Howto: Cleaning /Wipping Hard Disk/Files

Share your own howto's etc. Not for support questions!
Message
Author
User avatar
bester69
Posts: 1900
Joined: 2015-04-02 13:15
Been thanked: 1 time

Howto: Cleaning /Wipping Hard Disk/Files

#1 Post by bester69 »

Im following these steps,as an easy and practical method, that i suppose its enought secure,
please correct me if im lacking something :?

Refs.:
http://linoxide.com/security/delete-fil ... tly-linux/
https://www.marksanborn.net/howto/wipin ... e-with-dd/


0- Using Bleachbit (It might be enought), to clean caches and that kind of things
https://www.bleachbit.org

1- wipping / shredding speficical files, we want to be sure they wont be recover (you can use both tools methods).

- shred -vn 2 filetoerase
- wipe -qQ 2 filetoerase


2- Shredding Swap disk.:
- sudo swapoff -a (dismount swap first)
- sudo sswap -fvl /dev/sdx (clean swap partition)
- sudo swapon -a (remount swap)

3- Shredding the whole free space drive:
- sudo sfill -fvl / (root partition)

Alternative/equivalent (perhaps more insecure method, -->there's no inode space wiper with dd):

Code: Select all

dd if=/dev/zero of=zero.small.file bs=1024 count=102400
dd if=/dev/zero of=zero.file bs=1024
sync ; sleep 60 ; sync
rm zero.small.file
rm zero.file
-----------------------------

please share your Method if you thing you've something better.. :wink:
Last edited by bester69 on 2017-01-17 12:02, edited 2 times in total.
bester69 wrote:You wont change my mind when I know Im right, Im not an ...

Bulkley
Posts: 6146
Joined: 2006-02-11 18:35

Re: Howto: Cleaning /Wipping Hard Disk/Files

#2 Post by Bulkley »

Before donating a computer to the recycle people I blank the hard drive. I use either Dban disk overwrite utility or shred which I run at least three times. Then I install the oldest Linux I can get on the drive - my preference being Storm 2000. I use impossible passwords. When someone eventually boots it up he/she will find a working Linux OS that they can't access. My bet is they format and install Windows. Any files I had on the drive are long gone.

User avatar
bester69
Posts: 1900
Joined: 2015-04-02 13:15
Been thanked: 1 time

Re: Howto: Cleaning /Wipping Hard Disk/Files

#3 Post by bester69 »

Bulkley wrote:Before donating a computer to the recycle people I blank the hard drive. I use either Dban disk overwrite utility or shred which I run at least three times. Then I install the oldest Linux I can get on the drive - my preference being Storm 2000. I use impossible passwords. When someone eventually boots it up he/she will find a working Linux OS that they can't access. My bet is they format and install Windows. Any files I had on the drive are long gone.
Hi, thanks to share
I didnt know about Dban, so Ive just find out nwipe (It is a fork of the dwipe command used by Darik's Boot and Nuke (dban))..

I read somewhere with just two-passes it wasnt possible to recover anydata... When i read everywhere 15/30 passes for secure erasing i dont know what to thing. :?
bester69 wrote:You wont change my mind when I know Im right, Im not an ...

User avatar
bester69
Posts: 1900
Joined: 2015-04-02 13:15
Been thanked: 1 time

Re: Howto: Cleaning /Wipping Hard Disk/Files

#4 Post by bester69 »

wizard10000 wrote:Zero-filling a hard drive will protect it from anyone except the government.

Data recovery companies cannot recover data from a zero-filled drive but some government agencies can by mapping residual magnetism in the platter - but they've gotta want you pretty bad to go to the trouble.

So - if you're selling the machine a zero-fill is sufficient; if you're protecting it from a government you need multiple passes with random characters.
Ive studied some superior electronic's studies and i dont see how they can get those residual magnetism, when you write down 0 or 1 in the disk, with two passes or so i cant imagine how a simple bit can be recover when it has been totally destroyed. A bit in a SSD or in a hDD is the same concept its just a capacitor residual.

I can see a zero bit pattern recover --> They could still leave some residual capacitor
perphaps, Two same zero bit pattern filled recover--> As the pattern filled its the same and its constant (zero filling), It might still be able to recover as they just need to search for the residual bit.

I cant see a One pass Zero, Second Pass Random pattern filling reover (or even just one pass-random) --> The bit has been in my opinion totatlly destroyed, even if residual remains then they should be able to invert random pattern to uncrypt the bit, what i still dont see how can they do it, as /dev/random i suppose its not a constant pattern so they cant uncrypted..


So seriouslly talking, I dont see how even Goverments can recover data if you destroy the celds/bits,by random filling.
bester69 wrote:You wont change my mind when I know Im right, Im not an ...

User avatar
pylkko
Posts: 1801
Joined: 2014-11-06 19:02

Re: Howto: Cleaning /Wipping Hard Disk/Files

#5 Post by pylkko »

Ok, so what about:

Code: Select all

hdparm --user-master u --security-erase-enhanced password /dev/device name
Will resetting the cells of an SSD leave anything that can be recovered?

