Jump to content

Ways to securely wipe a drive?


vailixi

Recommended Posts

I know there ar e a lot of ways to wipe a hard drive. What's your favorite method?

I normally use DBAN. Sometimes I will use DBAN then luks then DBAN and luks again.

I'm trying something else right now just overwriting the disk with dd. It's taking a while.

dd if=/dev/zero of=/dev/sdb bs=512

There's another way to do this.

dd if=/dev/urandom of=/dev/sdb bs=512

Or maybe

badblocks -c 4096 -s -w -t random -v /dev/sdb
Link to comment
Share on other sites

I use DBAN personally and professionally as a lot of the drives from pcs in schools main contain sensitive data. It is overkill, but with Data protection laws the way they are in Ireland and Europe, I rather not risk it.

Link to comment
Share on other sites

It has been a while since I've needed to wipe a drive, but have you tried something like HDDerase that will use the secure erase command on ATA drives. Much faster than DBAN and should do a better job on SSDs (as DBAN will be caught out by their ware-leveling algorithms).

Link to comment
Share on other sites

DBAN is overkill. DBAN, luks, DBAN, luks is way overkill. One overwrite is good enough.

If you increase the block size from the default 512 to something larger it will go faster.

If you use dd rescue it will use a variable block size depending on drive performance.

Good to know. It took 18 hours 39 minutes to wipe with bs=512

root@donkeypuncher:~# dd if=/dev/zero of=/dev/sdc bs=512
dd: error writing ‘/dev/sdc’: No space left on device
1953458177+0 records in
1953458176+0 records out
1000170586112 bytes (1.0 TB) copied, 67142.2 s, 14.9 MB/s

And as someone had said it is overkill. I read one source that said unless the drive is destroyed the data is recoverable. I'm not sure how that would work.So copied and pasted the 4th ammendment into a text file. Then I encrypted it. Then I put the encrypted file in a folder named top secret. Then I encrypted it again. Then I named the next folder something like confidential. The I used 7zip to make a password protected archive. Then I put it in a folder and zipped it again. I did this over and over. It was many layers of encryption and a bunch of passwords to recover the original text file. Then I copied the file over and over until it took up all of the free space on the drive. Then I wiped, encrypted, and wiped the drive again. I think it would be great if someone used all of that compute power to crack passwords and the layers of encryption only to find:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
Link to comment
Share on other sites

Non Destructive:

Literally the fastest way is to use ddrescue or dd_rescue and /dev/zero.

"Secure erase" is just a buzzword for overwrite.

No, "Secure Erase" is a command in the ATA protocol that will securely erase your ATA device. For old hard disks a single pass overwrite was good enough to remove data. But with modern SSDs a single overwrite won't get all the blocks in the device, as their wear leveling technology means that your most commonly used data will end up being left in the set of spare block on the device.

The "Secure Erase" command, when used on an SSD, will simply set every bit in each block to 1 guaranteeing that everything is erased. This also has a performance benefit as your suggestion of setting everything to 0 means that the SSD would have to erase every block a second time when it next needed to write to it. A "Secure Erase" however, would leave all the bits at 1 which means that any value could be written to the block without having to erase it first.

Link to comment
Share on other sites

When in doubt, kill it with fire.

I was going to mention something along these lines. When I had to destroy hard drives to the point they couldn't be used anymore I would first degauss them then punch holes straight through the drives with either a pickax or hammer and chisel. It works really well to ensure that data won't be recovered.

Link to comment
Share on other sites

No, "Secure Erase" is a command in the ATA protocol that will securely erase your ATA device. For old hard disks a single pass overwrite was good enough to remove data. But with modern SSDs a single overwrite won't get all the blocks in the device, as their wear leveling technology means that your most commonly used data will end up being left in the set of spare block on the device.

The "Secure Erase" command, when used on an SSD, will simply set every bit in each block to 1 guaranteeing that everything is erased. This also has a performance benefit as your suggestion of setting everything to 0 means that the SSD would have to erase every block a second time when it next needed to write to it. A "Secure Erase" however, would leave all the bits at 1 which means that any value could be written to the block without having to erase it first.

I was limiting to spinning disk wiping. But yes, trying to use DD to wipe an SSD will not work out well and just thrash the wear cycles.

Link to comment
Share on other sites

With older magnetic storage devices data can reside on the media for longer times then just zeroing the drive (https://en.wikipedia.org/wiki/Magnetic_hysteresis) but with most types of solid state storage you can just zero it and me done with it. i.e. your typical USB flash drive can probably just be zeroed.

Unless you're wiping a drive made in the 80's your link isn't a concern. Pretty sure if Mr. Protocol says it can't be read, it can't be read.

Link to comment
Share on other sites

This drive http://www.amazon.com/Blue-250-Desktop-Hard-Drive/dp/B00115TE0Kwhich wasn't made in the 80's uses magnetic storage. A drive like this is susceptible to magnetic hysteresis. Granted it is older, but not totally out of use yet. You can still buy magnetic hard drives in most computer stores today.

The thing is, the data density is so tight that you're not going to be able to recover any useful data. Look at the publish date of that article. It was 97. Ask any data recovery company if they can restore data from a zeroed drive and they'll say no.

Link to comment
Share on other sites

Once magnetized, the magnet will stay magnetized indefinitely. To demagnetize it requires heat or a magnetic field in the opposite direction. This is the effect that provides the element of memory in a hard disk drive.

When you write a 0 is it the oposite magnetically as writing a 1? Conceptually I get this. Residual magnetic field that won't register on the hardware so it appears to have no data but when read with specialized equipment ie. removing the platters and placing them in a special reader that can register more minute magnetic fields. Possibly with a lot of money.

Edited by vailixi
Link to comment
Share on other sites

When you write a 0 is it the oposite magnetically as writing a 1? Conceptually I get this. Residual magnetic field that won't register on the hardware so it appears to have no data but when read with specialized equipment ie. removing the platters and placing them in a special reader that can register more minute magnetic fields. Possibly with a lot of money.

That is only a theoretical method from many many years ago. While the theory seems simple enough, good luck rebuilding that data even if you could get all the platters back in alignment and not screw up the sector orientation. Aside from that, modern disks, as mentioned earlier, have a higher bit density and you would be unable to get an accurate residual read due to the proximity of the other bits.

Link to comment
Share on other sites

Have any of you guys tried out an EMP device or microwave?

Microwaves won't do anything other than fry the circuit board on a drive. They won't penetrate the metal case, the data on the platter will be fine. Emp's that are strong enough to wipe a drive are actually pretty hard to make.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...