securely wiping drives

Eric Oyen eric.oyen at gmail.com
Tue Dec 16 01:56:07 MST 2014 

well,
those sound like excellent ways to erase a drive. I still find DD to be useful. I can write all zeros to the drive, or any other pattern (including the random one from /dev/urandom). THese do take a while, but in the end, your drive is wiped enough that even the NSA might not consider it worth the effort to recover.

-eric

On Dec 15, 2014, at 10:12 PM, der.hans wrote:

> moin moin,
> 
> the dban threads have a few good pieces of advice, so I thought I'd throw
> them together. I'll also add what I can remember from last month's
> discussion on electronics donations since we covered drive wipes there as
> well.
> 
> @ spinning disks:
> 
> use wipe or shred
> 
> Todd gave the following command line, be sure to specify the correct disk:
> 
> $~ shred -zn10 /dev/sda
> 
> As Stephen found out the hard way, dban wipes all drives it can find
> including the boot drive.
> 
> During the discussion at the meetings encryption came up, someone
> suggested a couple of rounds of random data, encrypting the entire drive,
> filling the entire encrypted filesystem, then running wipe or shred to
> erase the drive. Note that this procedure will take a long time.
> 
> @ solid state devices
> 
> Todd pointed out the following commands:
> 
> $~ hdparm --user-master u --security-set-pass PasSWorD /dev/sda  #sets
> up security on the drive
> 
> $~ hdparm --user-master u --security-erase PasSWorD /dev/sda # the point of no return delete everything on your SSD drive command
> 
> The man page says you can use "the special password  NULL  to  represent
> an  empty password". After the erase with a password set is the password
> still set?
> 
> Do we actually need to do the security-erase for spinning disks as well?
> All modern drives lie about their size and hide blocks in order to be able
> to replace bad blocks rather than failing if a block here or there goes
> bad.
> 
> ciao,
> 
> der.hans
> -- 
> #  http://www.LuftHans.com/        http://www.PhxLinux.org/
> #  "The only thing that interferes with my learning is my education."
> #   -- Albert Einstein
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss

More information about the PLUG-discuss mailing list