Find the answer to your Linux question:
Page 2 of 3 FirstFirst 1 2 3 LastLast
Results 11 to 20 of 28
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #11
    Linux Enthusiast Mudgen's Avatar
    Join Date
    Feb 2007

    The lazy man's way out is to boot most any live cd linux environment, drop to a command prompt, and do "dd if=/dev/zero of=/dev/sda". I generally use bs=32M.

    This isn't milspec compliant, but unless you're harboring secrets that make it worth someone's while to disassemble your hard drive and do some very detailed and expensive surface analysis of the platters, it's good enough. And much faster than a multi-pass write with random data.

  2. #12
    Quote Originally Posted by reginaldperrin View Post
    I agree with steven_g (mostly) and oz, in that it's a good idea to run a bootable deletion program from cd. Just make sure that the computer is set to boot from cd/dvd drive (settings in the BIOS), and then run the deletion program.
    A very easy to use one is Darik's Boot And Nuke (DBAN for short).
    Just download the .iso, burn it to cd, just as you would a Linux Live cd install disk, put it in the drive and reboot.
    Even multiple reformatting of a drive doesn't delete the data in the drive, it just resets the indexing at the front (more or less). And even if old data is overwritten by the OS during normal operation, the new data isn't likely to be exactly the same size as the old. Therefore, there will be parts of the old data at the ends of some sectors which is not overwritten. This is definitely recoverable, and the data can be read or examined, even though it is not complete. This is partly how forensic investigators determine what was on a drive.

    Hope this helps
    So basically, I should just remove the hard drive? That sounds a lot easier

  3. #13
    Linux Newbie reginaldperrin's Avatar
    Join Date
    Oct 2010
    Christchurch, New Zealand
    No, not necessary. Just make sure that you don't inadvertantly leave easily discoverable material on the old drive.
    If you choose to use DBAN (and it's REALLY easy), then you'll be able to reinstall any OS after that, knowing that, for all intents and purposes, data-wise, it's just like an unused drive.
    If you do choose to remove the drive, intending to fit a new one, and to destroy the old, then make the old drive properly unusable before disposal. This is easiest by either drilling through the casing and into the platters, or by judicious application of a hammer. Just be aware that casings are made to be tough, so you will need a big hammer!

  4. $spacer_open
  5. #14
    Administrator jayd512's Avatar
    Join Date
    Feb 2008
    I guess I was over-thinking the issue...
    Remove the dive, slap a fresh one in there. That's a sure way to avoid data recovery.
    Aside from that, oz gave a better description of what I was wanting to say.
    Using a tool like Parted Magic will do more to ensure file security.

    New users, read this first.
    New Member FAQ
    Registered Linux User #463940
    I do not respond to private messages asking for Linux help. Please keep it on the public boards.

  6. #15
    Linux Enthusiast Steven_G's Avatar
    Join Date
    Jun 2012
    Western US
    Quote Originally Posted by jayd512 View Post
    Using a tool like Parted Magic will do more to ensure file security.
    I'd say I'd have to disagree with that one. If you want to get ultimately paranoid then you can't get any better than magentically resurfacing the disk with any of the wipe programs that use the Gutterman protocol (many have the option).

    The Gutterman protocol runs tons and tons of different types of rewrites at different layers of the disk. The first many rewrites writes everything to random so many times there is nothing left to find. Then it rewrites many times to zero at all levels of the disk. The result is a disk that looks like it just rolled off the production line and even a $200m piece of equipment can't find anything. Even with hammers, drills, electromagnets, water, acid, fire and other overwrite protocols they have been able to recover data fragments if they wanted to put enough time and money in to it.

    But, unless you've got something really bad to hide they're not going to put that much time, money or effort in to it.

    Deleting the partition, formatting a couple of times and installing a new OS will stop 98+% of people from finding anything. But it will by no means stop everyone!

    A secure delete / overwrite program like other people have recommended will mostly take care of what you need unless you've got something really important to hide.

    But if you want it gone run a Gutterman on it.
    Last edited by Steven_G; 07-24-2012 at 06:28 PM. Reason: typos / clarification

  7. #16
    Another option would be to use badblocks with the -w option, thus writing to every inode on the disk. Badblocks is included in pretty much every livecd. Swapping the drive for another seems the best solution, however. A little more storage probably wouldn't hurt, eh?

  8. #17
    Linux Enthusiast Steven_G's Avatar
    Join Date
    Jun 2012
    Western US
    Why is everybody making this sound so hard? Download the ultimate boot cd.

    Boot from CD.

    Navigate to the HDD menu.

    Run Boot and Nuke.

    Enable the Gutterman option.

    Start the program.

    Walk away.

    It'll finish when it finishes and when it does finish (in so far as I know) there is no recovery technology currently in existence or in development that can recover the data.

    And there probably won't be for decades to come. It'll take advances in physics, math, computers, forensics and electron microscopes / something spiffier than electron microscopes to beat a Gutterman wipe and recover any data. (Probably not until they get cooking with gas on the quantum level.)

    After the wipe finishes boot from CD again with an Ubuntu live CD.

    Install Ubuntu.

    Sell the computer.


    (Unless you want to be really nice to the buyer and make sure all of the hardware is working, that it has better than default security and some spiffy programs on it before you sell it.)
    Last edited by Steven_G; 07-24-2012 at 07:33 PM.

  9. #18
    Join Date
    May 2004
    arch linux
    Steven_G, I'm not certain but I believe it's the "Gutmann method" that you are referring to above rather than the Gutterman protocol:

    Sharpghost6, if you already have Parted Magic downloaded and burned to disk as a liveCD, you won't need to download the ultimate boot cd, because Parted Magic comes with Nwipe, which supports the full Gutmann 35-pass algorithm and is a fork of dban's "dwipe" command that's found on the ultimate boot cd. If I remember correctly, one or more of the other secure erase options on the Parted Magic disk also support some level of the Gutmann method. If you've not created either liveCD yet, you can choose either one and put it to work.

    If needed, you can find a pretty good HowTo with additional info on scrubbing drives at the following link:

    Best of luck to you with your project regardless of the erase method and liveCD that you choose.

  10. #19
    Linux Enthusiast Steven_G's Avatar
    Join Date
    Jun 2012
    Western US
    Quote Originally Posted by oz View Post
    Steven_G, I'm not certain but I believe it's the "Gutmann method" that you are referring to above rather than the Gutterman protocol.
    You're right, my bad. It's probably been more than a decade since I read up on it and at least 5 years since I had to use it. It's been a while since I sold an old box.

    But it is hands down the best method to be absolutely certain that all of the data is completely gone. And I know that several programs out there use it now.

    It takes quite a while to run. But, if you want to know for sure that all of the data is gone then I guess the wait is worth the peace of mind.

  11. #20
    Out of curiosity, what tools do you use to look at the hard drives that have been reformatted but not resurfaced?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts