How should I securely wipe data from a hard drive?

Question

How do you recommend destroying sensitive information on a hard drive? I've used DBAN in the past, is that good enough?

Have a look at this similar question. http://serverfault.com/questions/5024/wipedrive-utility — stukelly, May 12 '09 at 07:01

TorgoGuy · Accepted Answer · 2009-04-30T15:21:47.067

23

DBAN is just fine. Here's the dirty little secret--any program that overwrites every byte of the drive will have wiped everything permanently. You don't need to do multiple passes with different write patterns, etc.

Don't believe me? See the standing challenge to prove that a drive overwritten with 0s once can be recovered. Nobody seems willing to take up the challenge. http://16systems.com/zero.php

edited Apr 30 '09 at 15:21

answered Apr 30 '09 at 15:07

TorgoGuy

1,028
1
7
13

13

Or the $500 grand prize is a rounding error compared to the many thousands of dollars required to analyze and recover a drive. – Grant Apr 30 '09 at 15:12
2

While true, if I were a 3LO, I wouldn't go around winning contests like that. – Tom Ritter Apr 30 '09 at 15:13
That's a fair point, but there is notoriety to be gained by answering this challenge. That aside, let's widen the scope. Point me to any source that shows overwritten data that has been recovered. – TorgoGuy Apr 30 '09 at 15:15
1

Also, vendors of secure erase programs have financial incentive to try and point out where something like a simple, low level format isn't good enough. – TorgoGuy Apr 30 '09 at 15:20
Uhhh, the technology to do this has been demonstrated publicly. $500 is not a prize worth mentioning in this realm. More to the point, I doubt anyone has ever heard of this prize. – Wedge Apr 30 '09 at 19:09
I recently read a quote which said something like this: If you can recover one bit with a probability of 90% you get 43% for one byte, 0,02% for 10 byte, etc. – Martin Apr 30 '09 at 19:14
2

Wedge--If it has been demonstrated, please provide a link. I'm happy to delete my answer if shown that I'm wrong, so please show me the evidence. – TorgoGuy Apr 30 '09 at 20:59
Martin--sure if you can recover a bit with 90% probability then the math works out to getting a complete particular byte with 43% probability (.9^8). However, why would you assume you can recover a bit with 90% probability? – TorgoGuy Apr 30 '09 at 21:02
5

This link reports on an attempt to recover data using an electron microscope after a single pass - no data was recovered. http://sansforensics.wordpress.com/2009/01/15/overwriting-hard-drive-data/ – Hamish Downer May 01 '09 at 14:05
1

Grant (and others) are right. It's financially unprofitable to win that challenge. More importantly, it can only tip people off that you have the capability. – Matthew Flaschen May 12 '09 at 07:34
Matthew--I responded to Grant in the comments and I think the response to him and other still stands. To your new point: As a data recovery company, it is in your interest to advertise you can recover data that others cannot. Maybe clandestine government operations wouldn't want to advertise such a capability, but to assume they have it without evidence is just speculation. It's no better than my (pretend) speculation that the government can suck all of your secrets from your brain wirelessly every time you walk by a federal building using their secret brain sucking ray. – TorgoGuy May 12 '09 at 18:43
1

As I mentioned before, I'm not interested in leading people astray with false information, so if I'm shown to be incorrect by some good evidence, I'm *very willing* to change or delete my answer as appropriate. I *like* being educated about where my knowledge is lacking. – TorgoGuy May 12 '09 at 18:47
1

A challenge posted on some really obscure web site may as well not exist. – John Gardeniers Feb 25 '11 at 08:29
@HamishDowner, Sans forensics is down, is the information elsewhere (https://digital-forensics.sans.org/blog/2009/01/15/overwriting-hard-drive-data/)? – Leandro May 14 '18 at 14:12

Hamish Downer · Answer 2 · 2010-06-30T13:26:47.953

Anything that does a single overwrite of a hard drive is fine, including DBAN.

Some people say you have to do multiple overwrites with random data and specific patterns. This may have been true in the days of floppy disk drives (remember them?) where the area of magnetic media per byte was big enough to not get completely overwritten, but modern hard drives are much too densely packed with data for this to happen. But don't take my word for it - read this article about trying to recover overwritten data using an electron microscope.

