data from a zeroed drive. Although it's unlikely the NSA or the Mafia would admit that they could.)

    At this point, the question is "how valuable is the data on my hard drive?". Did you keep a list of bank account numbers on your computer? Did you have a list of PINs for your debit cards? Is your identity worth stealing? All paranoia aside, it's unlikely that anybody cares enough about the data on a personal computer to take the time to recover a zeroed-out drive. If the computer comes from a business, hospital, or research lab, it's another story. Data on those computers could be worth big money to the right buyer.

    That's where Autoclave comes in. It can perform simple zeroing. It can also overwrite the hard drive with specific patterns which exercise all the bits on the drive, making it extremely difficult to recover anything at all. Could the NSA recover anything from a drive which has been erased using this disk? I don't know. I personally doubt it. But if that's who you're worried about reading your data, it's probably best if you pound the drive into dust using a sledge hammer, and then fuse the pieces together with a blowtorch.

    NOTE FOR UW USERS: According to the UW's Computer Disposal Policy, hard drives must be wiped electronically using a 3-pass binary overwrite. As of february, 2003, physical destruction is not an option. Autoclave has 5 levels of cleanliness; you want to use level 3.

     
    LEGALESE

    This software should only be used in compliance with all applicable laws and the policies and preferences of the owners of any systems on which the software is to be run.

    The developers and licensors of the software provide the software on an "as is" basis, excluding all express or implied warranties, and will not be liable for any damages arising out of or relating to use of the software.

    THIS SOFTWARE IS MADE AVAILABLE "AS IS", AND THE UNIVERSITY OF WASHINGTON DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, WITH REGARD TO THIS SOFTWARE, INCLUDING WITHOUT LIMITATION ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, AND IN NO EVENT SHALL THE UNIVERSITY OF WASHINGTON BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, TORT (INCLUDING NEGLIGENCE) OR STRICT LIABILITY, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

    I personally don't know how licensing works on software I've written for my employer, the University of Washington. However, as much of the code in Autoclave is based on software which is licensed under the terms of the GNU Public License, I am under the impression that Autoclave itself should be licensed under those terms. Until I hear otherwise from UW legal counsel, that will be the case. Autoclave v0.3 - Securely destroy the contents of a hard drive Copyright (C) 2002 Joshua Larios <jdlarios@cac.washington.edu> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.

    To Do:

  • Serialize wiping multiple disks per system. Currently, you have to open a new console for each disk and wipe in parallel. It may be faster in serial; I'm not sure.
  • Get better time estimates. 15 minutes to zero a 2Gb drive?
    + I've got percentage indicators working at least.
  • Better documentation
  • Double check bash script syntax. Getting an error about "break".
    + I think this is fixed now.
  • Allow user to boot with all safety warnings off. Maybe.
  • How to handle RAID?
    + Shouldn't have to worry about it, unless the drives aren't /dev/hd*
  • SCSI support?
    + Soon.
  • Other architectures: mac (ppc/68k), sparc, alpha?
    + Unlikely.

    Credits:

  • uClibc -- a C library for embedded systems: http://www.uclibc.org/
  • Busybox -- The Swiss Army Knife of Embedded Linux: http://www.busybox.net/
  • Linux kernel 2.4.9: http://www.kernel.org
  • The GNU File Utilities: http://www.gnu.org/software/fileutils/fileutils.html
  • SYSLINUX -- lightweight floppy boot loader: http://syslinux.zytor.com/

    Links:

    
    
    
    
    
    

    --Josh Larios <jdlarios at cac dot washington dot edu>