workbench-script/docs/dev-es.md

## borrado minimalista

Un enfoque inicial que teníamos para el borrado de disco son las siguientes funciones, esto lo hemos descartado para usar una herramienta más avanzada en el borrado [usody-sanitize](https://github.com/usody/sanitize/)

```python
## Xavier Functions ##
def erase_basic(disk):
    """
    Basic Erasure
    https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=917935

    Settings for basic data erasure using shred Linux command.
    A software-based fast non-100%-secured way of erasing data storage.

    Performs 1 pass overwriting one round using all zeros.
    Compliant with NIST SP-800-8y8.

    In settings appear:

    WB_ERASE = EraseBasic
    WB_ERASE_STEPS = 1
    WB_ERASE_LEADING_ZEROS = False

    """
    cmd = f'shred -vn 1 /dev/{disk}'
    return [exec_cmd_erase(cmd)]


def erase_baseline(disk):
    """
    Baseline Secure Erasure
    Settings for advanced data erasure using badblocks Linux software.
    A secured-way of erasing data storages, erase hidden areas,
    checking the erase sector by sector.

    Performs 1 pass overwriting each sector with zeros and a final verification.
    Compliant with HMG Infosec Standard 5 Baseline.

    In settings appear:

    WB_ERASE = EraseSectors
    WB_ERASE_STEPS = 1
    WB_ERASE_LEADING_ZEROS = True

    WB_ERASE_1_METHOD = EraseBasic
    WB_ERASE_1_STEP_TYPE = 0
    WB_ERASE_2_METHOD = EraseSectors
    WB_ERASE_2_STEP_TYPE = 1
    """
    result = []
    cmd = f'shred -zvn 0 /dev/{disk}'
    result.append(exec_cmd_erase(cmd))
    cmd = f'badblocks -st random -w /dev/{disk}'
    result.append(exec_cmd_erase(cmd))
    return result


def erase_enhanced(disk):
    """
    Enhanced Secure Erasure
    Settings for advanced data erasure using badblocks Linux software.
    A secured-way of erasing data storages, erase hidden areas,
    checking the erase sector by sector.

    Performs 3 passes overwriting every sector with zeros and ones,
    and final verification. Compliant with HMG Infosec Standard 5 Enhanced.

    In settings appear:

    WB_ERASE = EraseSectors
    WB_ERASE_LEADING_ZEROS = True

    WB_ERASE_1_METHOD = EraseBasic
    WB_ERASE_1_STEP_TYPE = 1
    WB_ERASE_2_METHOD = EraseBasic
    WB_ERASE_2_STEP_TYPE = 0
    WB_ERASE_3_METHOD = EraseSectors
    WB_ERASE_3_STEP_TYPE = 1
    """
    result = []
    cmd = f'shred -vn 1 /dev/{disk}'
    result.append(exec_cmd_erase(cmd))
    cmd = f'shred -zvn 0 /dev/{disk}'
    result.append(exec_cmd_erase(cmd))
    ## creo que realmente seria asi (3 pases y una extra poniendo a ceros):
    # shred -zvn 3 /def/{disk}
    # tampoco estoy seguro que el badblocks haga un proceso de verificacion.
    cmd = f'badblocks -st random -w /dev/{disk}'
    result.append(exec_cmd_erase(cmd))
    return result

## End Xavier Functions ##

## Erase Functions ##

def ata_secure_erase_null(disk):
    cmd_baseline = f'hdparm --user-master u --security-erase NULL /dev/{disk}'
    return [exec_cmd_erase(cmd_baseline)]


def ata_secure_erase_enhanced(disk):
    cmd_enhanced = f'hdparm --user-master u --security-erase-enhanced /dev/{disk}'
    return [exec_cmd_erase(cmd_enhanced)]


def nvme_secure_erase(disk):
    cmd_encrypted = f'nvme format /dev/{disk} --ses=1'
    return [exec_cmd_erase(cmd_encrypted)]


## End Erase Functions ##
```
move alternate erase functions to docs 2024-10-18 08:54:45 +00:00			`## borrado minimalista`

			`Un enfoque inicial que teníamos para el borrado de disco son las siguientes funciones, esto lo hemos descartado para usar una herramienta más avanzada en el borrado [usody-sanitize](https://github.com/usody/sanitize/)`

