rkw@OKC-UNIX.AF.MIL (Ron Wallman LAETA) (05/16/91)
We have similiar problems. While I have a DN3000 disk I need to
clear too I haven't had the time to solve it yet. So I would be
interested in your solution.
In the pass on other computers we have used the Diagnostic software
provided with most non-PC computer systems. In the case of the Apollos
I believe you might try looking at the DEX diagnostic software. Forgot
what DEX stands for. Anyway, you can start in the help directories of
sauX (whatever is your workstation model) and sau_sys. If I recall
there was a disk pgm in which you could change write patterns but not
sure if it could verify that patterns were written.
Ronald K Wallman
United States Air Force
Oklahoma City Air Logistics Center
OC-ALC/LAETA (Bldg 3220)
Tinker AFB, OK 73145-5990
(405)-736-5575 DDN Mail Address: rkw@okc-unix.af.milesther@rayssd.ssd.ray.com ("Esther A. Paris") (05/16/91)
Hello all... forgive me if this question and a zillion answers have
been posted before - I'm new to this newsgroup.
So here goes: I have some Apollos (OK, I confess Mentor is our OEM)
running in a classified (SECRET) environment. One of the machines
has been switched from classified processing to unclassified processing.
However, this means that its 760-MB disk is locked up in a safe as
a classified SECRET document. I'm looking for advice on how to
declassify this disk. I'll give you some additional background on
the requirements for disk declassification and what our company has
done in the past on other machines.
The requirements to declassify go as follows (basically):
1. verify there are no new bad blocks on the disk, compare
current list of bad blocks to manufacturer's list of
bad blocks. (done)
2. Write all zeros to every addressable spot on the disk.
3. Verify that all zeros were written to the disk.
4. Write all ones to every addressable spot on the disk.
5. Verify that all ones were written to the disk.
6. Write a third pattern to every addressable spot on the
disk (pattern of your choice).
7. Verify that pattern-TBD has been written to the disk.
8. Get the Defense Investigative Service to give the disk
its blessing (they want to see the procedure and the proof).
9. Fill out the appropriate paperwork. Use the disk!
We have programs to software-erase disks that run on VAX/VMS, Data
General AOS/VS, 'regular' UNIX (Suns, SGI, Pyramid), and I believe
DOS. However, we cannot seem to adapt the regular UNIX programs to
run on the Apollo; these programs for the regular UNIX machines rely
on character and block special files and apparently these character
and block special files don't behave like regular UNIX character and
block special files for the Apollos. As a matter of fact, when I run
the programs on the Apollo (or use the 'od' command to dump the character
and block special files) the disk reports the same information to me
every time, no matter how much or how little data is on the disk -- it
always reports 'NEWLY FORMATTED DISK, I HAVE A SYSBOOT AND THE REST IS
ALL CHARACTER 55'. This seems to be a neat security feature to prevent
users from analyzing the character and block special files for the disk,
but unfortunately I need to bypass this security feature in order to
get my 760-desperately-needed-MBs back.
Any ideas would be greatly appreciated.
Esther Paris
Raytheon Equipment Division
508/490-2022
esther@mar.ed.ray.com, or esther@rayssd.ssd.ray.comrees@dabo.citi.umich.edu (Jim Rees) (05/17/91)
In article <9105161235.AA15192@ray.com>, esther@rayssd.ssd.ray.com ("Esther A. Paris") writes:
... However, this means that its 760-MB disk is locked up in a safe as
a classified SECRET document. I'm looking for advice on how to
declassify this disk.
[ elaborate method of writing 1 and 0 to all locations on the disk ]
I used to have a Secret level clearance myself, so I'm familiar with some of
the stupid rules, but this one takes the cake. Why isn't it sufficient to
format the disk? I would trust a disk format much sooner than I would trust
the given procedure.
But given your constraints, the method you used should have worked. We used
to read and write to the raw device all the time when we were doing the Mach
port here. There is only one raw device, and it covers the whole disk.
There is no 'block' special, only a 'character' special device (to use the
Unix terms), since I/O to the raw device is always unbuffered. You can't
open the raw device if the disk is mounted. And there are no separate raw
devices for the separate partitions (logical disks), just one for the whole
thing.
I can't explain why you're having trouble, it should work.herb@ajfcal.uucp (Herb Peyrel) (05/18/91)
esther@rayssd.ssd.ray.com ("Esther A. Paris") writes: >We have programs to software-erase disks that run on VAX/VMS, Data >General AOS/VS, 'regular' UNIX (Suns, SGI, Pyramid), and I believe >DOS. However, we cannot seem to adapt the regular UNIX programs to I know this is going to sound stupid and some HPollo guy is gonna come along with a great Domain/OS solution... However, why not just grab the disk, shove it into a PC and use a DOS disk-eraser... If your Apollo has a WD7000 controller, then this controller should function just fine in a PC... If your Apollo has the Omti style controller (8810, 8610, or whatever) then it won't work in a PC... If YOU or anyone else knows how to get these controllers to work in a PC, then please let me know... -------------------------------------------------------------------------- UUCP: herb@ajfcal.UUCP || #define Janitor Administrator I brew, therefore I am.. || Apollo System_Janitor, Novatel Communications "I spilled spot remover on my dog and now he's gone..." <Steven Wright> -- -------------------------------------------------------------------------- UUCP: herb@ajfcal.UUCP || #define Janitor Administrator I brew, therefore I am.. || Apollo System_Janitor, Novatel Communications "I spilled spot remover on my dog and now he's gone..." <Steven Wright>
jab0396@cec2.wustl.edu (John A. Breen) (05/19/91)
We have done this a number of times at work, but fortunately, I was never involved in it. From what I recall, the sys_admin contacted the corporate security office (who probably contacted DIS), and the solution was to format the disk something like 10 times. If you need more details, contact me at the email address below (I lose my USENET access tomorrow) and I'll see if I can put you in touch with someone who's done it. BTW, I've heard that there are some computers (Macintoshes, I believe) whose disks cannot be sufficiently declassified, so they're just destroyed when they're no longer needed. ----- John A. Breen | johnb@hobbes.mdc.com McDonnell Douglas Missile Systems Co. | (standard disclaimer) Tel: (314)234-4341
dennis@nosc.mil (Dennis Cottel) (05/20/91)
rkw@OKC-UNIX.AF.MIL (Ron Wallman LAETA) asks about declassifying a disk drive. Sometime in 1987 I got a disk declassification program from our local Apollo office. In February, 1988, I talked to the author of this program, John Griffith (508-256-6600 x6768), who was then in charge of the Security Products Group in the Federal Systems Department at Apollo. I talked to him again in November of 1989 on another problem. There was no longer such a group and John was then in the operating systems group, but he was still working on a disk declassification program. This all at least means that someone at Apollo has thought about the problem. I have no idea what the state of all this is since the HP merger. It's a tool that is need in the real world and HP should support it. Dennis Cottel, dennis@NOSC.MIL, (619) 553-1645 Naval Ocean Systems Center, San Diego, CA 92152