| View previous topic :: View next topic |
| Author |
Message |
ratch3t.x
n00b
Joined: 19 Dec 2006
Posts: 60
|
 Posted: Wed Jul 04, 2007 6:19 pm Post subject: how do i swipe a entire HD so the data cannot be recovered? |
 |
|
| title says it all, i don't know of any software that whipes an entire drive or securely deletes (other than secure-delete ebuild) but im unsure about deleting an entire hd - thanks |
|
| Back to top |
|
 |
gerard27
Advocate
Joined: 04 Jan 2004
Posts: 2377
Location: Netherlands
|
| Posted: Wed Jul 04, 2007 6:24 pm Post subject: |
|
|
| emerge bcwipe. |
|
| Back to top |
|
|
Lupin_the_3rd
Apprentice
Joined: 03 Apr 2005
Posts: 168
|
| Posted: Wed Jul 04, 2007 7:02 pm Post subject: |
|
|
dd if=/dev/zero of=/dev/sde bs=128k
Assuming /dev/sde is the disk you want to wipe of course.
Overwrites the entire block device with zeros. The boot sector, partition table, everything. absolutely every byte on the disk is overwritten.
Use with caution!!!!  This is for wiping an entire hard drive!! Not just single files, folders, or partitions, but your entire drive. Very useful if you sending your computer to recycling, or selling the drive on ebay or something like this.
Note that this method is quite effective, but does not meet various government "secure delete" standards that call for 3x or 7x overwriting. Although I guess you could just re-run it 3x or 7x to achieve the same thing.
_________________
Compaq XP1000 Alpha EV67 667Mhz w/ 2GB ECC
32bit PCI: ATI Radeon 9100 (DRI works!)
32bit PCI: Generic Firewire 400 card
64bit PCI: BCM5703 Gig-E (Compaq NC7771)
64bit PCI: Sil3124 SATA w/ mdadm RAID1 (pair of WD VelociRaptors) |
|
| Back to top |
|
|
John R. Graham
Administrator
Joined: 08 Mar 2005
Posts: 10589
Location: Somewhere over Atlanta, Georgia
|
| Posted: Wed Jul 04, 2007 7:46 pm Post subject: |
|
|
I think /dev/urandom would probably be a better source for the if= argument. And, I concur about the multiple passes requirements. I've read that the bits are still recoverable by sufficiently determined (and well-financed) organizations because of "fringe" information between the tracks. Recording (pseudo) random data multiple times scrambles the fringe.
- John |
|
| Back to top |
|
|
Lupin_the_3rd
Apprentice
Joined: 03 Apr 2005
Posts: 168
|
| Posted: Wed Jul 04, 2007 7:50 pm Post subject: |
|
|
| john_r_graham wrote: | I think /dev/urandom would probably be a better source for the if= argument. And, I concur about the multiple passes requirements. I've read that the bits are still recoverable by sufficiently determined (and well-financed) organizations because of "fringe" information between the tracks. Recording (pseudo) random data multiple times scrambles the fringe.
- John |
/dev/urandom will give a 'better' overwrite for the reasons you mention, but depending on the system CPU type (and whether or not it has a hardware RNG) it could be very slow. For very secret research or government purposes, it's probably ideal.
For grandma who does want the ebay bidder to read her emails and get ahold of her family recipes, /dev/zero should be more than sufficient (and faster). 
_________________
Compaq XP1000 Alpha EV67 667Mhz w/ 2GB ECC
32bit PCI: ATI Radeon 9100 (DRI works!)