User avatar
bester69
Posts: 1900
Joined: 2015-04-02 13:15
Been thanked: 1 time

Re: Howto: Cleaning /Wipping Hard Disk/Files

#6 Post by bester69 »

wizard10000 wrote:....., but a DoD wipe requires seven passes with random characters.

When I worked for DoD we zero-filled desktops and laptops before offering them for resale and server drives were shredded by this big machine that turned a hard drive into little bitty chunks of metal :)
So you worked in Department of Defense??, tha's cool

Wizard, seven random passes, i dont see even aliens to be able to recover that :lol: ,
With just one random-pass I still dont see how they'd do it, unless DoD can be able to uncrypted random method used to shred the disk. I think that even writing a bit is not a regular process so you cant get a accurate messure of the bit to know from what level on apply decode rightly, and level of bit is irregular and analog process, so i see all of this very impossible. The resulting file recovered might be enought corrupted to be not able to read it (a word, pdf file as an example).

but my knowledge stop here..
bester69 wrote:You wont change my mind when I know Im right, Im not an ...

User avatar
dasein
Posts: 7775
Joined: 2011-03-04 01:06
Location: Terra Incantationum

Re: Howto: Cleaning /Wipping Hard Disk/Files

#7 Post by dasein »

No.

Zero-fill works just fine to render mag drives unreadable. Has for years. Shred, multiple passes, etc. are just "theater."

For anyone who actually cares, there's an existing thread hereabouts with actual data from actual researchers, and not rectally-extracted, fact-free "opinion" from some random teenager in his mother's basement.

Edit: For the benefit of those too farqing lazy to search for it: http://forums.debian.net/viewtopic.php? ... 15#p446550

(I'm growing weary of this place. I mean, yeah, Second Law of Thermodynamics and all, but still.)
Last edited by dasein on 2017-01-17 13:08, edited 2 times in total.

User avatar
dasein
Posts: 7775
Joined: 2011-03-04 01:06
Location: Terra Incantationum

Re: Howto: Cleaning /Wipping Hard Disk/Files

#8 Post by dasein »

wizard10000 wrote:FDN is a closed system?
Thanks, Wiz10K. You always make me smile.

User avatar
Hallvor
Posts: 1192
Joined: 2009-04-16 18:35
Location: Kristiansand, Norway
Has thanked: 4 times
Been thanked: 2 times

Re: Howto: Cleaning /Wipping Hard Disk/Files

#9 Post by Hallvor »

I just smash old hard drives with a sledge hammer. :D
Lenovo ThinkPad T440S, Intel Core i7-4600U CPU @ 2.10GHz, 8 GB RAM, 256 GB SSD, Debian Bullseye (KDE)
Lenovo ThinkPad X240, Intel Core i5-4300U CPU @ 2.90GHz, 8 GB RAM, 120 GB SSD, Debian Bullseye (KDE)

User avatar
dasein
Posts: 7775
Joined: 2011-03-04 01:06
Location: Terra Incantationum

Re: Howto: Cleaning /Wipping Hard Disk/Files

#10 Post by dasein »

Hallvor wrote:I just smash old hard drives with a sledge hammer. :D
Ironically enough, zero-fill is much more secure, unless one shreds the platters into dust.

(Just sayin')

User avatar
cpoakes
Posts: 99
Joined: 2015-03-29 04:54

Re: Howto: Cleaning /Wipping Hard Disk/Files

#11 Post by cpoakes »

Most HD and SSD units of recent vintage come with an ATA secure erase feature to wipe the entire device. Secure erase is provided by hdparm:

Code: Select all

hdparm --security-erase NULL /dev/sdX
If not already obvious, you'll need root permissions. Substitute your password for "NULL" (if you have configured the drive with a hardware password) and your actual device for "/dev/sdX".

This is considered the most more secure form of erasure on SSD units as it also erases the unaddressable blocks used in over-provisioning that may still contain recoverable data. Some research (2011) indicates that some SSDs fail to erase data with the ATA command, but given the concerns of business users depending on such capabilities I trust the assurances of the reliable manufacturers since this time.

Furthermore, newer drives simply encrypt every block (the controller is faster than the memory) and change the key to make the data unusable. This explains why secure erase can appear instantaneous on some SSDs.

User avatar
pylkko
Posts: 1801
Joined: 2014-11-06 19:02

Re: Howto: Cleaning /Wipping Hard Disk/Files

#12 Post by pylkko »

It might require setting the ssd password. At least it did when I last did it. If the data is only encrypted, then it sound like that such a "secure erase" will render the data unusable for normal users but not governments.

