Learn about Linux
Download Linux
Get Linux helpSpecial Offers
Feature: Tools & Utilities
Wiping your disk drive clean
Share
Print
CommentsEverybody who owns a computer will someday need to dispose of a disk drive. Before you do, it is a good idea to cleanse the drive, so no one can read your sensitive information. Deleting files and reformatting is not sufficient; determined effort can still reveal data from a drive even after it appears to be gone. To do a more thorough job, I suggest using wipe.
You need to take special pains because files that are "deleted" are not really gone. Most operating systems, including Linux and its ext2 filesystem, just delete the pointer to a deleted file; the data still exists on the drive. It is not effectively removed until every bit of the space it was occupying on the drive has been overwritten. Even then there are ways, albeit difficult, to analyze the drive and extract data. The only way, short of melting the drive, to ensure the data is gone for good is to overwrite the drive several times with random data.
Several Linux utilities can cleanse files and drives, and all do the same thing. Wipe has more options than some of the other tools, including the ability to erase a block of data on a partition.
If the target drive is installed in a working system, the easiest way to clean it is to run wipe off of a Linux live CD. Knoppix, the granddaddy of Linux live distributions, comes with a ready-to-use version of wipe. To get started, download and burn the latest version of Knoppix, then put the CD in the CD drive of the target machine and boot. If all goes well, Knoppix should boot and present the KDE interface.
Launch Konsole, KDE's terminal emulator, using the icon in the bottom toolbar. Find the partition names of the target hard drive by listing all of the disk devices in the /dev directory. For IDE drives, run ls /dev/hd*. For SCSI drives, use ls /dev/sd*. The command should list several items. The primary drive is typically /dev/hda or /dev/sda. There will be an item in the output for every partition on the device.
It should go without saying that running wipe will nuke everything on the target file system. Everything beyond this point is destructive, so make sure anything important is backed up.
Wipe's developers suggest only wiping one partition at a time, so for every partition, including the swap partition, run the command sudo wipe /dev/partition. Use the sudo command so that there are no permission errors. The wipe process will take several hours to complete for a moderate-sized hard drive. If you want it to go faster you can tell it how many passes you want it to make by using the -Q option with a number less than the default of 4. However, the more passes wipe makes, the better the protection, at least in theory.
If the target drive is not in a working machine, you can place it in a USB enclosure and attach that to a Linux machine. Note that most window managers will automatically mount external USB storage devices when they are attached; unmount the drive before running wipe. If wipe is not already installed on the machine, install it using your distribution's package manager. Next, launch a terminal session, find the device, and run wipe on each partition, using the command above.
Using wipe does not absolutely guarantee that data on the drive cannot be recovered, but it goes a long way in making it difficult.
Chad Files, a software developer and writer, has been developing software applications for more than 10 years, and is a contributing developer to many open source projects.
Comments
on Wiping your disk drive cleanNote: Comments are owned by the poster. We are not responsible for their content.
1. We test the disk to see if it's really bad (sometimes customers screw up) If it's not bad, we immediately run DBAN on it and put the drive back into the "refurbished" lot (it's unlawful to resell used equipment as new)
2. If the disk is bad, we have a device with a pneumatic ram that drives a steel spike at high speed through the platters shattering them. (we've opened a drive that's been "made safe" and it's ugly!
Always works for me.
Thanks!
Stijn.
Re(1): Wiping your disk drive clean
Posted by: Anonymous [ip: 158.72.121.49] on May 30, 2008 04:39 PMRe(2): Wiping your disk drive clean
Posted by: Anonymous [ip: 128.174.112.88] on May 30, 2008 05:09 PMRe(1): Wiping your disk drive clean
Posted by: Anonymous [ip: 64.252.85.92] on May 30, 2008 08:39 PMRe(1): Wiping your disk drive clean
Posted by: Anonymous [ip: 24.5.208.127] on May 31, 2008 06:49 AMWhy on earth would professionals (who regularly receive two orders of magnitude more money for this service) possibly pay any attention to this at all? Free advertising? No--it is a lame godaddy site with little traffic and nobody of significance is running it. There is no guarantee that there aren't either minor shenanigans (improper drive preparation) or fraud (extracting shipping + "deposits" from saps) here. It is suspicious that they charge a deposit and disallow physical tampering--if anything went wrong, the deposit would be lost. Anyway...would risk anything for only $40?
