2

I need to wipe completely the data on my hard disk so it's unrecoverable.

I'm actually using Linux, i have seen this command on the web, but I don't know if its secure.

shred -zvn 35 /dev/sdb

Mike
  • 103
  • 1
  • 6
Pedro
  • 21
  • 2

2 Answers2

4

Be careful with the word "unrecoverable".

It depends what level of "unrecoverable" you are going for. If you want to stop a casual computer user from reading your data from a live-boot OS, then things like shred, dd, dban will do the trick.

If, however, you are worried about someone flashing the firmware of your drive, or removing the platters and putting them into a specialized data recovery machine, then software alone will not cut it. The only 100% reliable way to "make data in hard disk unrecoverable" is this: Shredded Hard Drives

The main reasons for this is are 1) because of disk firmware declaring a bad sector and leaving data on the disk, flagged as inaccessible. I have heard rumours that malicious HDD firmware has been know to search for sensitive-looking data on disk, and flag it as "corrupt" for future recovery by an analyst. And 2) wear leveling on SSD / flash memory drives, where the disk firmware will spread writes around the physical disk in order to prolong the lifetime of each individual sector. I have heard rumours that SSD drives ship with between 25% and 100% extra hidden space (depending on how expensive the drive was) for use by the bad sector / wear leveling algorithms. Both of these hard drive "features" mean that even if the operating system believes it has overwritten 100% of the drive volume, there may be extra copies of your data lurking in hidden areas.

For these reasons, software by itself it not enough to ensure proper erasure, you need some hardware support. Some newer (S)ATA drives provide a Secure Erase command which will reset all sectors (from Wikipedia):

"Secure erase" is a utility built into modern ATA hard drives that overwrites all data on a disk, including remapped (error) sectors.

If your hard drive supports this, and the software you use takes advantage of it, then this is probably reasonably good. However, it's not clear that all disk manufacturers implement this / implement this properly (esp. on SSD's which cut corners to prolong life).

Bottom Line:

On traditional magnetic drives, secure erasure software will probably erase your data properly, but without doing some research into your specific hard drive model, you can't be 100% sure. With SSD / flash / hybrid drives things are even less reliable due to their use of wear leveling. If you want to be properly tin-foil-hatty, then you should distrust any drive - unless you installed the firmware yourself - and either physically shred it. Additionally, using full disk encryption adds another layer of protection, but needs to be enabled from the start.

Related Security.SE Questions:

Secure cleaning of deleted files

How can I reliably erase all information on a hard drive?

Safely remove original file after encryption

Community
  • 1
Mike Ounsworth
  • 57,707
  • 21
  • 150
  • 207
  • -1: Spinning-disk hard drives don't do wear leveling. There's no wear to level, and spreading the data around would greatly reduce access speeds. – Mark Jun 06 '15 at 01:43
  • @Mark Thanks. I updated my answer to be more careful about implications and assumptions. – Mike Ounsworth Jun 06 '15 at 15:10
  • 1
    Well, a "casual user" should be defeated by `rm -rf` on the mounted volume. The adversary for `shred` or similar is a hacker or information security analyst with standard tools. And even for a state-level adversary that previously modified the firmware to never overwrite "interesting" data, or with special equipment in a lab, it's probably sufficient to smash the chips and break the symmetry of the platters (drill one hole, or bang once with a hammer) so that they can't be spun safely at their design speed any more. The other nice think about `shred` is you can put innocent data on afterward. – david Jun 06 '15 at 15:47
1

Use dban if you are using a regular harddisk (e.g. non SSD), it can be found at http://www.dban.org/ and should make it unrecoverable.

DBAN is free erasure software designed for the home user. It automatically deletes the contents of any hard disk that it can detect. This method can help prevent identity theft before recycling a computer.

Jeroen
  • 5,783
  • 2
  • 18
  • 26
  • So its not possible to recover the data on the hard disk? – Pedro Jun 05 '15 at 17:15
  • Haven't used DBAN itself, but it's been recommended to me. Looking at the documentation, it sounds like it's basically a custom Linux (or maybe BSD) distribution that boots and runs the above command, with minimal ncurses UI for selecting the target device and showing progress. – david Jun 05 '15 at 17:49
  • No it's not, DBAN is military grade. Of course it also depends on the amount of times a sector gets overwritten. It's recommended to use 7 passes (DoD 5220.22-M) to securely delete your data. – Jeroen Jun 05 '15 at 17:50
  • 1
    @Jeroen-ITNerdbox Note that the idea of overwriting data more than once doesn't add anything on modern drives. In 2006 NIST published a document saying "once is enough" ([wikipedia](https://en.wikipedia.org/wiki/Data_erasure#Number_of_overwrites_needed)). So all of the [government and military standards (wikipedia)](https://en.wikipedia.org/wiki/Data_erasure#Standards) are wildly out of date. – Mike Ounsworth Jun 05 '15 at 20:04
  • @MikeOunsworth: Thanks for the heads up! I thought it only applied to SSD disks. Good to know! – Jeroen Jun 06 '15 at 06:21