How to securely erase the hard disk before selling ones computer

June 01, 2006
There are times when the news sites are abuzz with sensational news items. I am speaking of those news items which tempts one to pitch in and have his/her say come what may. And the news of someone who bought a laptop on Ebay only to find it defective and how he took revenge on the seller by posting all the personal data on the hard disk on a website is by now a legend.

Now it is hard to decide who is in the right here - the person who published the private data on the website (for all you know, the laptop in question could have been damaged in transit) or the seller who is now the talk of the town, whose life is being dissected. There is no way to know. But that is besides the point. The truth is that it is scary to realize that it is next to impossible to delete all the data that one stores on ones storage media without completely destroying it. Because, with the right tools anybody can retrieve even deleted data.

So what can be done to alleviate the situation ? If you are using GNU/Linux or any other UNIX, then you have a tool called shred which can be used to wipe all the data from the hard disk. Here is how it works. Suppose I want to erase all the data on my hard disk, then I boot using a LiveCD like Knoppix and open a shell and type the following command:

# shred -vfz -n 100 /dev/sda

Here /dev/sda is my whole hard disk. And I am asking shred to make -n 100 passes by overwriting the entire hard disk with -z zeros. And shred program -f forces the write by changing the permissions wherever necessary.

Another GPLed tool (though not specifically related to Linux) which is quite popular is Darik's Boot and Nuke (DBAN) which also does a great job of securly erasing the data on your hard disk.

Experts in the field of retrieving data can still get some data from a hard disk that has been wiped in the above manner. But at least ordinary folks who buy second hand laptops and computers will find it beyond their means to lay their hands on your data if you have wiped your hard disk this way prior to selling your PC or laptop.

20 comments:

  • How is it possible for experts to retrieve data once the entire disk has been rewritten with zeros?

  • In fact, DBAN is a Linux boot disc. I doubt that any normal recovery tool will be able to find a scrap of anything on a hard drive that's been thoroughly DBAN'ed. If you're that paranoid, you should physically shred the drive into little bits (there are machines which do this) and just to be sure, melt the bits in a furnace.

  • But it's said that shred doesn't work on Reiser partitions.

  • I've used DBAN before because of the official-sounding methods of deletion, that are also mentioned in the policy documents for American, Canadian and other governments. It overwrites the data with random numbers, which is more likely to obfuscate data from the Men In Black (or Boys On Ebay, depending on what you're afraid of).

    Overwriting the data with zeros, or any other homogenous data, sounds too easy. Still, if that's satisfactory to you, or you're only interested in speed, DBAN has a setting for only zeros, and Debian (including the Ubuntu and Knoppix Live CDs) have a 'wipe' command you can use on /dev/hda or /dev/sda.

    - Moses.

  • Yes all this is true but how much time does it take to write zeros or gibberish data on the hard disk of 100 GB size ? A whole day I guess.

    The best bet is not to store any identifiable data on the harddisk which somebody might link to you.

  • @anonymous 12:58 AM
    Recently there was a news of a japanese acoustics expert having constructed Mona Lisa's voice by analysing her portrait by leonardo da vinci. If they could do that then they could pretty well get anything they want from a hard disk with the aid of specialised tools.

  • Quote: But it's said that shred doesn't work on Reiser partitions.

    So, format the disk ext2 and then use it! You are getting rid of the drive what does it matter what filesystem type is on it?

  • How is it possible for experts to retrieve data once the entire disk has been rewritten with zeros?

    Not through an OS, nor even, as I understand, via the standard read/write heads. Instead, very careful inspection of the magnetic surface is capable of retrieving "signatures" of the previous data. That is, a 0-bit overwritten with a 1 is magnetically slightly different from a 1 overwritten with a 1.

    There is also the possibility of very slight physical misalignments between successive writes, again creating zones much smaller than a regular 1 or 0 domain where the old data may live on.

    Google for SQUID (Super Cooled Quantum Interference Device) to learn more.

  • @speckest: Without being able to compare the reconstructed voice to the real Mona Lisa voice, the reconstruction is speculation, at best.

  • @Deus Lemmus: hard drives will not degrade after 20 passes. Hard drives are written to all of the time. Parts of your drive may be written to and read from hundreds of thousands of times.