If the entities behind this raise a more significant bounty & can show there are no shenanigans on there part & attract any interest, they should also refine the rules to show no shenanigans by others---they need multiple drives or will need to "reset" the drive (format+add data+dd /dev/zero) after each trial--there is no guarantee that someone before your try didn't write to the drive.
Re(1): Wiping your disk drive clean
Posted by: Anonymous [ip: 222.254.137.7] on June 02, 2008 03:29 PMOf course you cannot restore the data with the electronics build into the drive :P .
Drilled through the platter stack (yeah, an old drive!) with a 3/8" drill bit, in each of 4 quadrants
Put platter stack into a gas grille, on "Pre-heat" (it's highest setting - about 750 degrees F) for a half-hour
Dropped hot platter stack into a bucket of cold water to quench.
Pounded the platter stack well out of "true" with a hammer, which broke apart the hub and "unstacked" the platters
Tossed into recycle bin.
Think that was sufficient?
So the investigator did the experiment with Scotch tape and some blank floppy disk. In the end, it cost him roughly $50 dollars or so, for a floppy drive he broke during the experiment, Scotch tape and floppy disks.
Don't under estimate the determination of a criminal investigator.
Now the hard drive is different, but who knows?
:) :) :) :) :) :) ;=)
Anyway, for general purpose HD wiping, a bootable DBAN will do a good job of making it extremely difficult to recover data on the HD.
4 pound pony hammer, repeatedly...
Posted by: Anonymous [ip: 96.244.123.232] on May 31, 2008 02:14 AMLike others already mentioned in the comments on the article, I find dban from a livecd (SystemRescueCD of course for me) to be quite easy.
Ferkrissake! Secure Erase is built into the drive controller!
Posted by: Anonymous [ip: 192.168.1.253] on May 31, 2008 06:49 PMSee here: http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml
All you need to do to securely erase a disk is activate the erase routine that is built into all modern disk drives.
Re: Ferkrissake! Secure Erase is built into the drive controller!
Posted by: Joe Barr on May 31, 2008 08:05 PMAll modern disk drives? Is that really true? And how do you tell the drive to erase itself?
Then overwrite with random data once, and you're pretty much good to go.
If they manage to read both overwritten sectors AND break AES or similar, then no data we have is safe anyway...
http://sourceforge.net/projects/eraser/ It will be good when this windows tool gets ported to Linux.
http://cmrr.ucsd.edu/people/Hughes/DataSanitizationTutorial.pdf
Yes, overwriting a hard drive made sense in 1996, but not in 2008. The paper will help you understand why.
Simple maths... if a drive maintains data after a complete over-write, the actual capacity of that drive has magically DOUBLED. If data survives 33 lots of over-writing (as suggested by some idiot above), the drive now has a reliable capacity of 34x that originally stated by the manufacturer. Of course, tin-foil hat types have long claimed hard-drives are based on tech recovered from an alien crash (and sadly, i'm not kidding). These are the same people that are used to push the nonsense that over-writing is a waste of time.
Of course, the real problem for ordinary users is knowing how to over-write the actual targetted sensitive area of the platter, which at best means trusting utilities, and the truthfulness of control information returned by a hard-drive controller. The electronics in a modern hard-drive has no incentive to guarantee the actual erasure of any given platter area, so long as the ability to accurately record is not compromised. Only by storing new data to fill the entire capacity of a hard drive can one be certain that any given piece of old data has gone.
The hammer destruction of platters is perfect, but really only required in an environment where protocol mistakes can easily mean that data that should have been wiped may not have been because of Human error, or error within the mechanism of the software tools, or electronics. For the individual, and their own PC (who, in reality is MOST unlikely to smash a HD), they must not be put off from using good software erase tools on the basis of those that carefully troll forums like this.
REMEMBER- those that tell you that over-written data can be recovered are trying to discourage you from erasing it in the first place.
If you don't have time to run DBAN on everything, use a DeGausser.
Please familiarize yourself with the subject of E-Waste: http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
and stop pointlessly shooting and burning your drives (unless they contain military secrets). Your waste is ending up in toothpaste, cat food, and toys.
Wiping your disk drive clean
Posted by: Anonymous [ip: 127.0.0.1] on May 30, 2008 10:14 AMHamish
#