32bit PCI: Generic Firewire 400 card
64bit PCI: BCM5703 Gig-E (Compaq NC7771)
64bit PCI: Sil3124 SATA w/ mdadm RAID1 (pair of WD VelociRaptors) |
|
| Back to top |
|
|
jlh
Tux's lil' helper
Joined: 06 May 2007
Posts: 145
Location: Switzerland::Zürich
|
| Posted: Wed Jul 04, 2007 7:52 pm Post subject: |
|
|
Overwriting with zeroes (as Lupin_the_3rd says) is probably good enough for most people. There will be no way to ever recover the data via software. However, if someone really really wants to recover the data, he will be able to, provided he has enough money. There are companies that are specialized in that and a hard drive that has been zeroed that way shouldn't be difficult at all to recover. But hardly anyone will ever do that unless he knows the data is very valuable. (Overwriting with zeroes repeatedly is no better than overwriting once, AFAIK.) Overwriting with random data is better and is even better when done repeatedly (but probably a lot slower too).
More advanced tools (bcwipe might be one of those, I don't know) will overwrite the data repeatedly with varying patterns, some carefully choosen predefined ones, some random, making any recovery a lot more difficult if not impossible.
If you want to sell your drive, use one of the methods above. If the drive contained very very very sensitive data and you're very paranoid, then destroy the drive physically. Shred it. Shred again until it's just dust left, then eat the dust. Oh you're not that paranoid? Then never mind.  |
|
| Back to top |
|
|
John R. Graham
Administrator
Joined: 08 Mar 2005
Posts: 10589
Location: Somewhere over Atlanta, Georgia
|
| Posted: Wed Jul 04, 2007 8:09 pm Post subject: |
|
|
| Lupin_the_3rd wrote: | | /dev/urandom will give a 'better' overwrite for the reasons you mention, but depending on the system CPU type (and whether or not it has a hardware RNG) it could be very slow. |
Well, that turns out not to be the case. /dev/urandom is very fast, is a pseudo-random number generator that is periodically seeded from the system's primary entropy pool, and requires no hardware random number generator support to maintain its performance. Performance on my very modest 600MHz AMD K7 is about a megabyte per second: | Code: | mercury jgraham # dd if=/dev/urandom of=/dev/null bs=128k count=8
8+0 records in
8+0 records out
1048576 bytes (1.0 MB) copied, 1.07657 s, 974 kB/s |
For more details, you might be interested in an Analysis of the Linux Random Number Generator.
- John
Last edited by John R. Graham on Wed Jul 04, 2007 8:18 pm; edited 1 time in total |
|
| Back to top |
|
|
Cyker
Veteran
Joined: 15 Jun 2006
Posts: 1746
|
| Posted: Wed Jul 04, 2007 8:17 pm Post subject: |
|
|
There's a nifty boot disk called DBAN - Darik's Boot and Nuke.
That works pretty well. 
Just don't nuke the wrong HD! 
For true unrecoverability however, I recommend taking it apart and/or dropping it in some lava!  |
|
| Back to top |
|
|
cyrillic
Watchman
Joined: 19 Feb 2003
Posts: 7313
Location: Groton, Massachusetts USA
|
| Posted: Wed Jul 04, 2007 9:03 pm Post subject: |
|
|
| Cyker wrote: | | For true unrecoverability however, I recommend taking it apart and/or dropping it in some lava! |
Good one !
... although you won't get as much for the drive on Ebay if you do that. |
|
| Back to top |
|
|
Mad Merlin
Veteran
Joined: 09 May 2005
Posts: 1155
|
| Posted: Thu Jul 05, 2007 4:57 am Post subject: |
|
|
The tool is meant for this task, simply and wait (potentially quite awhile, if it's a large drive). You'll want to make sure that /dev/hda is the drive you want to erase, though.
_________________
Game! - Where the stick is mightier than the sword! |
|
| Back to top |
|
|
ketjap
Tux's lil' helper
Joined: 03 Nov 2005
Posts: 75
Location: The Netherlands
|
| Posted: Thu Jul 05, 2007 5:43 am Post subject: |
|
|
| Cyker wrote: | There's a nifty boot disk called DBAN - Darik's Boot and Nuke.
That works pretty well.
Just don't nuke the wrong HD!
