Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: openSuSE Tumbleweed-KDE, Mint 21, MX-21, Manjaro
Posts: 4,629
Original Poster
Rep:
Yep, thanks for the clarification. I was wrongly assuming that I really could write zeros and ones (low level) to the disk. The readmes of "wipe" and "dban" disabused me of that notion. You are right in the use of urandom "noise" for encryption and zeros for compression of course.
Click here to see the post LQ members have rated as the most helpful post in this thread.
FYI, binary one is 0x01, unless you mean every bit binary one, which would be 0xFF/binary 11111111/decimal 255/octal 377.
And no, no such virtual device exists.
You could do something like:
Code:
tr '\000' '\377' < /dev/zero
Thanks for this, it works great and is a great idea. As far as I can see there is no performance hit from piping to tr. For example if I wanted to overwrite free space with ones instead of zeros in order to clear out files I deleted I would do:
Thanks for this, it works great and is a great idea. As far as I can see there is no performance hit from piping to tr. For example if I wanted to overwrite free space with ones instead of zeros in order to clear out files I deleted I would do:
Sorry for the Night of the Living Thread, but this was a top search result for "/dev/one" which I was searching for the same reason as OP (HDD wiping), and I thought this might be worth adding.
I'm doing a thorough wipe on an HDD that's starting to fail, so I need to use ddrescue instead of dd so it won't puke on write errors. The /dev/one kernel patch above would make this easier, but I think it's out-of-date now and I haven't the skill to update it myself. Sidenote: I think it'd be great to have this included in the kernel, but maybe this has already been suggested and rejected?
Anyway, to get the required result I created a file full of ones (using dd and tr as shown above). For faster operation I placed it in tmpfs, so as I only have 1GB RAM I made only a 50MB file. The more free RAM you have, the bigger you can make the file.
Then I wrote a small bash script to loop runs of ddrescue, writing to consecutive 50MB chunks of the target drive.
Code:
#!/bin/sh
CNT=0
while ddrescue -f -o $CNT /tmp/ones.dat /dev/sdb; do
CNT=$(( CNT + 51200000 ))
echo "$CNT bytes written."
done
This doesn't compare too badly against "ddrescue /dev/zero /dev/sdb" for speed; the main bottleneck is the stop/start of ddrescue (each iteration of the loop took about 2.5s on an Atom N270 cpu) so the bigger the "ones file" you can afford to use, the faster it'll go.
Hope this is some help to somebody somewhere at some point
Distribution: openSuSE Tumbleweed-KDE, Mint 21, MX-21, Manjaro
Posts: 4,629
Original Poster
Rep:
Thanks for your input and solution, Havin_it. Side note: I wouldn't choose too big a file with ones, since you want to wipe a failing drive. Normal sector size is 512 bytes. You leave 50 MB gaps (minus the broken sectors) in wiping even now. If you chose larger chunks of data, the gaps would increase accordingly...
Thanks for your input and solution, Havin_it. Side note: I wouldn't choose too big a file with ones, since you want to wipe a failing drive. Normal sector size is 512 bytes. You leave 50 MB gaps (minus the broken sectors) in wiping even now. If you chose larger chunks of data, the gaps would increase accordingly...
Can you explain this? ddrescue is still writing using a 512B block size, so I'd assumed that it would write to every sector it can physically do so. How are there 50MB gaps?
Why not wipe the drive with the urandom device a few times and then zero's. Actually, if you are going encrypt your partitions, you want to start with the partition filled with psuedo-random junk, rather than all zero's or all ones. If on the other hand you are going to reuse the drive for a fresh install and want to create an image backup, having zeroed out free space will allow the image to compress nicely.
Random data is still the best but many government methodologies for data sanitization still require a few passes of ones and zeros before random data:
Quote:
For more security you can use 7-pass algorithms to wipe free space.
- the US Department of Defense DoD 5220.22-M(ECE) (7 passes)
DoD 5220.22-M(ECE) is seven pass overwriting algorithm: first and second passes - with certain bytes and with its compliment, then two passes with random character, then two passes with character and its complement and the last pass - with random character.
- Canadian RCMP TSSIT OPS-II (7 passes)
RCMP TSSIT OPS-II is seven pass overwriting algorithm with three alternating patterns of zeroes and ones and the last pass - with random character (with last pass verification).
- German VSITR (7 passes)
The German standard calls for each sector to be overwritten with three alternating patterns of zeroes and ones and in the last pass with character.
- Bruce Schneier (7 passes)
The Bruce Schneier wiping algorithm has seven passes: first pass - with ones, the second pass - with zeroes and then five times with random characters.
It seems to work OK but I'm not a C coder (the adaptation was done by cut, paste, guesswork and a bit of research) so please tell me if the code could be more "elegant".
I'd like to see this in the kernel; for all that has been said above about the value of a pass of ones in disk-erasure, the fact remains that a number of govt-endorsed algorithms do rely on it, which gives it value I think. Who knows what other uses might be thought of?
Distribution: openSuSE Tumbleweed-KDE, Mint 21, MX-21, Manjaro
Posts: 4,629
Original Poster
Rep:
Hmmm. I've never done work like this, i.e. programming kernel modules. But I guess, this is not the appropriate place to get it inserted into the kernel. Perhaps asking in the kernel mailing list whether the kernel chiefs are interested?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.