vailixi Posted September 28, 2015 Share Posted September 28, 2015 I know there ar e a lot of ways to wipe a hard drive. What's your favorite method? I normally use DBAN. Sometimes I will use DBAN then luks then DBAN and luks again. I'm trying something else right now just overwriting the disk with dd. It's taking a while. dd if=/dev/zero of=/dev/sdb bs=512 There's another way to do this. dd if=/dev/urandom of=/dev/sdb bs=512 Or maybe badblocks -c 4096 -s -w -t random -v /dev/sdb Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted September 28, 2015 Share Posted September 28, 2015 DBAN is overkill. DBAN, luks, DBAN, luks is way overkill. One overwrite is good enough. If you increase the block size from the default 512 to something larger it will go faster. If you use dd rescue it will use a variable block size depending on drive performance. Quote Link to comment Share on other sites More sharing options...
Rkiver Posted September 28, 2015 Share Posted September 28, 2015 I use DBAN personally and professionally as a lot of the drives from pcs in schools main contain sensitive data. It is overkill, but with Data protection laws the way they are in Ireland and Europe, I rather not risk it. Quote Link to comment Share on other sites More sharing options...
Jason Cooper Posted September 28, 2015 Share Posted September 28, 2015 It has been a while since I've needed to wipe a drive, but have you tried something like HDDerase that will use the secure erase command on ATA drives. Much faster than DBAN and should do a better job on SSDs (as DBAN will be caught out by their ware-leveling algorithms). Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted September 28, 2015 Share Posted September 28, 2015 Non Destructive: Literally the fastest way is to use ddrescue or dd_rescue and /dev/zero. "Secure erase" is just a buzzword for overwrite. Destructive: Table vice and a sledge will break the disk in half in a couple of hits. Or use your imagination. Quote Link to comment Share on other sites More sharing options...
barry99705 Posted September 29, 2015 Share Posted September 29, 2015 When in doubt, kill it with fire. Quote Link to comment Share on other sites More sharing options...
vailixi Posted September 29, 2015 Author Share Posted September 29, 2015 DBAN is overkill. DBAN, luks, DBAN, luks is way overkill. One overwrite is good enough. If you increase the block size from the default 512 to something larger it will go faster. If you use dd rescue it will use a variable block size depending on drive performance. Good to know. It took 18 hours 39 minutes to wipe with bs=512 root@donkeypuncher:~# dd if=/dev/zero of=/dev/sdc bs=512 dd: error writing ‘/dev/sdc’: No space left on device 1953458177+0 records in 1953458176+0 records out 1000170586112 bytes (1.0 TB) copied, 67142.2 s, 14.9 MB/s And as someone had said it is overkill. I read one source that said unless the drive is destroyed the data is recoverable. I'm not sure how that would work.So copied and pasted the 4th ammendment into a text file. Then I encrypted it. Then I put the encrypted file in a folder named top secret. Then I encrypted it again. Then I named the next folder something like confidential. The I used 7zip to make a password protected archive. Then I put it in a folder and zipped it again. I did this over and over. It was many layers of encryption and a bunch of passwords to recover the original text file. Then I copied the file over and over until it took up all of the free space on the drive. Then I wiped, encrypted, and wiped the drive again. I think it would be great if someone used all of that compute power to crack passwords and the layers of encryption only to find: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized. Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted September 29, 2015 Share Posted September 29, 2015 Take my word for it, once you overwrite the data, it's gone. One pass is all that is needed. Quote Link to comment Share on other sites More sharing options...
Jason Cooper Posted September 29, 2015 Share Posted September 29, 2015 Non Destructive: Literally the fastest way is to use ddrescue or dd_rescue and /dev/zero. "Secure erase" is just a buzzword for overwrite. No, "Secure Erase" is a command in the ATA protocol that will securely erase your ATA device. For old hard disks a single pass overwrite was good enough to remove data. But with modern SSDs a single overwrite won't get all the blocks in the device, as their wear leveling technology means that your most commonly used data will end up being left in the set of spare block on the device. The "Secure Erase" command, when used on an SSD, will simply set every bit in each block to 1 guaranteeing that everything is erased. This also has a performance benefit as your suggestion of setting everything to 0 means that the SSD would have to erase every block a second time when it next needed to write to it. A "Secure Erase" however, would leave all the bits at 1 which means that any value could be written to the block without having to erase it first. Quote Link to comment Share on other sites More sharing options...
sud0nick Posted September 29, 2015 Share Posted September 29, 2015 When in doubt, kill it with fire. I was going to mention something along these lines. When I had to destroy hard drives to the point they couldn't be used anymore I would first degauss them then punch holes straight through the drives with either a pickax or hammer and chisel. It works really well to ensure that data won't be recovered. Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted September 29, 2015 Share Posted September 29, 2015 No, "Secure Erase" is a command in the ATA protocol that will securely erase your ATA device. For old hard disks a single pass overwrite was good enough to remove data. But with modern SSDs a single overwrite won't get all the blocks in the device, as their wear leveling technology means that your most commonly used data will end up being left in the set of spare block on the device. The "Secure Erase" command, when used on an SSD, will simply set every bit in each block to 1 guaranteeing that everything is erased. This also has a performance benefit as your suggestion of setting everything to 0 means that the SSD would have to erase every block a second time when it next needed to write to it. A "Secure Erase" however, would leave all the bits at 1 which means that any value could be written to the block without having to erase it first. I was limiting to spinning disk wiping. But yes, trying to use DD to wipe an SSD will not work out well and just thrash the wear cycles. Quote Link to comment Share on other sites More sharing options...
