« Don't hammer your hard drive! | Main | Hidden Linux : More secure deletion tools »

In my last blog I covered a dubious report that suggested the only way to prevent secondhand purchasers from recovering deleted data from hard disks was to physically smash them to pieces. That of course is bunkum. So what are the open source alternatives?

The simplest whole-disk solution is DBAN -- Darik's Boot and Nuke -- "a self-contained boot disk that securely wipes the hard disks of most computers." Download and run it from CD, DVD, floppy disk or USB stick and DBAN will nuke the contents of any hard disk it can detect.

DBAN is partially funded by GEEP International who claim to be "the most efficient, and the most environmentally conscientious consumer electronics recycling company in North America." There's even an enterprise version called EBAN -- Enterprise Boot an Nuke -- that comes with technical training, certification and support.


Linux Level Tools

shred is a simple command-line tool that comes ready installed on most distributions. It overwrites the specified file(s) with random junk -- 25 times by default. It does however come with a couple of caveats. (The man shred command will give you the full details.) Essentially it assumes that the file system overwrites data in place. That's the usual way of doing things, but Linux has a wide variety of possible file systems and they don't all work the same way! But shred works just fine with the default ext3 file system used on most distributions.

Here's how to use it:

shred secrets.txt
Will shred the contents of secrets.txt but it leaves the file in place! While this is a good way of checking what shred does, you probably really want to ...


shred -u secrets.txt
... remove the file after you've shredded it. For extra security you can ...


shred -u -n 100 secrets.txt
... tell it to overwrite the file 100 times instead of the default 25, and even ...


shred -u -n 100 -z secrets.txt
... overwrite the file with zeros on its last pass. This disguises the fact that there was ever any file there at all!

Linux also has a suite of more sophisticated tools, but I'll look at those next time.


<--Previous Hidden Linux      Next Hidden Linux -->

Posted by Geoff Palmer on January 16, 2009 8:38 AM |

Comments

stumbled upon this.

So, I've never had a need for this, but, a much better way to delete your data off a drive would be to use the following command:

dd if=/dev/zero of=/path/to/drive

This will overwrite the entire drive with zeros. Substituting /dev/zero with /dev/random will (surprisingly) not result in a more secure deletion, because the data can be recovered if the algorithm used in /dev/random is known (which I assume it is, because it's used pretty much everywhere).
This assumes that the drive is not the one being used in the computer, otherwise, disable journaling in the drive, then just shred, or rm the files you want deleted

Posted by: Younata | July 3, 2009 12:53 AM

Izkata: But isn't ext3 journaled?

Posted by: Mike | May 22, 2009 4:12 PM

Be forewarned that 'shred' and the variants don't work on journaled filesystems.

Posted by: Izkata | April 19, 2009 3:38 PM

srm is an alternative. shred does not do directories. srm (secure remove I think) is probably as good an option and it does directories recursively

Posted by: nigel harrison | January 20, 2009 8:02 AM

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)