Crypto n stuff

I am not a noob, nor am I experienced in these areas, modesty is a safe bet as I do not want to overstate my skillset.

I have two sources that I consider to be the people with the most experience that I know in these areas but they do not fully agree. I would like to get your opinions and whatever else you may want to share about what you do and why.

Friend 1, computer professional, runs his own business out of his house fixing peoples shit and tinkering with his own tech. Recommends LUKS for encrypting non-OS files (for speed) and temporary files and important data. Thinks truecrypt is garbage because its proprietary.

For deletion he uses dd and dev/zero. On his ext4 filesystem it takes 2 hours to dd and 2 minutes to LUKS a 300gb drive. He suspects that dev/zero over dev/urandom contributes a bit (he admitted he doesn't know how much cause he doesn't use urandom) but he thinks that the NTFS filesystem is the cause of the slow (20GB/hour) dd speed. He also said, when I brought up the idea that dev/zero with dd is less secure and determined people could see what was written on the disk before all the 0's because they're all 0's and its easy to see ( read a paranoid theory about this idea) and he said that with NTFS that'd be possible but not other filesystems.

His paranoia solution was dd, format, encrypt with random salt (I'm unsure what this is, something about password security) and then format  with a different filesystem and use that one after encrypting. He also mentioned setting up encryption to randomize keys on bootup for your temp files and pagefile where your encryption passwords are stored.

Friend 2 said that dd dev/urandom with a few passes to be safe was a good idea and that Truecrypt is trustworthy. He also recommended using a bootable USB OS over a hard drive.

Please criticize all of these assumptions as I am here to learn what is correct.

>>2
Do you think you could explain what any of that means and why I should do it?

How does the DoD do 9 passes (1's, 0's, random x3)?
it took 17 hours to do a 300GB SATA connected disk for me with urandom. How does anyone?

>>12 Wouldn't a USB OS be preferable as all temporary data will not be stored on the drive and then be overwritten because of space limitations, rather than on an HDD where all temporary data will pile up on the disk rather than over each other thusly obfuscating any forensics looking into the past?

Someone over at /g/ said this... they weren't much help otherwise lol. It's all iPhones and NCIX builds over there lol.

"Secure data deletion is a myth of sorts. It simply can't be done on a file by file basis. However wiping an entire disk works better. urandom is a better choice, filing a drive with zeros can be filtered. The more over writes the better. However given time all data can be recovered if they know what they are looking for. Encrypted data can be wiped with a single random pass and there no chance in hell of getting it back. A single pass of zeros is always nice before a fresh install. DATA CANNOT BE WIPED FROM FLASH MEDIA. Unless encrypted as previously stated, do not store on flash drives because there is no way to securely wipe it. Lastly, filesystem makes no difference to a wipe."

What do you guys make of these claims? PS all my passwords are on post it notes! We're like brothers!

'>DATA CANNOT BE WIPED FROM FLASH MEDIA

this would imply that a flash memory cell can contain an infinite amount of information. Maybe they were getting at that it wouldn't be a good idea to frequently wipe your flash since it has a limited amount of writes. Or maybe they were talking about how the hardware will isolate blocks that are determined to no longer be reliable, and maybe you have information in these blocks that you would like to wipe, but now can't.