Author Topic: Secure wipe for HS-DHGL series without removing drive?  (Read 1470 times)

benphillips

  • Calf
  • *
  • Posts: 3
Secure wipe for HS-DHGL series without removing drive?
« on: August 19, 2020, 02:47:14 PM »
Is there a way to securely wipe a HS-DH750GL? It has been formatted using the configuration UI (Disk Management > Disk Format), but all I can find in terms of using a tool such as Eraser is that I'd need to disassemble the LinkStation and connect the drive directly to a PC in order to run multiple wipes? I'm not sure mapping the default 'info' share as a drive would work, or allow access at the drive root level. Any help much appreciated!

1000001101000

  • Debian Wizard
  • Big Bull
  • *****
  • Posts: 1128
  • There's no problem so bad you cannot make it worse
Re: Secure wipe for HS-DHGL series without removing drive?
« Reply #1 on: August 19, 2020, 03:09:17 PM »
I don't know if the web interface has any such feature but you can do something like that from the command line.

You can enable root access over telnet on the device using ACP Commander:
https://github.com/1000001101000/acp-commander

Then you could then overwrite the data partition with zeros by doing something like this:
Code: [Select]
umount /dev/sda6
dd if=/dev/zero of=/dev/sda6 bs=4k

I assume you could then just format it again from the web interface.

benphillips

  • Calf
  • *
  • Posts: 3
Re: Secure wipe for HS-DHGL series without removing drive?
« Reply #2 on: August 27, 2020, 05:23:54 AM »
Thank you!

I tried the GUI version of ACP Commander (https://gry.ch/Java/styled/) and it found the Linkstation and connected fine.

Would I still use the umount /dev/sda6 command with the GUI, and should I be specifying bs=4096 instead of bs=4k?

Some other sources seem to advocate zeroing out the start *and* the end - is there any value in this? Not sure if this example works or is preferable...

Code: [Select]
dd if=/dev/zero of=/dev/sda bs=512 count=4096 seek="$(($(blockdev --getsz /dev/sda) - 4096))"
I'm not concerned with timescales to complete the process or drive wear necessarily, just the most thorough wipe process.

1000001101000

  • Debian Wizard
  • Big Bull
  • *****
  • Posts: 1128
  • There's no problem so bad you cannot make it worse
Re: Secure wipe for HS-DHGL series without removing drive?
« Reply #3 on: August 27, 2020, 08:20:58 AM »
A few things:

The GUI version of ACP commander you found hasn't been updated in nearly a decade, I don't typically recommend using it. You might be able to make it work for your purposes.

I believe for this operation you'll want a full shell rather than just sending individual commands via ACP Commander. When you send commands that way it only waits a few seconds for the output, in this case you'll want a real shell so it will wait for a few hours for dd to run completely.

From the current command line version you can get a full shell as easy as:
Code: [Select]
java -jar acp_commander.jar -t <device ip address> -o
telnet <device ip address>

Quote
Some other sources seem to advocate zeroing out the start *and* the end - is there any value in this? Not sure if this example works or is preferable...

When doing something potentially destructive it is important to understand what you are doing and why at each step. Wiping the start and end of the drive would destroy the boot partition and leave data partition mostly in tact. I believe this is the opposite of what you are trying to do.

I would think the steps you want to follow would be:

1. Get a root shell, (see above)
2. identify the partition containing the data (it's usually mounted as /mnt/disk1 or /mnt/array1 or similar)
Code: [Select]
mount | grep mnt3. unmount that volume so that the OS doesn't try to use it while you wipe it
Code: [Select]
umount /dev/sda64. wipe that partition, leaving everything else alone (this will take a while)
Code: [Select]
dd if=/dev/zero of=/dev/sda6 bs=4k
At this point you could then re-format from the web interface. It might throw some errors since it won't have expected someone to wipe it like that. In that case you can reboot and see if that helps. If it goes into emergency mode you can do a fresh firmware install (probably a good idea anyway if the goal is to wipe the device before selling/etc).




 

benphillips

  • Calf
  • *
  • Posts: 3
Re: Secure wipe for HS-DHGL series without removing drive?
« Reply #4 on: September 21, 2020, 04:53:09 AM »
Thank you 1000001101000, all seemed to work fine as below...

Code: [Select]
sh-2.05b$ mount | grep mnt
/dev/ram1 on /mnt/ram type tmpfs (rw)
/dev/ls_disk1_6 on /mnt/disk1 type xfs (rw)
sh-2.05b$ umount /dev/ls_disk1_6
umount: /dev/ls_disk1_6 not mounted
sh-2.05b$ dd if /dev/zero of=/dev/ls_disk1_6 bs=4k
dd: /dev/ls_disk1_6: No space left on device
sh-2.05b$

I don't think there's any way to run a tool to check any recoverable files, as it'd need to be a physically connected drive? I can map a network drive to the default 'info' share on the Buffalo, but it doesn't show up in DiskDigger, only the C:\ drive is visible.

1000001101000

  • Debian Wizard
  • Big Bull
  • *****
  • Posts: 1128
  • There's no problem so bad you cannot make it worse
Re: Secure wipe for HS-DHGL series without removing drive?
« Reply #5 on: September 21, 2020, 05:45:44 AM »
You can look at the raw data on the drive with:
Quote
hexdump -C /dev/sda6
**I think that would be present on the firmware, though I'm not sure.

If you checked right after running dd you should see all zeros. If you've since reformatted it you would see some data related to the new filesystem but it would still largely be blank.
« Last Edit: September 21, 2020, 07:13:38 AM by 1000001101000 »