This all started out by the need for me to erase and wipe a few hard disk drives (HDD) in a computer I am giving to someone in my family… granted, they are not terribly likely to root around for my personal info, since they pretty much already know anything that is worth knowing about me to start with. In this case, I’ll probably just reformat and repartion and re-install the OS.
That said, and following a particularly contentious and topic-hopping thread over at Dan Riehl’s site, the subject of securely wiping a HDD came up, which lead me to want to thoroughly check out some other ways people have of wiping their HDDs.
Now for me, I’m perfectly content to put a few 30.06 rounds into a HDD I’m going to trash out, or maybe have a nice, fun workout smashing it up with a wood-splitting maul (being sure to wrap it in some newspaper or some old rags to keep stray parts from flying everywhere). For the really paranoid, it might also helps to take the shattered platters and pour some battery acid or some other nasty solvent to melt the surface of the platters, and then toss them into the ocean (or deep lake or river) or bury the remains where they won’t likely be found.
Otherwise, I’ve generally just re-formatted and re-partioned a HDD and used Active@ KillDisk a few times to thoroughly write over the data on it…
Which works perfectly fine for the average user to guard against some pimply-faced geek with a few hacker tools he downloaded from some grey-shaded websites.
Fine, that is, if you are reasonably confident that your HDD won’t turn up on the bench of some FBI field office, or the NSA… not that anyone has anything to hide from a just and upright government, yes? But even with overwriting a drive 30x-40x with random algorithms and multiple repartions and OS installations won’t keep the dedicated eyes of a corporate espionage operative/data pirate or a governmental intelligence agency with obscene amounts of time and taxpayer capital from getting a magnetically scanned image of your drive… which is the basis for the Defense Department’s (DoD) standard that requires HDDs marked for disposal to be degaussed (hit with a heart-stoppingly powerful magnetic field) and then ground to into powder.
Which is, of course… well beyond the ability of the average user.
But I did some digging around to see how other folks might handle their HDD-recycling issues, and the following article below deals with it pretty good too, and won’t cost a dime.
Note to reader: The following is a copy of a post made at All About Linux, entitled How to securely erase the hard disk before selling ones computer, dated 1 June 2006.
All credit goes to “Newsguy” at his blog, http://linuxhelp.blogspot.com/. All I’ve done here is re-post the contents of his post here for my personal convenience and ease of re-locating this most helpful info, and to strip out those annoying ContentLink ad boxes.
How to securely erase the hard disk before selling one’s computer
Newsguy at “All About Linux“, 1 June 2006
There are times when the news sites are abuzz with sensational news items. I am speaking of those news items which tempts one to pitch in and have his/her say come what may. And the news of someone who bought a laptop on ebay only to find it defective and how he took revenge on the seller by posting all the personal data on the hard disk on a website is by now a legend.
Now it is hard to decide who is in the right here - the person who published the private data on the website (for all you know, the laptop in question could have been damaged in transit) or the seller who is now the talk of the town, whose life is being dissected. There is no way to know. But that is besides the point. The truth is that it is scary to realize that it is next to impossible to delete all the data that one stores on ones storage media without completely destroying it. Because, with the right tools anybody can retrieve even deleted data.
So what can be done to alleviate the situation ? If you are using GNU/Linux or any other UNIX, then you have a tool called shred which can be used to wipe all the data from the hard disk. Here is how it works. Suppose I want to erase all the data on my hard disk, then I boot using a LiveCD like Knoppix and open a shell and type the following command:
shred -vfz -n 100 /dev/hda
Here /dev/hda is my whole hard disk. And I am asking shred to make (-n) 100 passes by overwriting the entire hard disk with (-z) zeros. And shred program (-f) forces the write by changing the permissions wherever necessary.
Another GPLed tool (though not specifically related to Linux) which is quite popular is Darik’s Boot and Nuke (DBAN) which also does a swell job of wiping ones hard disk.
It is claimed that experts in the field of retrieving data can still get some data from a hard disk that has been wiped in the above manner. But at least lesser mortals who buy second hand laptops and computers will find it beyond their means to lay their hands on the data.