			```python
			`## Xavier Functions ##`
			`def erase_basic(disk):`
			`"""`
			`Basic Erasure`
			`https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=917935`

			`Settings for basic data erasure using shred Linux command.`
			`A software-based fast non-100%-secured way of erasing data storage.`

			`Performs 1 pass overwriting one round using all zeros.`
			`Compliant with NIST SP-800-8y8.`

			`In settings appear:`

			`WB_ERASE = EraseBasic`
			`WB_ERASE_STEPS = 1`
			`WB_ERASE_LEADING_ZEROS = False`

			`"""`
			`cmd = f'shred -vn 1 /dev/{disk}'`
			`return [exec_cmd_erase(cmd)]`


			`def erase_baseline(disk):`
			`"""`
			`Baseline Secure Erasure`
			`Settings for advanced data erasure using badblocks Linux software.`
			`A secured-way of erasing data storages, erase hidden areas,`
			`checking the erase sector by sector.`

			`Performs 1 pass overwriting each sector with zeros and a final verification.`
			`Compliant with HMG Infosec Standard 5 Baseline.`

			`In settings appear:`

			`WB_ERASE = EraseSectors`
			`WB_ERASE_STEPS = 1`
			`WB_ERASE_LEADING_ZEROS = True`

			`WB_ERASE_1_METHOD = EraseBasic`
			`WB_ERASE_1_STEP_TYPE = 0`
			`WB_ERASE_2_METHOD = EraseSectors`
			`WB_ERASE_2_STEP_TYPE = 1`
			`"""`
			`result = []`
			`cmd = f'shred -zvn 0 /dev/{disk}'`
			`result.append(exec_cmd_erase(cmd))`
			`cmd = f'badblocks -st random -w /dev/{disk}'`
			`result.append(exec_cmd_erase(cmd))`
			`return result`


			`def erase_enhanced(disk):`
			`"""`
			`Enhanced Secure Erasure`
			`Settings for advanced data erasure using badblocks Linux software.`
			`A secured-way of erasing data storages, erase hidden areas,`
			`checking the erase sector by sector.`

			`Performs 3 passes overwriting every sector with zeros and ones,`
			`and final verification. Compliant with HMG Infosec Standard 5 Enhanced.`

			`In settings appear:`

			`WB_ERASE = EraseSectors`
			`WB_ERASE_LEADING_ZEROS = True`

			`WB_ERASE_1_METHOD = EraseBasic`
			`WB_ERASE_1_STEP_TYPE = 1`
			`WB_ERASE_2_METHOD = EraseBasic`
			`WB_ERASE_2_STEP_TYPE = 0`
			`WB_ERASE_3_METHOD = EraseSectors`
			`WB_ERASE_3_STEP_TYPE = 1`
			`"""`
			`result = []`
			`cmd = f'shred -vn 1 /dev/{disk}'`
			`result.append(exec_cmd_erase(cmd))`
			`cmd = f'shred -zvn 0 /dev/{disk}'`
			`result.append(exec_cmd_erase(cmd))`
			`## creo que realmente seria asi (3 pases y una extra poniendo a ceros):`
			`# shred -zvn 3 /def/{disk}`
			`# tampoco estoy seguro que el badblocks haga un proceso de verificacion.`
			`cmd = f'badblocks -st random -w /dev/{disk}'`
			`result.append(exec_cmd_erase(cmd))`
			`return result`

			`## End Xavier Functions ##`

			`## Erase Functions ##`

			`def ata_secure_erase_null(disk):`
			`cmd_baseline = f'hdparm --user-master u --security-erase NULL /dev/{disk}'`
			`return [exec_cmd_erase(cmd_baseline)]`


			`def ata_secure_erase_enhanced(disk):`
			`cmd_enhanced = f'hdparm --user-master u --security-erase-enhanced /dev/{disk}'`
			`return [exec_cmd_erase(cmd_enhanced)]`


			`def nvme_secure_erase(disk):`
			`cmd_encrypted = f'nvme format /dev/{disk} --ses=1'`
			`return [exec_cmd_erase(cmd_encrypted)]`


			`## End Erase Functions ##`
			```