[SOLVED] How to PERMANENTLY remove files from a HDD
Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I tried searching for this question a couple of times and found nothing helpful.
I have an old PC with Win95 on it and I want to Permanently Erase everything from the Hard Drive before I take the computer to e-waste recycling.
I used Tomsrtbt to run "badblocks" with the read/write option. After this had completed I tried booting into Win95 and it showed "no operating system present".
1. Can I assume that All Files have been permanently removed from the hard drive?
2. Is there a way to check that there are no readable files left on the drive?
3. If I use Tomsrtbt to establish a new hard drive partition table and create an "ext2" file system,
will this further insure that none of the previous Dos files are salvageable?
One pass zero should be enough in most cases. If you are paranoid, you can do one pass random data. If you are really paranoid you can wipe it as many times as you want to relieve anxiety.
Hi. Depends on how paranoid you want to be about forensics software and such, I'd say it's fine but others would say destroy the drive and recycle the rest? Best wishes and have fun.
Last edited by jamison20000e; 01-18-2014 at 07:13 PM.
Some say that zero-filling once is enough. Others say that you need several passes of random data. I only know that writing with dd from /dev/zero is significantly faster than /dev/urandom. I did that on an old harddrive -- the random data fill would've taken several hours, but a zero-fill finished in about 20 minutes.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Unless you keep the secret formula to Coca-Cola on your hard drive then just one pass of zeros is enough. To get back that data somebody would have to take apart the drive and use specialist equipment to recover the data so I doubt it's worth doing that on the off chance they can hijack your Amazon account through retained cookies.
Some say that zero-filling once is enough. Others say that you need several passes of random data. I only know that writing with dd from /dev/zero is significantly faster than /dev/urandom. I did that on an old harddrive -- the random data fill would've taken several hours, but a zero-fill finished in about 20 minutes.
Certainly, physically destroying the disk with a sledgehammer will NOT clear the data, it will just make it harder to piece together. If you wanted to physically wipe the disk, use a large and powerful magnet. Such a magnet can be found inside the HDD itself as part of the arm movement mechanism. Be careful with it tho, it can crush your fingers and hurts a lot when it does. The HDD writing heads are razor sharp and can easily cut you. How do I know ? From experience
Unless you keep the secret formula to Coca-Cola on your hard drive then just one pass of zeros is enough. To get back that data somebody would have to take apart the drive and use specialist equipment to recover the data so I doubt it's worth doing that on the off chance they can hijack your Amazon account through retained cookies.
IIRC, involves electron microscopes, a lot of time plus a big chunk of money.
You may be shocked at the data I've seen left on second hand PCs from thrift stores and wherever before I wipe to revamp and sell or give with Linux, not to mention some truth-or-dare on a $ony handy cam from a ritzy neighborhoods rummage once ouh là là. There are some* banking on data but (I imagine) only if it's worth their time and effort? http://www.bullguard.com/bullguard-s...martphone.aspx
I used Tomsrtbt to run "badblocks" with the read/write option...
Hey, that sounds like a great idea. I have always used dd with if=/dev/urandom to wipe old drives, but that is rather slow. Writing patterns with badblocks should be fast and should provide a thorough wipe much like dd. I will try it next time.
To answer your questions:
Quote:
1. Can I assume that All Files have been permanently removed from the hard drive?
With the right badblocks command line, that should be a safe assumption.
Quote:
2. Is there a way to check that there are no readable files left on the drive?
If you write zeroes on the last pass, you can use the following command line:
Code:
dd if=/dev/sda | hexdump -C
If the device contains nothing but zeroes, you will get a short output like the following:
Code:
00000000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
16777216+0 records in
16777216+0 records out
8589934592 bytes (8.6 GB) copied, 108.452 s, 79.2 MB/s
200000000
(The above output was generated with a 8GB file, not a hard drive device, just to test the command line.)
Quote:
3. If I use Tomsrtbt to establish a new hard drive partition table and create an "ext2" file system,
will this further insure that none of the previous Dos files are salvageable?
Probably not. I think partitioning does not overwrite the file space. Any data still existing there would be readable.
It is also a good idea to run cryptsetup after dding a hard drive for an extra layer of protection. Since you will not use the HDD anymore, use a long complex passphrase as possible.
To make it short: Neither using badblocks nor dd nor DBAN can by definition reliably delete or overwrite all existing data on the disk. If the disk has reallocated sectors it may be possible that those still contain readable data, but they are not affected at all by any of the mentioned methods for overwriting data. So theoretically there can still be readable data, though practically chances that the data is still readable (sectors get reallocated for a reason) and if so contains anything of value is really really small.
I myself prefer just a single overwrite with zeroes, good enough for me and unrecoverable without technical expertise, specialized equipment and a good bunch of money.
Here's something to think about. Many disk wiping utilities use the Mersenne-Twister algorithm to wipe the disk (wipe, dban, and others). However, MT is NOT a cryptographic PRNG. This means that if you have the technology to undo writing to the HDD, then wiping with MT is no better than zeroing the drive. You can easily predict the state of the MT PRNG and know what bits were written, and then be able to undo them.
The only way to prevent this is to use a cryptographic PRNG. There is actually a crypto MT developed by the same authors: https://en.wikipedia.org/wiki/CryptMT
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
!
There are some* banking on data but (I imagine) only if it's worth their time and effort? 