Other options include the wipe utility, or a simple

# dd if=/dev/zero of=/dev/sda

These methods all work fine for overwriting entire hard drives or partitions. However be aware that overwriting single files can lead to some data being left elsewhere on the hard drive, particularly with journaling file systems such as ext3 and NTFS. They write bits of data to disk outside the file, so small amounts of data can escape the current file being overwritten. Also, if the partition has been defragmented since the file was first written then the original file may still exist on the hard drive.

Chris Ballance · Answer 3 · 2009-04-30T15:10:06.673

7

I have used PGP 8.0's wipe tool with success.

Don't ever physically destroy the hardware before wiping the data with software, forensics can retrieve parts of a destroyed hard drive.

edited Apr 30 '09 at 15:10

answered Apr 30 '09 at 15:03

Chris Ballance

304
1
7
20

score 3 · Answer 4 · answered Apr 30 '09 at 15:00

3

physically destroy the platters - it's the only way to be sure ;-)

answered Apr 30 '09 at 15:00

geocoin

199
1
8

3

Not necessarily. "Serious forensic efforts can throw a lot of resources toward piecing your drive together" http://lifehacker.com/5153684/properly-erase-your-physical-media – Cristián Romo Apr 30 '09 at 15:07
not if you distribute the pieces globally ;-) other than that - WOW... – geocoin Apr 30 '09 at 15:13
2

Nuke it from orbit (with thermite). – Wedge Apr 30 '09 at 19:09
2

Just don't thermite the drive if you are on the second floor of a building. Otherwise the people below you might be either unhappy or dead. It's way safer to just open the drive, sneeze on the platters, then toss it into a street corner garbage receptacle. – Grant May 01 '09 at 00:48
2

Just label the platters "Contaminated with Swine Flu" and toss them in the regular trash. – Chris Ballance May 04 '09 at 17:51
Or label, "4096 Free Hours! AOL 9.0" – gbarry May 12 '09 at 06:05

score 2 · Answer 5 · answered Apr 30 '09 at 15:52

2

Yes, DBAN even at it's lowest setting is way more than enough.

http://www.dban.org/

answered Apr 30 '09 at 15:52

cpuguru

411
5
14

score 2 · Answer 6 · answered Feb 25 '11 at 04:06

I always use DBAN and then use a beltsander to the platters. Paranoid sure but i know that not even the NSA/MIT/CALTECH and all the computer geeks in Russia/China combined could recover the data! If your paraniod and want to ensure your data is never EVER EVER recovered even if aliens get ahold of it then DBAN/Beltsander it :o)

score 2 · Answer 7 · answered Apr 30 '09 at 14:59

2

It depends on how sensitive your data is. If you arn't the CIA or NSA, then DBAN is fine.

answered Apr 30 '09 at 14:59

Grant

321
4
10

Even if you are the CIA, DBAN is fine - see link in my answer – Hamish Downer May 01 '09 at 14:03

score 2 · Answer 8 · answered Apr 30 '09 at 15:06

2

I use a hammer or sledge.

answered Apr 30 '09 at 15:06

JPrescottSanders

519
2
5
12

score 1 · Answer 9 · answered May 07 '09 at 02:28

You should use the procedure set down in your organization's security policy.

When it comes to security, technical advice (such as you receive here) is only half the question. You also have to be able to justify your actions to an auditor. And auditors aren't so concerned with the results of your actions, but that you followed the appropriate procedures as set down in the appropriate policy. The auditor's job it make sure that some cowboy (or cowgirl) doesn't just go around doing whatever they think is right, without oversight or justification.

Of course, your organization's security policy comes from somewhere; when you're wondering what is an appropriate method to securely wipe sensitive data to put into your security policy, you'll find a number of suggestions in the other responses to this question. :-)

score 1 · Answer 10 · answered May 12 '09 at 04:16

1

DBAN works great. However, one of the challenges that I run into in how to securely erase a hard drive that has failed, but is part of a RAID set.

I normally have to return the hard drive back to Dell, and they would not take kindly to receiving a drive with a hole drilled in it. Furthermore, it's hard to run DBAN on just a single drive within a RAID set prior to removing the drive from service. Assuming that the drive is still functional.