    Also, block size doesn't matter if you are wipping the whole drive. Since you are destroying the filesystem there's no concept of a filesystem block on the bare drive.

  • Khyron

    For anyone interesting the topic, the seminal paper from Peter Gutmann on this topic is here.

  • One pass of all zeroes is sufficient to prevent any data recovery just using the drive. If you've written a zero to a sector, then the drive will return a zero when that sector is read.

    Yes, it's possible to get data back by disassembling a drive and using exotic techniques (magnetic force microscopy) on it. The person buying your old hd is unlikely to have this equipment in his basement.

    Unless you expect national intelligence agencies to be after your old hd, one pass of zeroes will suffice.

  • Should be noted that the '-z' flag does overwrite data with zeros on each pass, as suggested (ead the man page for specifics). Shred uses (I believe) DoD rainbow-book data wiping standards, and defaults to 25 passes. The DoD standard has a particular pattern of overwriting (like 000... then 111..., and then 0101... followed by 1010..., then 0011... followed by 1100... etc etc etc).

    The '-z' just fills the drive with zeros on (or after, I forget) the last pass to hide the fact that the drive was shred'd.

    In the above case, shred'ing the whole /dev/hda, you would have to be root anyway so you don't need the '-f' flag to force permissions.

    Enjoy!

  • @deus lemmus

    Using urandom is a bad idea, as it is not random, at all, merely pseudorandom, and a fairly poor pseudorandom, at that. That is by design, actually, to make it fast. It is better to use shred, or dd over the disk with /dev/random and just wait the extra two or three times longer duration.

    If you have a fast source of truly random bits, use that instead. One good trick for generating very good non-random-but-nearly-random bits is to use /dev/random's entropy to seed a fast symmetric stream cipher (my favorite is blowfish), and redirect it's output to the application that needs it.

    That's not a beginners technique, but it's easy to set up with a two or three line shell script and some creative pipes.

  • chiron613

    Although it is theoretically possible to retrieve data from a wiped disk, you need to ask whether anyone has the means and the inclination to make the effort. If you have been storing State secrets on your hard drive, then naturally it is possible that another government may want to get hold of them, and will spend endless time and money to do it. However, most of us don't have anything all that interesting.

    If you're that concerned about your information falling into the wrong hands, why re-use the disk anyway? Disks are relatively inexpensive. Used disks probably won't get you much money. If your data is that sensitive, why not simply destroy the disk - shred and burn it? That's about as secure as you can get, really.

  • What about usb flash disks? or storage devices that don't use same things as hard disks? is shredding it is more effective than shredding hard disks? how is data saved on these devices anyway?

  • For Zeroing an HDD. Down load and save the FREE "Killdisk" program. From that you can burn CD's or floppy disks to be used to wipe all data from any HDD.... I am using one now, wiping out a distro on a fourty gig Hdd to be used with another distro.

  • # shred -vfz -n 100 /dev/hda

    This command only write zero in the final pass. The first 99 passes are written with random data.

    100 passes may significantly shorten the life of you harddisk, if not break it during the process. You drive temperature may rise to 50+ Celsius, where the thermal stress may cause physical damage to the harddisk hardware.

  • dudes really, why doesn't anyone simply read the fucking manual?

    -z means: do one pass of all zero's after the final pass.

    The default is 25 passes of non-zero data, so with the -z option added you get 26 passes, the final pass being the one with zero's.
    This pass is not at all meant to help the shredding process, but actually hides the fact that you used shred in the first place.

    -f means: fix the permissions on this *file* if it would otherwise prevent shred from overwriting it. This is ofcourse irrelevant in the context above, since you're shredding a disk here and not one specific file.

    -n 100 means: Do 100 passes instead of the default 25. This is really a nonsense option for most uses, because 25 passes will suffice for all mere mortals.

    This is all in the manpage, please read it before you start typing bullshit.

    And about disks overheating... please. If you don't know what you're talking about, then please keep your mouth shut.

    No, your drive will not overheat. No, your drive will not be damaged. In fact recent research by Google Labs indicates that heavy usage of a drive has only a very minor affect on the life-span.
    Please understand that "heavy use" means: continuous random I/O 24/7/365 for 4 consecutive years. A simple 100 pass linear write doesn't quite count as "heavy use".

  • This:

    dd if=/dev/zero of=/dev/hda

    Has always worked for me.