I need to erase some old USB keys. My files are not state-sensitive but I would like to do the erasing process in a relatively secure way though just to set my mind at rest.

What would you suggest please?

• Some passes with 0/random bits?
• Some encryption maybe? I've been told this practice could be very efficient, I just need to use an appropriate algorithm (any advice?) and forget the secret key...
• Other solution like hammer?

NB: I can have access to Linux (Slackware or any LiveDVD) or Mac tools (macOS 10.14 Mojave)

What are you going to do with the keys after wiping them, dispose of them or give them away, reuse them? If you are going to dispose of them, just smash them with a hammer - they won't be reusable at that point. As for wiping them, I think with flash media, you aren't supposed to run wipe programs on them because they have a finite number of writes (?) and this can shorten their life. Of course that also depends on what you plan to do with the drives.

As for wiping, we always used to use this for normal hard drives and I believe it also would work for thumb drives: https://dban.org/

1 members found this post helpful.

When it comes to traditional HDDs, if you want a secure-wipe, most wipe apps would make several passes, many default to 10 passes and the user could specify the number of passes, and some will default to sector size for a secure wipe. Because HDDs use magnetic flux, this is kind of necessary. Each little magnetic bit has a north and south pole, if you bring two magnets together and they push themselves apart, you just need to flip one of them end for end and they will draw themselves together.

Keeping this in mind, there are 8 bits per byte, this equates to 4096 "writable" bits per 512 byte sector, each little magnet can represent a 1 or a 0 depending on it's orientation. If the binary code written to a sector is: 1000110001, most of the writable magnetic bits will require non-writable bits in between to counter the "push/pull" effects. The number of non-writable bits is not defined as there also needs to be non-writable bits to counter this same effect in the neighboring tracks or cylinders, so for every writable bit, there could be any greater number of non-writable bits.

If you were to do a single pass non-secure wipe of an HDD, the data that was zero filled can actually be reconstructed based on the orientation of the more numerous non-writable bits, which is why many passes are preferred on an HDD to disorient as many non-writable bits as possible.

When it comes to NAND flash memory in USB keys, there is no magnetic flux, they have cells. A single pass is sufficient be random write or zero fill. Because when writing to a block in NAND memory, the block must first be erased and all cells are set to 1. Below is a quote from Wikipedia:

2 members found this post helpful.

Personally, I would just give it a new MBR, partition it, & put a new file system on it, (but then, I don't ever have any sensitive data on mine).

1 members found this post helpful.

Yes, probably better to destroy them. Long time ago there was a low level format utility, unfortunately only for windows. If you are interested, here are some links:
http://hddguru.com/software/HDD-LLF-...l-Format-Tool/
https://unix.stackexchange.com/quest...emory-in-linux (last post)

1 members found this post helpful.

I plan to throw the keys.
So in substance, if I'm gonna hammer them, there is no point to apply/bother with any other security measure?

1 or 10 passes is no big deal, is it?
I mean it wouldn't harm more than writing each key 1 or 10 times, right? I'm no expert but I would expect that modern keys can handle that...

@Brains: thank you for all your explanation but you lost me when you talked about non-writable bits

Nobody told me about encryption. What do you think about it?
I've just realized that I can do it via Veracrypt ("format and encrypt an entire USB stick") if need be...

In an HDD, with magnetic flux technology, there will be 4096 writable bits per sector, the actual amount of bits per sector can easily be 40000 bits, because many are required to counter the effects magnets have against each other, the majority of which will not be altered in a simple one pass wipe, they will tell the story of the data that was zeroed.

USB keys use NAND flash, which are cells, there is no need for extra cells to counter any effects. When they are all set to "1", they can't tell the story of the data previously written, thus one pass of writing useless data to every block is all it takes with NAND flash technology.

2 members found this post helpful.

Would that be similar for SSDs?

The quote above is from wikipedia.

Write zeroes to the disk:

or bs=1M

If you want to make it double as safe, then write random data to it after:

or bs=1M

Generally doing zeroes should be safe, but if the data is perhaps something you would definetely not want to fall in the wrong hands, then also do urandom. If the data is critical and people are spying on you and shit like that, you need other methods. These, plus then writing enourmous amounts of encrypted garble data on top many times.

But for "normal" situations, zeroes is enough, for "sensitive" situations add random data.

1 members found this post helpful.

I don't think it's been mentioned, but there is a utility called shred, with a man page. It was aimed at platter disks, not nand. One or two passes should do it. No need for 25.

The problem is (probably) if a sector marked as bad it can't be overwritten any more. But probably it cannot be read too.

Just to tell you that I've eventually written /dev/zero then /dev/urandom onto my USB drives via dd (bs=1M).
It should be secure enough that way.
Thank you all for your help

Do you have citations for any of this?
An HDD overwritten with zeros is blank to all know techniques, as far as I can gather.
I am lead to believe that the storage chip on flash drives doesn't actuallu erase anything, much like the delete function and simpy marks sectors empty without doing anything to them -- meaning plugging the into another board may work.
Any thought4?

Maybe Brains refered to https://www.cs.auckland.ac.nz/~pgut0...ecure_del.html?
If true, I didn't read that paper very seriously but it seems that this research was biased (see *Epilogue parts) and only pure theory for obsolete technologies...