[gentoo-user] Good command for wiping a hard drive?

[gentoo-user] Good command for wiping a hard drive?

[Mark Knecht]

Hi,
   Sold my laptop on Ebay. It was dual boot Gentoo/XP Pro and had
financial data on it. I'd like to pretty securely wipe the drive
before shipping. I've already deleted all 10 partitions and written
new partitions on which are different sizes and different file
systems. What simple command can Ido to write data to the whole drive?

   After doing this I will be deleting all partitions again and
running the XP reinstall disk from Compaq so that the new buyer gets a
machine more or less ready for him to work. (I offered to set him up
with Gentoo but he didn't byte.) ;-)

Cheers,
Mark

-- 
gentoo-user@gentoo.org mailing list

[gentoo-user] Re: Good command for wiping a hard drive?

[Remy Blank]

Mark Knecht wrote:
>    Sold my laptop on Ebay. It was dual boot Gentoo/XP Pro and had
> financial data on it. I'd like to pretty securely wipe the drive
> before shipping. I've already deleted all 10 partitions and written
> new partitions on which are different sizes and different file
> systems. What simple command can Ido to write data to the whole drive?

Assuming your hard disk is /dev/hda, I'd do:

  dd if=/dev/zero of=/dev/hda bs=8M

Then go have a coffee. If you want it more secure, go for this, a few
times in a row (at least 7, I read):

  dd if=/dev/urandom of=/dev/hda bs=8M

However, this will take a *long* time, as /dev/urandom is quite slow.
But it will make the data unrecoverable even with expensive means.

-- Remy


Remove underscore and suffix in reply address for a timely response.

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Good command for wiping a hard drive?

[Michael Crute]

[-- Attachment #1: Type: text/plain, Size: 999 bytes --]

On 9/30/05, Mark Knecht <markknecht@gmail.com> wrote:
>
> Sold my laptop on Ebay. It was dual boot Gentoo/XP Pro and had
> financial data on it. I'd like to pretty securely wipe the drive
> before shipping. I've already deleted all 10 partitions and written
> new partitions on which are different sizes and different file
> systems. What simple command can Ido to write data to the whole drive?
>
> After doing this I will be deleting all partitions again and
> running the XP reinstall disk from Compaq so that the new buyer gets a
> machine more or less ready for him to work. (I offered to set him up
> with Gentoo but he didn't byte.) ;-)
>
>
>  I should think you could use `dd` but im not sure exactly the command
syntax you need.
 -Mike

--
________________________________
Michael E. Crute
Software Developer
SoftGroup Development Corporation

Linux, because reboots are for installing hardware.
"In a world without walls and fences, who needs windows and gates?"

[-- Attachment #2: Type: text/html, Size: 1379 bytes --]

Re: [gentoo-user] Good command for wiping a hard drive?

[Mark Shields]

[-- Attachment #1: Type: text/plain, Size: 1322 bytes --]

Deleting and recreating new, different partitions isn't enough, as the raw
data is still there. I would use /dev/urandom combined /bin/dd. Never done
this before, but *should* work. Boot from the gentoo livecd (or some other
livecd that provides a full working linux environment), type dd
if=/dev/urandom of=/dev/hda conv=notrunc . Run that about 10 times (you do
want it securely erased right?) or however many times you feel is necessary.
Use dlcfdd instead of dd if you can, as with an extra CLI option
(sizeprobe=of) you can get a progress bar.

On 9/30/05, Mark Knecht <markknecht@gmail.com> wrote:
>
> Hi,
> Sold my laptop on Ebay. It was dual boot Gentoo/XP Pro and had
> financial data on it. I'd like to pretty securely wipe the drive
> before shipping. I've already deleted all 10 partitions and written
> new partitions on which are different sizes and different file
> systems. What simple command can Ido to write data to the whole drive?
>
> After doing this I will be deleting all partitions again and
> running the XP reinstall disk from Compaq so that the new buyer gets a
> machine more or less ready for him to work. (I offered to set him up
> with Gentoo but he didn't byte.) ;-)
>
> Cheers,
> Mark
>
> --
> gentoo-user@gentoo.org mailing list
>
>


--
- Mark Shields

[-- Attachment #2: Type: text/html, Size: 1720 bytes --]

Re: [gentoo-user] Re: Good command for wiping a hard drive?

[Mark Knecht]

Thanks Remy

On 9/30/05, Remy Blank <remy.blank_asps@pobox.com> wrote:
> Mark Knecht wrote:
> >    Sold my laptop on Ebay. It was dual boot Gentoo/XP Pro and had
> > financial data on it. I'd like to pretty securely wipe the drive
> > before shipping. I've already deleted all 10 partitions and written
> > new partitions on which are different sizes and different file
> > systems. What simple command can Ido to write data to the whole drive?
>
> Assuming your hard disk is /dev/hda, I'd do:
>
>   dd if=/dev/zero of=/dev/hda bs=8M
>
> Then go have a coffee. If you want it more secure, go for this, a few
> times in a row (at least 7, I read):
>
>   dd if=/dev/urandom of=/dev/hda bs=8M
>
> However, this will take a *long* time, as /dev/urandom is quite slow.
> But it will make the data unrecoverable even with expensive means.
>
> -- Remy
>
>
> Remove underscore and suffix in reply address for a timely response.
>
> --
> gentoo-user@gentoo.org mailing list
>
>

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Good command for wiping a hard drive?

[Mark Shields]

[-- Attachment #1: Type: text/plain, Size: 1669 bytes --]

Forgot to credit my source:
http://www.linuxquestions.org/questions/showthread.php?s=&postid=1848770

That post also mentions a Helix livecd that comes with the dlcfdd program I
mentioned.

On 9/30/05, Mark Shields <laebshade@gmail.com> wrote:
>
> Deleting and recreating new, different partitions isn't enough, as the raw
> data is still there. I would use /dev/urandom combined /bin/dd. Never done
> this before, but *should* work. Boot from the gentoo livecd (or some other
> livecd that provides a full working linux environment), type dd
> if=/dev/urandom of=/dev/hda conv=notrunc . Run that about 10 times (you do
> want it securely erased right?) or however many times you feel is necessary.
> Use dlcfdd instead of dd if you can, as with an extra CLI option
> (sizeprobe=of) you can get a progress bar.
>
> On 9/30/05, Mark Knecht <markknecht@gmail.com> wrote:
> >
> > Hi,
> > Sold my laptop on Ebay. It was dual boot Gentoo/XP Pro and had
> > financial data on it. I'd like to pretty securely wipe the drive
> > before shipping. I've already deleted all 10 partitions and written
> > new partitions on which are different sizes and different file
> > systems. What simple command can Ido to write data to the whole drive?
> >
> > After doing this I will be deleting all partitions again and
> > running the XP reinstall disk from Compaq so that the new buyer gets a
> > machine more or less ready for him to work. (I offered to set him up
> > with Gentoo but he didn't byte.) ;-)
> >
> > Cheers,
> > Mark
> >
> > --
> > gentoo-user@gentoo.org mailing list
> >
> >
>
>
> --
> - Mark Shields




--
- Mark Shields

[-- Attachment #2: Type: text/html, Size: 2653 bytes --]

Re: [gentoo-user] Good command for wiping a hard drive?

[Billy Holmes]

Mark Knecht wrote:
> before shipping. I've already deleted all 10 partitions and written
> new partitions on which are different sizes and different file

try shred:

# shred -v /dev/hda

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Re: Good command for wiping a hard drive?

[Martin Eisenhardt]

Hello,

you might want to give shred a try. It is probably already installed on your 
box.

Regards
Martin

On Friday 30 September 2005 23:11, Mark Knecht wrote:
> Thanks Remy
>
> On 9/30/05, Remy Blank <remy.blank_asps@pobox.com> wrote:
> > Mark Knecht wrote:
> > >    Sold my laptop on Ebay. It was dual boot Gentoo/XP Pro and had
> > > financial data on it. I'd like to pretty securely wipe the drive
> > > before shipping. I've already deleted all 10 partitions and written
> > > new partitions on which are different sizes and different file
> > > systems. What simple command can Ido to write data to the whole drive?
> >
> > Assuming your hard disk is /dev/hda, I'd do:
> >
> >   dd if=/dev/zero of=/dev/hda bs=8M
> >
> > Then go have a coffee. If you want it more secure, go for this, a few
> > times in a row (at least 7, I read):
> >
> >   dd if=/dev/urandom of=/dev/hda bs=8M
> >
> > However, this will take a *long* time, as /dev/urandom is quite slow.
> > But it will make the data unrecoverable even with expensive means.
> >
> > -- Remy
> >
> >
> > Remove underscore and suffix in reply address for a timely response.
> >
> > --
> > gentoo-user@gentoo.org mailing list

-- 
Dipl. Wirtsch.Inf. (Univ.) Martin Eisenhardt

Otto-Friedrich-University Bamberg
Department Business Informatics and Applied Computer Science
Media Informatics Group

D - 96045 Bamberg

fon: +49 (951) 863 2856
fax: +49 (951) 863 2852

www: http://www.mneisen.org

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Re: Good command for wiping a hard drive?

[Richard Fish]

Remy Blank wrote:

>Mark Knecht wrote:
>  
>
>>   Sold my laptop on Ebay. It was dual boot Gentoo/XP Pro and had
>>financial data on it. I'd like to pretty securely wipe the drive
>>before shipping. I've already deleted all 10 partitions and written
>>new partitions on which are different sizes and different file
>>systems. What simple command can Ido to write data to the whole drive?
>>    
>>
>
>Assuming your hard disk is /dev/hda, I'd do:
>
>  dd if=/dev/zero of=/dev/hda bs=8M
>
>Then go have a coffee. If you want it more secure, go for this, a few
>times in a row (at least 7, I read):
>
>  dd if=/dev/urandom of=/dev/hda bs=8M
>
>However, this will take a *long* time, as /dev/urandom is quite slow.
>But it will make the data unrecoverable even with expensive means.
>  
>

A good option for more speed would be to use aespipe to encrypt 
/dev/zero and write that output to the disk.  Since AES encryption 
generates essentially random data, this should be the equivalent of 
reading from urandom, only much much faster.  You still have to run it 
multiple times of course, and with a different encryption key each time, 
but commands like this should do the trick:

head -c 45 /dev/urandom | uuencode -m - | head -n 2 | tail -n 1 > key.txt
dd if=/dev/zero bs=64k | aespipe -p3 -e AES128 3<key.txt >/dev/hda

-Richard

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Good command for wiping a hard drive?

[Oliver Friedrich]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mark Knecht wrote:

> What simple command can Ido to write data to the whole drive?

Hi Mark,

well, its not Gentoo, but DBAN is specialy Designed for secure wiping...

http://dban.sourceforge.net/

Give it a try...

BeowulfOF
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDPbjicZpid1GuHxcRAtLtAKCnWyuYtGUegODcvTa7waxTgfyM3gCgjpeL
SLAuFGcEjSXmfQEU+ullHEk=
=So9a
-----END PGP SIGNATURE-----

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Good command for wiping a hard drive?

[fire-eyes]

Oliver Friedrich wrote:
> Mark Knecht wrote:
> 
> 
>>>What simple command can Ido to write data to the whole drive?
> 
> 
> Hi Mark,
> 
> well, its not Gentoo, but DBAN is specialy Designed for secure wiping...
> 
> http://dban.sourceforge.net/
> 
> Give it a try...
> 
> BeowulfOF


There is also bcwipe (in portage) and the secure deletion toolkit. Not
sure if SDT is in portage.
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Good command for wiping a hard drive?

[Mark Knecht]

Thanks all. I think this info would make a good wiki or something.
There are sort of two cases:

1) You want to wipe some drive that's a peripheral part of the system.
You're going to keep the system so you can use portage, etc.

2) You want to wipe the whole system. You need to wipe root so you
want to use something on the install disk, such as dd.

Since I was doing the second option I used dd, ran it twice, blew all
the partitions away, and formatted it with fat32, blew that away, did
dd one more time, and then installed Windows for the guy who bought
the machine. If he can find my old data more power to him!

Again, thanks a lot for all the good responses. I'd like to take the
time and try them all on a 1394 drives one of these days just to see
how they all work.

Cheers,
Mark

On 9/30/05, fire-eyes <sgtphou@fire-eyes.org> wrote:
> Oliver Friedrich wrote:
> > Mark Knecht wrote:
> >
> >
> >>>What simple command can Ido to write data to the whole drive?
> >
> >
> > Hi Mark,
> >
> > well, its not Gentoo, but DBAN is specialy Designed for secure wiping...
> >
> > http://dban.sourceforge.net/
> >
> > Give it a try...
> >
> > BeowulfOF
>
>
> There is also bcwipe (in portage) and the secure deletion toolkit. Not
> sure if SDT is in portage.
> --
> gentoo-user@gentoo.org mailing list
>
>

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Good command for wiping a hard drive?

[Alexander Skwar]

Mark Knecht schrieb:

> I'd like to pretty securely wipe the drive
> before shipping.

dd if=/dev/null of=/dev/hda

Alexander Skwar
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Good command for wiping a hard drive?

[Brian Parish]

On Saturday 01 October 2005 16:15, Alexander Skwar wrote:
> Mark Knecht schrieb:
> > I'd like to pretty securely wipe the drive
> > before shipping.
>
> dd if=/dev/null of=/dev/hda
>
> Alexander Skwar

dban:

http://dban.sourceforge.net/
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Re: Good command for wiping a hard drive?

[Alexander Skwar]

Richard Fish schrieb:

> A good option for more speed would be to use aespipe to encrypt 
> /dev/zero and write that output to the disk.

Why do that? Overwritten data is already pretty much
irrecoverable. Or do you know of ONE instance, where
those rescue companies restored an OVERWRITTEN (ie.
not something simple as burned or such) drive?

And if you fear, that the CIA or FBI might recover
data - use a metal shredder...

Alexander Skwar
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Re: Good command for wiping a hard drive?

[Jonathan Wright]

Alexander Skwar wrote:
>>A good option for more speed would be to use aespipe to encrypt 
>>/dev/zero and write that output to the disk.
> 
> Why do that? Overwritten data is already pretty much
> irrecoverable. Or do you know of ONE instance, where
> those rescue companies restored an OVERWRITTEN (ie.
> not something simple as burned or such) drive?
> 
> And if you fear, that the CIA or FBI might recover
> data - use a metal shredder...

Actually, even if you format a hard drive, it's still relatively easy to 
  get the data off.

Although we think of data in the digital domain, ones and zeros, there 
or not, hard drives are an analogue system using a variation in the 
magnetic field on a smooth plate, spinning at (usually) 120 revolutions 
per second and storing up to (I think) 120 billion 'bits' of information 
in one square inch of 'plate'.

The accuracy needed to completely override the data for a particular 
sector is near improbable. Around the areas for any particular byte 
residual traces of a magnetic field can be found, if you have the right 
equipment.

I can't remember the name of the program to do it, but if you want to 
securely erase a hard drive according to NSA/CIA/FBI standards, it needs 
37 passes using RANDOM data!

-- 
  Jonathan Wright                           ~ mail at djnauk.co.uk
                                            ~ www.djnauk.co.uk
--
  2.6.12-gentoo-r6-djnauk-b2 AMD Athlon(tm) XP 2100+
  up 23:38, 11 users,  load average: 0.01, 0.16, 0.41
--
  "Memo to the Congress: Thanks for thinking of me,  but  I  don't
  need you to defend my marriage. My husband and I can handle that
  ourselves. Spare me 'The Defense of Marriage  Act'  label  on  a
  bill banning same-sex marriages. The name implies that the value
  of heterosexual marriages goes down  once  you  let  homosexuals
  into the institution. There goes the neighborhood. I  don't  buy
  this realtor's view of relationships. Gay  and  lesbian  couples
  who want  to  wed  aren't  trying  to  assail  the  grounds  for
  marriage. They're trying to share them. If anything,  they  want
  to stabilize the gay community."

                ~ Syndicated Boston Globe columnist Ellen Goodman.
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Re: Good command for wiping a hard drive?

[Uwe Thiem]

On 30 September 2005 22:50, Remy Blank wrote:
> Mark Knecht wrote:
> >    Sold my laptop on Ebay. It was dual boot Gentoo/XP Pro and had
> > financial data on it. I'd like to pretty securely wipe the drive
> > before shipping. I've already deleted all 10 partitions and written
> > new partitions on which are different sizes and different file
> > systems. What simple command can Ido to write data to the whole drive?
>
> Assuming your hard disk is /dev/hda, I'd do:
>
>   dd if=/dev/zero of=/dev/hda bs=8M
>
> Then go have a coffee. If you want it more secure, go for this, a few
> times in a row (at least 7, I read):
>
>   dd if=/dev/urandom of=/dev/hda bs=8M
>
> However, this will take a *long* time, as /dev/urandom is quite slow.
> But it will make the data unrecoverable even with expensive means.

This doesn't really wipe out all data securely. It can still be recovered by 
special hardware. If you do both dds alternately 7 times, your data is gone. 
Reason: Writing zeros seven times to the harddrive doesn't change the 
magnetic properties much. Ideally, you should write zeros and 255s 
alternately several times.

Uwe

-- 
95% of all programmers rate themselves among the top 5% of all software 
developers. - Linus Torvalds

http://www.uwix.iway.na (last updated: 20.06.2004)
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Re: Good command for wiping a hard drive?

[Alexander Skwar]

Jonathan Wright schrieb:
> Alexander Skwar wrote:
>>>A good option for more speed would be to use aespipe to encrypt 
>>>/dev/zero and write that output to the disk.
>> 
>> Why do that? Overwritten data is already pretty much
>> irrecoverable. Or do you know of ONE instance, where
>> those rescue companies restored an OVERWRITTEN (ie.
>> not something simple as burned or such) drive?
>> 
>> And if you fear, that the CIA or FBI might recover
>> data - use a metal shredder...
> 
> Actually, even if you format a hard drive, it's still relatively easy to 
>   get the data off.

Well, but that's only so, because a format normally doesn't
rewrite the whole device but only some "header".

> I can't remember the name of the program to do it,

I bet it's based on "Secure Deletion of Data from Magnetic and
Solid-State Memory" by Peter Gutmann (see <http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html>).

> but if you want to 
> securely erase a hard drive according to NSA/CIA/FBI standards,

There's no such thing. Those agencies recommend to incinerate
harddrives containing sensitive data.

> it needs 
> 37 passes using RANDOM data!

No, it doesn't. That used to be true *AGES* ago with RLL/MFM drives,
but no more with current drives.

Nowadays, thanks to the improved reliability of harddrives, a
simple overwrite with 0's is good enough. Back in May 2003,
the german computermagazine c't send drives to ontrack, vogon
and ibas with overwritten files. In *no* cases those companies
could recover data. Even if data was just overwritten with 0!
Those companies are only sucessful, when recovering data from
burned or otherwise physically destroyed/inaccessible drives.

Or do you have *PROVE* that those companies actually CAN
recover overwritten data? I would *REALLY* be interested!

Alexander Skwar
-- 
gentoo-user@gentoo.org mailing list