(End of original article)
- Peter Gutman’s Secure Deletion of Data from Magnetic and Solid-State Memory. Mr. Gutman is considered to be something of an expert in data security.
- Darik’s Boot and Nuke (DBAN) - a GPL’d freeware utility that is at DoD 5220-22.M standard for data destruction, and also uses the Gutman wipe, among others. Works for Windows, Linux, and Mac/Intel.
- For Windows, simply run the executable. It will create a boot floppy or a bootable file on a USB thumbdrive. For a boot CD, download the .ISO file and burn it to a CD with your CD-burning software. Reboot your machine and follow the prompts.
- For Linux and Mac/Intel, download the .ISO file and use either the cdrecord dban-1.0.7_i386.iso from a terminal command line (Linux) or use your OS’s native cd burning software (Linux and Mac) to burn the ISO to a usable CD.
- For Mac/PPC, you are pretty much out of luck… (update) Get the LiveCD image (.iso) PPC version of Feisty Fawn 7.04 here, and install it accordingly.
Linux distribution links:
Any Linux distro with a LiveCD can be used to get a shell command line from which to launch DBAN, do a shred or a wipe, or play around with Linux in general without touching your existing settings (notwithstanding the previously mentioned drive nuking programs).
I like Ubuntu, so I’ll plug for them a bit here.
Ubuntu is a Debian-based Linux distro, with a very good self-support community, and commercial support by Canonical, Ltd. Supports x86, SPARC,64-bit (Alpha) and very limited legacy support for PPC on Ubuntu distros released prior to 2007.
PPC is something of a dying breed with Apple firmly embracing the Intel chip in its current and upcoming generations of Macs, therefore, wide-spread support for it is on the wane as well. With the release of Ubuntu “Feisty Fawn” (7.04), the PPC architecture is not supported.
Update: One of the kind commenters in this thread kindly provided a link to Feisty Fawn 7.04 for PPC. There is PPC support, but it is not in the main distribution stream for Ubuntu - that is, Canonical is not making it available on most of the Ubuntu download mirrors.
Therefore, get the current version at any Ubuntu mirror - unless you know you have an older Apple (G3,G4,G5, iBooks, iMacs, and PowerBooks - pretty much any Mac before 2005) in which case you may want to to check out this page for Feisty Fawn (and likely, the upcoming Gutsy Gibbon 7.10 in October).
Otherwise, the main mirrors only offer either “Dapper Drake” (6.06 LTS) or “Edgy Eft” (6.10) versions. If you have no intention of installing it as your desktop OS, you can download the “Server” version, which is a slimmed down version of the LiveCD without the pretty windowed interface, and downloads in about half to two-thirds the time of the “Desktop” version. If all you are doing is trying to get a Linux command shell from which to run the shred or wipe commands on a PPC, then you need not do more.
In summation for Ubuntu:
- Feisty Fawn (7.04) Supports Mac/PPC, although some community-based legwork may be needed to address particular issues. Community-based support is available as always, at the Ubuntu Forums, and PPC users may find some solace (and help) here.
Otherwise great choice for x86, SPARC, Alpha, and most 64-bit machines.
Get it at: On the main Ubuntu site. It is already (should be) preselected in the form.
PPC Feisty is available at the mirrors listed here.
- Dapper Drake (6.06 LTS, supported until June 2009) supports Mac/PPC.
Get it (for PPC users) :
Go to the Ubuntu FTP mirror list… pick a mirror, and then choose a the Desktop PPC option, which should begin downloading a file that looks something like this: ubuntu-6.06.1-desktop-powerpc.iso
For those living in the Mid-Atlantic region of the USA, here’s a link to FTP server at Columbia University to directly download the PPC version of Dapper Drake. Note that this is the Desktop version of the ISO (just incase you want to test-drive Ubuntu on your PPC).
- Edgy Eft (6.10, supported until April 2008) also supports Mac/PPC. Follow the same path as for Dapper Drake, but select the PPC-specific ISO for Edgy Eft. Not much difference between the two, really… and Dapper Drake is supported for a longer time, should you wish to use it as your OS later on.