How do others handle this situation?

answered May 12 '09 at 04:16

Richard West

2,968
12
42
49

Pay the few extra bucks to Dell to allow you to keep failed hard drives. Then the disposal is up to you, and you can drill them to your heart's content. – Christopher Cashell May 14 '09 at 15:20

score 0 · Answer 11 · answered Apr 30 '09 at 18:39

0

i take a drill with a 3/8" bit and drill 4 holes through the drive ... making sure to hit the platters. steve gibson of http://www.grc.com gave the advice of drilling holes in the drive on one of his podcasts a while back.

-don

answered Apr 30 '09 at 18:39

Don Dickinson

384
3
8

3

... after overwriting with zeros, otherwise there's huge areas of data still left on there ... if you're that paranoid. – Jim T May 07 '09 at 07:55

score 0 · Answer 12 · answered Apr 30 '09 at 18:55

Use something like DBAN. Then physically destroy the drive by smashing it into little pieces with a sledgehammer. The US Marine Corps back in the late 80s/early 90s came up with this solution while my father was still in. You may throw in a more modern technique of degaussing your HD before the physical destruction step.

score 0 · Answer 13 · answered Jun 30 '10 at 13:37

Some work has been done on using scanning electron microscopes to detect residual magnetic flux on hard drives. The origin of the 'seven passes with random data' notion is that this would make the flux lost in the noise from the overwritten random patterns.

In theory the SEM methods work but they are very slow - if you're really keen to destroy the data on a disk wipe it with any disk erase utility first and then physically destroy the drive. If you're feeling really keen take the drive apart, remove the platters and run them over a bulk eraser.

score 0 · Answer 14 · answered Jun 06 '09 at 00:47

Secure against whom? The US government requires -destruction- of the data. You can choose between sandblasting the platters or heating them past the Curie point in a kiln. (Most people heat past melting to demonstrate due diligence).

Otherwise, overwriting with /dev/zero will stop any attacker who does not have tremendous resources. The "DOD erase" of multiple iterations overwriting with differing data is silly.

score 0 · Answer 15 · answered May 06 '09 at 23:19

I have seen a talk from a professor who teaches forensics where one assignment is for his students to recover data from drives that have been "destroyed" by smashing, drilling, or magnetic erasing. He said the only sure way to destroy data is to use a belt grinder to turn the platters into metal shavings.

score 0 · Answer 16 · answered May 12 '09 at 03:33

0

I can't believe no one has recommended sdelete.exe from sysinternals. Is it really not that good at clearing out certain bits of the drives or something?

answered May 12 '09 at 03:33

Goyuix

3,164
5
28
37

sdelete appears to be effective at securely removing files, etc, but not securely wiping an entire hard disk. – Mike May 12 '09 at 12:49
1

If your format the drive, then use the -z option (cleanse free space) - it should wipe the free space, which is basically the entire drive. Granted, this is limited to the newly created partition so there might be a tiny bit of data at the beginning and end of the drive that gets missed - but chances are that data wasn't present/meaningful in those areas either. – Goyuix May 12 '09 at 16:04

score 0 · Answer 17 · edited Apr 13 '17 at 12:14

0

Have a look at this similar question, where I posted the following answer.

Here is a list of options for Windows, Mac and Unix.

edited Apr 13 '17 at 12:14

Community

1

answered May 12 '09 at 07:00

stukelly

1,015
13
18

nedm · Answer 18 · 2009-05-12T07:47:30.720

0

Heidi.ie's Eraser is the best windows tool I've used for this with respect to a hard drive that's still in use. You can wipe an individual file, an entire drive, the empty space on a drive, or securely move a file or directory. It provides a variety of overwrite/paranoia levels and integrates seamlessly into the windows right-click context menu.

edited May 12 '09 at 07:47

answered May 12 '09 at 07:41

nedm

5,610
5
30
52

score 0 · Answer 19 · answered May 12 '09 at 12:41

For a good free solution, use the 'shred' command from Knoppix . It allows you to run the command from a computer that you are discarding without needing to remove the drive first.

Boot the knoppix CD.

sudo shred -n 2 -z -v /dev/hda1

Where n is the number of randomized overwrite passes.

I also have a USB to IDE/SATA adapter that lets me hang the drive as external off the PC for cases where I want to erase a drive removed from service. Disconnect the internal PC drive for safety.

How should I securely wipe data from a hard drive?

19 Answers19

Linked