User avatar
Head_on_a_Stick
Posts: 13450
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: Howto: Cleaning /Wipping Hard Disk/Files

#13 Post by Head_on_a_Stick »

This also works and does not pose the risk of a locked drive if an error is made during the password phase:

Code: Select all

# blkdiscard /dev/sdX
EDIT: SSDs only ofc :)
Black Lives Matter

Debian buster-backports ISO image: for new hardware support

User avatar
cpoakes
Posts: 99
Joined: 2015-03-29 04:54

Re: Howto: Cleaning /Wipping Hard Disk/Files

#14 Post by cpoakes »

pylkko wrote:It might require setting the ssd password. At least it did when I last did it. If the data is only encrypted, then it sound like that such a "secure erase" will render the data unusable for normal users but not governments.
Yes, I have dealt with one SSD that required me to set a password before it could be erased - kinda counterintuitive, and another that did not.

My Samsung drives use AES256 which I don't believe any government can crack... yet. And as with all encryption, it will be crackable *someday* - not before your credit card information expires, but possibly before the statute of limitations on capital crimes or your company's proprietary information loses all value.

User avatar
RU55EL
Posts: 539
Joined: 2014-04-07 03:42
Location: /home/russel

Re: Howto: Cleaning /Wipping Hard Disk/Files

#15 Post by RU55EL »

dasein wrote:
Hallvor wrote:I just smash old hard drives with a sledge hammer. :D
Ironically enough, zero-fill is much more secure, unless one shreds the platters into dust.

(Just sayin')
If I've got an old obsolete drive that I want unreadable, I write across the disk a couple times with DD, then use a sledge hammer.

The one time that I wanted the data erased without question, I disassembled the drive and slagged the platters with a oxy/acetylene torch.

A little off topic...

Hard drive platters are fun to shoot with a pellet gun!

User avatar
pylkko
Posts: 1801
Joined: 2014-11-06 19:02

Re: Howto: Cleaning /Wipping Hard Disk/Files

#16 Post by pylkko »

cpoakes wrote:
pylkko wrote:If the data is only encrypted, then it sound like that such a "secure erase" will render the data unusable for normal users but not governments.
My Samsung drives use AES256 which I don't believe any government can crack...
Fine. But don't you have any reservations about presuming that cracking the encryption is a requirement in this scenario?

User avatar
cpoakes
Posts: 99
Joined: 2015-03-29 04:54

Re: Howto: Cleaning /Wipping Hard Disk/Files

#17 Post by cpoakes »

^Point taken. But I'm concerned about new users when I resell/redistribute old drives, not government agencies using encryption/manufacturer backdoors to snoop on my used equipment. If my acivities generate government interest, I think they are more likely to get a warrant and sieze my equipment, or seize my equipment at a border crossing than wait for me to post it for sale on craigslist.

User avatar
pylkko
Posts: 1801
Joined: 2014-11-06 19:02

Re: Howto: Cleaning /Wipping Hard Disk/Files

#18 Post by pylkko »

the command that you posted varied slightly from the one I posted a few posts earlier in this thread and I was wondering why. I searched a bit and found nothing fully explanatory. But this:
If your drive supports enhanced erase, you may want to substitute security-erase-enhanced for security-erase. The difference, according to the HDDerase.exe FAQ:
Secure erase overwrites all user data areas with binary zeroes. Enhanced secure erase writes predetermined data patterns (set by the manufacturer) to all user data areas, including sectors that are no longer in use due to reallocation.

User avatar
bester69
Posts: 1900
Joined: 2015-04-02 13:15
Been thanked: 1 time

Re: Howto: Cleaning /Wipping Hard Disk/Files

#19 Post by bester69 »

pylkko wrote:Ok, so what about:

Code: Select all

hdparm --user-master u --security-erase-enhanced password /dev/device name
Will resetting the cells of an SSD leave anything that can be recovered?
hdparam, messed all my computer, i lost my table partiton and i couldnt recover my windows installation, i also lost a virtual XP installation :x ,
please, dont post dangerous linux virus. (hehe, i was sure there wasn't virus for linux, obviously i was pretty wrong :( )

At least, you should warn people about the dangerousing of this command line.. i think. :(

hopefully i could use testdisk and my skills to be able to recover my linux installation and other NTFS partitions, It wasn't easy at all, i had to apply some tricks of my own cos table partition become a really disaster. 8)
bester69 wrote:You wont change my mind when I know Im right, Im not an ...

User avatar
bester69
Posts: 1900
Joined: 2015-04-02 13:15
Been thanked: 1 time

Re: Howto: Cleaning /Wipping Hard Disk/Files

#20 Post by bester69 »

wizard10000 wrote:
bester69 wrote:At least, you should warn people about the dangerousing of this command line.. i think. :(
No disrespect, bester- but there's a really good reason you shouldn't run things as root unless you understand what impact it will have.

You're probably not gonna be able to recover data off that drive; a security erase is *designed* to make the data unrecoverable.

Measure twice, cut once :)
I used swap partition just in case to see what happend, and then it came into swappening, i got terrified and shut down inmediattly my computer, then it all was gone :shock:
bester69 wrote:You wont change my mind when I know Im right, Im not an ...

Post Reply