vailixi Posted October 4, 2015 Author Share Posted October 4, 2015 (edited) I'm not sure I fully understand the concept of wear leveling. Edited October 4, 2015 by vailixi Quote Link to comment Share on other sites More sharing options...
barry99705 Posted October 4, 2015 Share Posted October 4, 2015 (edited) I'm not sure I fully understand the concept of wear leveling. Flash memory only has so many writes. They eventually quit working. Wear leveling makes sure one part doesn't get written to more than others. Edited October 4, 2015 by barry99705 Quote Link to comment Share on other sites More sharing options...
fugu Posted October 4, 2015 Share Posted October 4, 2015 DBAN is overkill. With older magnetic storage devices data can reside on the media for longer times then just zeroing the drive (https://en.wikipedia.org/wiki/Magnetic_hysteresis) but with most types of solid state storage you can just zero it and me done with it. i.e. your typical USB flash drive can probably just be zeroed. Quote Link to comment Share on other sites More sharing options...
barry99705 Posted October 4, 2015 Share Posted October 4, 2015 With older magnetic storage devices data can reside on the media for longer times then just zeroing the drive (https://en.wikipedia.org/wiki/Magnetic_hysteresis) but with most types of solid state storage you can just zero it and me done with it. i.e. your typical USB flash drive can probably just be zeroed. Unless you're wiping a drive made in the 80's your link isn't a concern. Pretty sure if Mr. Protocol says it can't be read, it can't be read. Quote Link to comment Share on other sites More sharing options...
fugu Posted October 4, 2015 Share Posted October 4, 2015 This drive http://www.amazon.com/Blue-250-Desktop-Hard-Drive/dp/B00115TE0Kwhich wasn't made in the 80's uses magnetic storage. A drive like this is susceptible to magnetic hysteresis. Granted it is older, but not totally out of use yet. You can still buy magnetic hard drives in most computer stores today. Quote Link to comment Share on other sites More sharing options...
barry99705 Posted October 5, 2015 Share Posted October 5, 2015 This drive http://www.amazon.com/Blue-250-Desktop-Hard-Drive/dp/B00115TE0Kwhich wasn't made in the 80's uses magnetic storage. A drive like this is susceptible to magnetic hysteresis. Granted it is older, but not totally out of use yet. You can still buy magnetic hard drives in most computer stores today. The thing is, the data density is so tight that you're not going to be able to recover any useful data. Look at the publish date of that article. It was 97. Ask any data recovery company if they can restore data from a zeroed drive and they'll say no. Quote Link to comment Share on other sites More sharing options...
vailixi Posted October 5, 2015 Author Share Posted October 5, 2015 (edited) Once magnetized, the magnet will stay magnetized indefinitely. To demagnetize it requires heat or a magnetic field in the opposite direction. This is the effect that provides the element of memory in a hard disk drive. When you write a 0 is it the oposite magnetically as writing a 1? Conceptually I get this. Residual magnetic field that won't register on the hardware so it appears to have no data but when read with specialized equipment ie. removing the platters and placing them in a special reader that can register more minute magnetic fields. Possibly with a lot of money. Edited October 5, 2015 by vailixi Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted October 5, 2015 Share Posted October 5, 2015 When you write a 0 is it the oposite magnetically as writing a 1? Conceptually I get this. Residual magnetic field that won't register on the hardware so it appears to have no data but when read with specialized equipment ie. removing the platters and placing them in a special reader that can register more minute magnetic fields. Possibly with a lot of money. That is only a theoretical method from many many years ago. While the theory seems simple enough, good luck rebuilding that data even if you could get all the platters back in alignment and not screw up the sector orientation. Aside from that, modern disks, as mentioned earlier, have a higher bit density and you would be unable to get an accurate residual read due to the proximity of the other bits. Quote Link to comment Share on other sites More sharing options...
DakotaStorm Posted October 6, 2015 Share Posted October 6, 2015 The company I "work" for crushes them in a car crusher. Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted October 6, 2015 Share Posted October 6, 2015 Table vice and sledge hammer here. Kaboom right in half. Quote Link to comment Share on other sites More sharing options...
vailixi Posted October 6, 2015 Author Share Posted October 6, 2015 Table vice and sledge hammer here. Kaboom right in half. Quote Link to comment Share on other sites More sharing options...
overwraith Posted October 6, 2015 Share Posted October 6, 2015 Bullets also work . Quote Link to comment Share on other sites More sharing options...
vailixi Posted October 8, 2015 Author Share Posted October 8, 2015 Have any of you guys tried out an EMP device or microwave? Quote Link to comment Share on other sites More sharing options...
barry99705 Posted October 8, 2015 Share Posted October 8, 2015 Have any of you guys tried out an EMP device or microwave? Microwaves won't do anything other than fry the circuit board on a drive. They won't penetrate the metal case, the data on the platter will be fine. Emp's that are strong enough to wipe a drive are actually pretty hard to make. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.