Announcement

**HalationEffect** · Jul 15, 2014, 07:58 PM

I was pretty sure that Steve Riley (one of the admins here) had posted something on the subject of secure deletion, and some searching discovered it:

https://www.kubuntuforums.net/showth...l=1#post316173

To physically destroy a hard drive (of the spinning platter variety) by DIY methods, I'd go with drilling a few holes entirely through it, then take it out to the street, lean it against the curb and 'curb stomp' it a few times with a big hammer.

As for file & directory undeletion... just restore from your backups! You *do* backup your important data, right?

**Qqmike** · Jul 16, 2014, 05:32 AM

Undeletion/recovery: see TestDisk and PhotoRec (same site, they come together):
http://www.cgsecurity.org/wiki/TestDisk

Wiping drives:
The command dd (it is easy, doing what you want to do), How To:
https://www.kubuntuforums.net/showth...The-dd-Command
Lot of people seem to use Dban
http://www.dban.org/

Destroying the HD: Yep, smash it with a hammer. You can even remove the disks, smash them around, cut with tin snips (and yes, pack pieces separately in bags, discard on separate trash days and bins ...)
;-)

**GreyGeek** · Jul 16, 2014, 09:06 AM

Destroying the data on an HD? The easiest and most sure way is to heat the platters with a propane torch till they are red hot, destroying the magnetic domains. Hold a magnet near it will it cools down to force the domains all into one direction, eliminating even the "ghost" traces. While you are at it, fry the circuitry and chips that drive the rw head, and melt the head.

**citizen** · Jul 16, 2014, 12:58 PM

Originally posted by HalationEffect View Post

As for file & directory undeletion... just restore from your backups! You *do* backup your important data, right?

I do. However, I have in the past, stupidly deleted fresh data (just created), when trying to reorganize a project.

Oh the joy of being human.

@all the other awesome replies... thanks for the suggestions.

**SteveRiley** · Jul 16, 2014, 07:46 PM

And one more thing...if you want to completely wipe a disk, all you need to do is:

1. Mount it in an external USB enclosure
2. Plug in the cable
3. Run sudo dd if=/dev/zero of=/dev/sdX bs=16M where X is the letter that Udev assigns in the device node tree

You do not need any fancy schmancy multi-pass wipe tools or anything rated "DoD strength" or similarly described. One pass of zeroes will permanently wipe out whatever was there before.

**vinnywright** · Jul 17, 2014, 02:24 PM

Originally posted by SteveRiley View Post

And one more thing...if you want to completely wipe a disk, all you need to do is:

1. Mount it in an external USB enclosure
2. Plug in the cable
3. Run sudo dd if=/dev/zero of=/dev/sdX bs=16M where X is the letter that Udev assigns in the device node tree

You do not need any fancy schmancy multi-pass wipe tools or anything rated "DoD strength" or similarly described. One pass of zeroes will permanently wipe out whatever was there before.

? no need for /dev/urandom and 3 pass ??

(what I use)

VINNY

**SteveRiley** · Jul 17, 2014, 02:41 PM

Originally posted by vinnywright View Post

? no need for /dev/urandom and 3 pass ??

(what I use)

Nope, waste of time and electricity. One pass, all zeros, is sufficient.

http://www.howtogeek.com/115573/htg-...e-to-erase-it/
http://privazer.com/overwriting_hard...ontroversy.pdf

And a thread on Secrity Focus discussing /dev/zero vs /dev/urandom. In that thread is an illuminating post by the author of the above paper.
http://www.securityfocus.com/archive/1/497355

Magnetic devices DO NOT have memory. They experience a hysteresis effect. This is NOT Time based and is NOT going to supply the physical effects associated with tool marks etc.

PRML and EPRML are based on analogue processes. Drives are not digitally encoded, they are translated. There is no recovery - AFM, MFM or whatever type of electron microscope you choose. The paper will be available in Dec. The proof is detailed there and the process can be replicated by anyone who cares to do so (I am actually surprised that we are the first to have do it).

The 7 wipe (or more) theory is based on a flawed supposition.

The optinal bitwise recovery from a PRML drive that is no longer available and was never used more than once is less than 92% per bit (given foreknowledge of the write pattern). ePRML is as low as 49% per bit using electron microscopy. Even at 92% per bit, the recovered data is useless and random. This is detailed in the paper mentioned before.

At 49% - this is a modern drive - the toss of a coin is more accurate. Think about that for a minute.

Regards,
Craig Wright GSE-Malware, GSE-Compliance

**vinnywright** · Jul 17, 2014, 02:45 PM

Originally posted by SteveRiley View Post

Nope, waste of time and electricity. One pass, all zeros, is sufficient.

http://www.howtogeek.com/115573/htg-...e-to-erase-it/
http://privazer.com/overwriting_hard...ontroversy.pdf

And a thread on Secrity Focus discussing /dev/zero vs /dev/urandom. In that thread is an illuminating post by the author of the above paper.
http://www.securityfocus.com/archive/1/497355

will readjust my method then

VINNY

**Qqmike** · Jul 17, 2014, 03:47 PM

Agree with Steve and his references.
More, in my how-to:

https://www.kubuntuforums.net/showth...l=1#post107356

Announcement

Software recommendations to recover files & securely delete drive contents

Software recommendations to recover files & securely delete drive contents

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment