So, how do you choose to destroy old data?

I've never had the need so far, as I've never sold/given away a HDD. With the kind of data I have, I'm happy to just run a format and leave it at that. I guess if I was to be selling to random members of the public then I'd go with a more harsh method of destruction.

I do remember reading once that simply writing all 1's to your hdd is enough to ensure its clear, as theres no way to tell if it was previously a 0 or not.

(This is apposed to writing all 0's, and as someone pointed out in another thread, you can sometimes detect where the 1's previously were as they still hold "some" charge).

Of course, if I was ever dealing with secret data then I believe the only true way is to phsyically destroy the harddrive, via grinders and earth magnets.

What do you think?

I first check the HW for any hidden partitions or overlays to ensure the whole disk will be accessed, wipe with DBAN (regulations) or frandom (no regulations, faster than random) and finish off writing zeroes. Even if there's no rules and regulations to comply with inspecting the drive afterwards seems common sense to me.

Whenever we decommission old Linux servers I:
1) Modify the contents of key system files (/etc/hosts, /etc/passwd, /etc/shadow) so they are still there but have non-sensitive information.
2) Delete all of our specific files (e.g. /home directories, databases etc...
3) Wipe the drives:
a) If it has a RAID or other controller capable of low-level format (initializing) the drives I'll first use dd to write random data into the filesystems where I deleted things (maybe a gig or so) just to overwrite the sectors that were deleted. Then I'll use the controller to initialize the individual drives.
b) If there is no such controller I'll boot from say a RHEL5 boot disk and enter rescue mode then skip the mount attempt of old filesystems. I'll then use the utilities in the rescue filesystem to delete all partitions from all drives and make a single large linux partition and layout a filesystem on that. The filesystem is then mounted and I'll use dd to fill the drive. After the drive fills I delete the file then the filesystem then the partition then shut it down.

Using /dev/random or /dev/urandom as your input for the dd means instead of writing all ones or all zeros (/dev/zero used for the latter) you can make the data random so it would be harder to predict what was overlaying old data.

The command I use for dd is something like:
dd if=/dev/urandom of=/dev/sda1/<filename> bs=1M
Where filename can be whatever you want it to be.

Of course you probably don't really need the filesystem and partition - you could dd to the full device (e.g. /dev/sda, /dev/hda, /dev/sdb etc...) but I like the above.

I have seen some folks write than on modern drives all you really need to do is delete things because due to density it is nearly impossible to find it after deletion. (Assuming it is a true deletion as in Linux rather than the Windoze remove first character of a file name deletion). That may or may not be true but I like the above. A few years back the US DoD was saying you had to do 7 wipe passes. I've never done that but did do 3 on a Solaris system I was decommissioning for a large pharmaceutical once. Wiping just takes time but if you're getting rid of something time usually isn't an important factor.

Being a lawyer my hard drives have sensitive client information. I format a drive I'm discarding, then open it, remove the platter, and physically shred the platter. Then it goes to the trash.

Hi...

IMHO, no point in formatting, if you physically destroy the support of the information...

That should be the ultimate and most decisive kind of formatting.... ,

but someone tell me, the good'ol dd if=/dev/zero of=/dev/sd* is not enough...?

Since my upgrade last spring, I have plenty of horsepower here so I've been converting to a fully encrypted format. My system currently has 6 internal hard drives, and several of those have several partitions (reasons are ancient and historical, and are maintained today because I run several Windows virtual machines, often all at once). I also have some external USB drives, which I am also encrypting. My newest internal drive is a WD 2TB SATA Green, which I added a few weeks ago in order to give me the workspace to encrypt the rest of my system.

Yesterday, I encrypted one of the USB drives (a 500 Gig drive). I formatted it ext4, and deployed dmcrypt on it. This was handled automatically for me by my Mandriva 2010.1 distro. Then, to clear the drive, I used two shells to write two files to the drive using dd:

dd if=/dev/urandom of=/media/usbdrive-1/tstfile bs=1M

and the other dd instance wrote tstfile2. I did it this way because /dev/urandom isn't that fast, and I almost doubled my write speed. I also tied up two of my 4 cores at 100% doing that.

It took about 10 hours to do that drive that way. The drive is now once again a backup drive with all my offsite copies of my system, data, and work on it. Should the drive be lost, stolen, or fail, I no longer have to worry about what is on it; no one will read it without the key.

I have several NTFS partitions on these drives; I'll be using TrueCrypt to encrypt them since it should work with all my Windows installations (back to NT 4) AND will work with Linux, enabling me to easily access those partitions from Windows or from Linux.

No - As I indicated it is better to use /dev/random or /dev/urandom so that what you're overwriting with isn't all the same - it would make it much harder to figure out what is original data and what is the random data written later. With all zeros you simply need to ignore the zeros (for the most part). Of course this assumes one can get beneath the new data in the first place - the idea in random is simply that it makes it harder to figure out which is which.

That's fine if the interrogator is only using the drive's own controller and firmware to read the data, which should be fine for the opportunist thief, or someone picking your rubbish.

However, it is possible to dismantle the drives and read data of the platters in more sophisticated machines, under these circumstances it is possible to see 'shadows' of previous writes, hence the recommendation to write random data seven times over. One would hope this technology is only available to certain government organisations, however you can't be sure, and there will come a time when it is more readily available.

For myself, my laptop is fully encrypted. My desktop isn't, but runs 24/7 so encryption is less useful. I'm considering keeping backup drives at work, rather than the other side of the house, but before I even dream of implementing that I need to encrypt the drives and implement support for that in my scripts.

I agree. Also note that DBAN has many options available, like DOD standard, fast DOD, or just 1 pass with random numbers (good enough for me). Depends on what is on the disk ... obviously if it's something sensitive, might want to use the DOD standard (even tho nobody has proven that data can even be recovered from a single pass with zeroes).

There's a faster way to wipe a drive with random data:

To wipe /dev/sdb:

(Write zero's to a virtual block device "shredder", which is mapped to the real device using encryption with a key derived from /dev/urandom)

Write speed is the limiting factor here, not CPU speed. This is much faster than using /dev/urandom or /dev/random directly. It all depends on the hardware, of course. Algorithm, key size, hash for cryptsetup and blocksize for dd can be varied.

Using /dev/random won't work well because the device will soon run out of entropy and block. It isn't suitable for drives, unless you happen to use a hardware random number generator.

Hi...

I create a transient BlackHole in the backyard of my house, and I throw my used Hdds into it as soon as it begins to expand...

then I shut it down...

... so far i have been lucky enough to turn it down quickly enough...

This is the only way I know, how to destroy information ROTFLMAO

Personally I just run /dev/zero over stuff. All this fluff about echoes of past data has basically been debunked for modern high density media. For normal people I mean - if the spooks want your data, they probably already have it.

I do like @cepheus11 idea tho' - I wonder how US Border Security will react when you try to bring in a disk that has that done to it.
"What decryption key officer ?"

I found this page from "Bleachbit" to be a good read.
http://bleachbit.sourceforge.net/doc...iles-wipe-disk
It can be set to overwrite all files being deleted as well plus any other you can navigate to. Won't shred directories though. I normally go to what ever file I want to shred and use the shred -u -z -n 3 command from a root terminal.
IIRC BCWipe will shred a directory/folder.

Are they really that paranoid? Imagine some computer newbie bought a disk via eBay, and the former owner had wiped it. The new owner did not partition and format it yet. Guilty until proven innocent?