search

martijnvanbrummelen / nwipe

nwipe secure disk eraser
GNU General Public License v2.0
687 stars 79 forks source link

[Feature Request] (low priority): Fingerprint MBR #369

Open Firminator opened 2 years ago

Firminator commented 2 years ago

This was implemented and kind of working in NHellFire's DBAN fork for a number of years. Coding references: https://github.com/NHellFire/dban/search?q=FINGERPRINT

Screenshot of (old) GUI: https://github.com/NHellFire/dban/issues/10#issuecomment-101455832

I could provide a screenshot of a wiped drive boot into the MBR and then showing this yellow message:

DBAN fingerprint
Model: #MODEL# - Serial: #SERIAL#"
Wipe finished at: #DATE# - #RESULT#
Method: #METHOD#
PartialVolume commented 2 years ago

You'll need to explain what the purpose of 'fingerprinting the MBR' is, in terms of a use case scenario. I don't quite get what the point of that is?

As regards the function key menu overlay window, I'd prefer something a bit more traditional like a pull down menu system, triggered by ALT-F, for FILE etc however that might be a bit over the top to code at the moment, while there are still things like SSD secure erase and HPA/DSA detection and correction to implement. But a simpler overlay like this would be quicker to code. I wouldn't need to rewrite the windows like hellfire seemed to be doing as I did a load of work in the past regarding refreshing any nwipe window, so menu overlays could be implemented more easily and making the overlay/menu disappear would be a call to a single function.

Interesting though that NHellFire put some work in to starting to implement this, I wonder if he stopped because the GUI code can be a minefield and it become too time consuming or did he finish it?

I could provide a screenshot of a wiped drive boot into the MBR and then showing this yellow message:

Yes, that would be useful, although I'm still not sure why you would only want to wipe the master boot record, while leaving the rest of the disk to be recoverable with utilities like the excellent test disk recovery program. I've used that many a time when the MBR and entire partition table has been totally destroyed in order to pull files and whole directories of the disk. Saved my bacon a couple of times.

Firminator commented 2 years ago

You'll need to explain what the purpose of 'fingerprinting the MBR' is, in terms of a use case scenario. I don't quite get what the point of that is?

Mostly to have a visual confirmation that the drive was wiped (since there are no certs yet). Basically this: https://sourceforge.net/p/dban/feature-requests/83/

Here's the code how to generate teh MBR (/etc/init.d/generate-bootsectors.sh): https://github.com/NHellFire/dban/commit/799c8b967a228b4d590cfa34a6164bfe00a39ae8#diff-3ba1de533c6e2db8608714f5c86ba789ab7af58bb67cf577a978a1d09cdab225

As regards the function key menu overlay window, I'd prefer something a bit more traditional like a pull down menu system, triggered by ALT-F, for FILE etc however that might be a bit over the top to code at the moment, while there are still things like SSD secure erase and HPA/DSA detection and correction to implement. But a simpler overlay like this would be quicker to code. I wouldn't need to rewrite the windows like hellfire seemed to be doing as I did a load of work in the past regarding refreshing any nwipe window, so menu overlays could be implemented more easily and making the overlay/menu disappear would be a call to a single function.

Disregard the overlay menu. That wasn't the point. I just wanted to show a screenshot that shows the F=Toogle Fingerprinting in the menu bar on the bottom of the screen :) The overlay menu reminded me a bit of the older unmaintained version of Memtest :) That's where he must have gotten the idea from. Maybe. Who knows.

Interesting though that NHellFire put some work in to starting to implement this, I wonder if he stopped because the GUI code can be a minefield and it become too time consuming or did he finish it?

I honestly don't remember exactly since I rarely used the GUI as I always started a predefined wipe from the boot menu. I hardly ever touched the GUI or aborted a wipe.

why you would only want to wipe the master boot record, while leaving the rest of the disk to be recoverable

Fingerprinting the MBR would be done after a full wipe with whatever method the user selected. Additionally. Not only. If that makes sense.

PartialVolume commented 2 years ago

Fingerprinting the MBR would be done after a full wipe with whatever method the user selected. Additionally. Not only. If that makes sense.

Nope, I still don't get it. The MBR is the first sector of the disc and after a wipe is probably all zeros. You could create a fingerprint with a sector full of zeros but I don't understand how that could be used, other than to check that the MBR hasn't changed since you created the fingerprint. I must be missing something :-)

Firminator commented 2 years ago

Oh, I see now it's the word 'fingerprint' that throws you off. Forget about fingerprint then. Let's call it MBR-branding. Or 'using-the-MBR-as-a-means-to-show-that-the-drive-has-been-wiped'. Basically write this info into the MBR, so that it shows up when you try to boot the device. Imagine a laptop with one drive in it. It has been wiped. ANother user powers it on and that user is going to see this message. Or imagine you have two people wiping drives. One leaves in the evening and has the device wiped overnight and then auto shuts-it down. The other person comes into work next morning and wants to know what the status of the wipe is. Power on the device and it will show you how it was wiped and if the wipe was successful. Or imagine during the wiping process the device looses power (be it that the battery of a laptop is drained or a PC/server not on an UPS and there is a power outage). Next morning the person would think that the device got wiped (because it's off so the person assumes everything went fine and the device auto-shut-off after the wipe) and might discard it since he has no means to see what the status of the wipe is.

This probably all sounds constructed due to my wording, but it actually happens.

PartialVolume commented 2 years ago

Now I understand, sounds like a good option to have. Do you have any links to hellfires code, where he builds the custom MBR.

Firminator commented 2 years ago

Here's the code how to generate teh MBR (/etc/init.d/generate-bootsectors.sh): NHellFire/dban@799c8b9#diff- 3ba1de533c6e2db8608714f5c86ba789ab7af58bb67cf577a978a1d09cdab225

PartialVolume commented 2 years ago

Great, I'll give that a try, I'm not what key to use to enable it but when it is enabled it could show in the options window as

Rounds:.          1   (plus blanking pass) (plus MBR)
Firminator commented 2 years ago

There is also this code snippet from a contributor: https://github.com/NHellFire/dban/issues/13

NHellFire tested it and it wouldn't work for him as intended, but he cherry-picked anyways a few things and committed it @ https://github.com/NHellFire/dban/commit/c512cdb5e3ef62a41a345da00de915d6453bf15b

By all means don't sweat this. I'd say this is totally low-priority as I can see this developing into a rabbithole dealing with MBRs. I'm just really trying to document this as the info is all spread out sometimes.