The secure removal of data is not as easy as you may think. When you delete a file using the default commands of the operating system (for example “rm” in Linux/BSD/MacOS/UNIX or “del” in DOS or emptying the recycle bin in WINDOWS) the operating system does NOT delete the file, the contents of the file remains on your hard disk. The only way to make recovering of your sensitive data nearly impossible is to overwrite (“wipe” or “shred”) the data with several defined patterns. For erasing hard disk permanently, you can use the standard dd command. However, I recommend using shred command or wipe command or scrub command.
Warning: Check that the correct drive or partition has been targeted. Wrong drive or partition target going to result into data loss . Under no circumstances we can be help responsible for total or partial data loss, so please be careful with disk names. YOU HAVE BEEN WARNED!
Erase disk permanently using a live Linux cd
Next, burn a live cd and boot your laptop or desktop from live CD. You can now wipe any disk including Windows, Linux, Mac OS X or Unix-like system.
How do I use the shred command?
Shred originally designed to delete file securely. It deletes a file securely, first overwriting it to hide its contents. However, the same command can be used to erase hard disk. For example, if your hard drive named as /dev/sda, then type the following command:
# shred -n 5 -vz /dev/sda
- -n 5: Overwrite 5 times instead of the default (25 times).
- -v : Show progress.
- -z : Add a final overwrite with zeros to hide shredding.
The command is same for IDE hard disk hda (PC/Windows first hard disk connected to IDE) :
# shred -n 5 -vz /dev/hda
In this example use shred and /dev/urandom as the source of random data:
# shred -v --random-source=/dev/urandom -n1 /dev/DISK/TO/DELETE
# shred -v --random-source=/dev/urandom -n1 /dev/sda
How to use the wipe command
You can use wipe command to delete any file including disks:
# wipe -D /path/to/file.doc
How to use the scrub command
You can use disk scrubbing program such as scrub. It overwrites hard disks, files, and other devices with repeating patterns intended to make recovering data from these devices more difficult. Although physical destruction is unarguably the most reliable method of destroying sensitive data, it is inconvenient and costly. For certain classes of data, organizations may be willing to do the next best thing which is scribble on all the bytes until retrieval would require heroic efforts in a lab. The scrub implements several different algorithms. The syntax is:
# scrub -p nnsa|dod|bsi|old|fastold|gutmann|random|random2 fileNameHere
To erase /dev/sda, enter:
# scrub -p dod /dev/sda
Use dd command to securely wipe disk
You can wipe a disk is done by writing new data over every single bit. The dd command can be used as follows:
# dd if=/dev/urandom of=/dev/DISK/TO/WIPE bs=4096
Wipe a /dev/sda disk, enter:
# dd if=/dev/urandom of=/dev/sda bs=4096
How do I securely wipe drive/partition using a randomly-seeded AES cipher from OpenSSL?
You can use openssl and pv command to securely erase the disk too. First, get the total /dev/sda disk size in bytes:
# blockdev --getsize64 /dev/sda
Next, type the following command to wipe a /dev/sda disk:
# openssl enc -aes-256-ctr -pass pass:"$(dd if=/dev/urandom bs=128 count=1 2>/dev/null | base64)" -nosalt </dev/zero | pv -bartpes 399717171200 | dd bs=64K of=/dev/sda
How to use badblocks command to securely wipe disk
The syntax is:
# badblocks -c BLOCK_SIZE_HERE -wsvf /dev/DISK/TO/WIPE
# badblocks -wsvf /dev/DISK/TO/WIPE
# badblocks -wsvf /dev/sda
Darik’s Boot and Nuke (“DBAN”) is a self-contained boot floppy (CD ISO also available) that securely wipes the hard disks of most computers. DBAN will automatically and completely delete the contents of any hard disk that it can detect, which makes it an appropriate utility for bulk or emergency data destruction. Download dban. Also don’t forget to read dban frequently asked questions. Please note that DBAN works well with MAC, PC (windows os) and Linux/BSD based system. Once you used the shred command or DBAN live cd on your disk, you can sell your laptop.