For true unrecoverability however, I recommend taking it apart and/or dropping it in some lava! |
The nice thing of this program is that you can download a live cd of it. |
|
| Back to top |
|
|
Cyker
Veteran
Joined: 15 Jun 2006
Posts: 1746
|
| Posted: Thu Jul 05, 2007 6:53 am Post subject: |
|
|
| cyrillic wrote: | | Cyker wrote: | | For true unrecoverability however, I recommend taking it apart and/or dropping it in some lava! |
Good one !
... although you won't get as much for the drive on Ebay if you do that. |
Aye... but if you fish out the melted twisted mess, you could sell it as a piece of premiere modern art and sell it to a gallery! |
|
| Back to top |
|
|
Akkara
Bodhisattva
Joined: 28 Mar 2006
Posts: 6702
Location: &akkara
|
| Posted: Thu Jul 05, 2007 6:53 am Post subject: |
|
|
| Quote: | | Just don't nuke the wrong HD! |
When I was trying out different filesystems I had chown'ed the test drive I was using and typing the commands as a normal user to get a bit of extra insurance against errors.
Maybe do similar for wiping. chown, then mount | grep for the just-chown'ed drive, just to be super extra very sure |
|
| Back to top |
|
|
John R. Graham
Administrator
Joined: 08 Mar 2005
Posts: 10589
Location: Somewhere over Atlanta, Georgia
|
| Posted: Thu Jul 05, 2007 11:24 am Post subject: |
|
|
| Mad Merlin wrote: | | The tool is meant for this task... |
I love these forums! 
- John |
|
| Back to top |
|
|
Nordog
Apprentice
Joined: 08 Jul 2005
Posts: 151
Location: Reykjavík, Iceland
|
| Posted: Mon Oct 08, 2007 10:57 pm Post subject: |
|
|
| john_r_graham wrote: | | Mad Merlin wrote: | | The tool is meant for this task... |
I love these forums!
- John |
Just make sure you read the man file Turns out that shred doesn't work for journalled filesystems, which I guess most of us use.
_________________
Gentoo 2007.0 on a Dell Inspiron e1505/6400 notebook
Intel core 2 duo 2.0 GHz with 2 GB ram
Ati Mobility Radeon x1400 |
|
| Back to top |
|
|
Hu
Moderator
Joined: 06 Mar 2007
Posts: 21631
|
| Posted: Tue Oct 09, 2007 2:33 am Post subject: |
|
|
That is not entirely accurate. According to the man page, shred cannot guarantee the destruction of a file on a journaled filesystem under certain conditions. For instance:
| Code: | In the case of ext3 file systems, the above disclaimer applies (and
shred is thus of limited effectiveness) only in data=journal mode,
which journals file data in addition to just metadata. In both the
data=ordered (default) and data=writeback modes, shred works as usual.
|
However, when shredding an entire disk, as discussed in this topic, the filesystem present on the disk is irrelevant. In that mode, shred accesses the block device without regard for what filesystem, if any, was present beforehand. Thus, shred should be equally effective against swap, journaled filesystems, non-journaled filesystems, and even damaged or corrupt filesystems.
If the drive has suffered physical damage and reacted by remapping sectors, there may exist sectors which cannot be accessed by software. Such sectors would be immune to shred, but could still be vulnerable to access by advanced forensic techniques. |
|
| Back to top |
|
|
JeliJami
Veteran
Joined: 17 Jan 2006
Posts: 1086
Location: Belgium
|
|
| Back to top |
|
|
amne
Bodhisattva
Joined: 17 Nov 2002
Posts: 6378
Location: Graz / EU
|
| Posted: Tue Oct 09, 2007 4:49 pm Post subject: |
|
|
Moved from Kernel & Hardware to Duplicate Threads.
Thanks davjel for this compilation of threads.
_________________
Dinosaur week! (Ok, this thread is so last week) |
|
| Back to top |
|
|
|
Duplicate Threads
