I am about to sell my old desktop PC and I am cautious about some of my sensitive information being available to the purchaser, even after reformatting the hard-drive, using data recovery software.
How can I securely wipe the hard drive so that the data on it cannot be recovered?
Although I specifically want help with my Windows PC, it wouldn't hurt if there were suggestions for Macs as well.
Look into Darik's Boot and Nuke. It's a bootable CD which lets you securely erase your hard drives.
Windows7 has a tool called cipher.exe, which can wipe the disk:
http://www.ghacks.net/2010/06/21/wipe-yopur-drives-securely-with-a-hidden-windows-7-tool/
The command is simply
cipher /w:x:\folderwhere you would substitute
x:\folderfor the location you want wiped, for instance yourD:\drive or yourC:\Users\Mike Halsey\Music folder.
Well, using tools such as DBAN or the like is considered to be mostly pointless and also very time consuming.
Generally, you do not need to do anything, but fill the drive with 0x00 (zero bytes / NUL) only once these days, in order to securely prevent the recovery of former data.
Doing multiple passes is excessive and mostly useless, let alone filling the drive with random data. The only way you can try to restore anything, after such an operation took place, is with an atomic-force microscope - this is, obviously, an extreme procedure, that will take months for even the smallest JPG file and the error rate (false-positives) is going to be immense (in other words - you won't get anything meaningful out of it). This is even more true for higher capacity models (higher density platters).
However, one can only speculate what tech might be in the hands of, say, the NSA, so judge the provided information with that in mind.
So, one of the ultimate software ways (fast, reliable & secure), is a single run (zero-fill) of dd:
dd if=/dev/zero of=/dev/sdX bs=1M
or, if you want to measure progress:
pv < /dev/zero > /dev/sdX
However, there is something called secure erase. This is an established ATA standard. This functionality is integrated into the drive itself. Not only is it even faster than a run of dd (as it's already hardware based and hardware > software, speed wise), it is also more secure, due to the ability of purging original bad sectors that have been reallocated! There are 2 versions: the vanilla (2001 and onwards) and the enhanced one (post 2004). So, if your drive was manufactured roughly 10 years ago - it is already very likely to support this feature.
hdparm --security-set-pass NULL /dev/sdX
hdparm --security-erase NULL /dev/sdX
hdparm --security-erase-enhanced NULL /dev/sdX
Erase away!
As a side note on scenarios when you cannot always format and wipe the disk and have to relinquish ownership of a computer with OS intact (like resigning a job and returning the laptop), Scott Hanselman has noted down a checklist on activities to carry out before giving it up forever.
http://www.hanselman.com/blog/TheDevelopersQuittingYourJobTechnologyChecklist.aspx
diskpart can be used to zero out the whole disk
Run cmd as admin and then run diskpart
Choose the disk you want to wipe (e.g. disk 0) with select disk 0. You can get the disk number by running list disk
Run clean all
DISKPART> help clean
Removes any and all partition or volume formatting from the disk with
focus.
Syntax: CLEAN [ALL]
ALL Specifies that each and every byte\sector on the disk is set to
zero, which completely deletes all data contained on the disk.
On master boot record (MBR) disks, only the MBR partitioning information
and hidden sector information are overwritten. On GUID partition table
(GPT) disks, the GPT partitioning information, including the Protective
MBR, is overwritten. If the ALL parameter is not used, the first 1MB
and the last 1MB of the disk are zeroed. This erases any disk formatting
that had been previously applied to the disk. The disk's state after
cleaning the disk is 'UNINITIALIZED'.
format can also be used to wipe individual drives with the /P option. For example to format the D: drive as NTFS and wipe the drive with zero then overwrite it again twice with random values you can use format D: /fs:ntfs /P:2
C:\> format /?
Formats a disk for use with Windows.
FORMAT volume [/FS:file-system] [/V:label] [/Q] [/L[:state]] [/A:size] [/C] [/I:state] [/X] [/P:passes] [/S:state]
FORMAT volume [/V:label] [/Q] [/F:size] [/P:passes]
FORMAT volume [/V:label] [/Q] [/T:tracks /N:sectors] [/P:passes]
FORMAT volume [/V:label] [/Q] [/P:passes]
FORMAT volume [/Q]
...
/P:count Zero every sector on the volume. After that, the volume
will be overwritten "count" times using a different
random number each time. If "count" is zero, no additional
overwrites are made after zeroing every sector. This switch
is ignored when /Q is specified.
Rather than worry about securely deleting data, an alternative might be to buy a new hard drive and do a clean install of the OS on that.
You can then keep the old hard drive for a while in case you forgot to back something up and eventually recycle it as a second (or third!) drive in your new machine.
Another suggestion, for Macs, is to use Apple's Disk Utility program. It's included on the OS X install disc, so if you boot from that, you can open Disk Utility, select your drive, and erase it (there are some options for how many times to write over data and such).
If you have access to (or are willing to buy) the proper equipment, you may want to consider degaussing the drive. Some organizations require this before machines can be re-used, sold, or given away.
You should be aware that this is likely to render the drive unusable.
When Python is installed on the machine, I just do python filldisk.py with this file:
import numpy as np
size = 256*1024*1024 # starts with 256 MB files
i = 0
while True:
try:
with open(str(i), 'wb') as f:
f.write(np.random.bytes(size))
i += 1
except:
print('Too big, trying new size: %i' % size)
size /= 2
if size == 0:
print('Finished')
break
It starts filling the disk with as many 256 MB files as necessary. When there is no space left for a new 256 MB file, it tries to fill with 128 MB, 64 MB, ..., 32 bytes, 16 bytes, ... 1 byte file. At the end the disk is full with random data binary files.
Another solution in 3 lines to fill a disk with n copies of a 1 GB AVI movie:
import shutil
for i in range(10000):
shutil.copy('c:\\movie.avi', 'file%i' % i)
At the end, there is probably less than 1 Go free on the disk, and you can fill it by copy/pasting various files (smaller and smaller), and at a certain point you will see something like "0 bytes remaining on the disk / disk full".
These 2 methods are rather rustic, but:
I know exactly what it does: it writes the whole content of the disk
it allows me to do it without installing a third party tool which is sometimes a "black box" (don't know what it does)
it works on Windows as well (other solutions with dd don't work on Windows) and it doesn't require to reboot on a bootable USB flash drive (like dban software...)
Also, if you happen to have lots of important data, the easiest and fastest way can be to physically destroy the medium. A sledgehammer blow is much simpler than overwriting 1TB disk 15 times with random binary patterns.
This command will completely fill the hard-drive with binary 0s. The more times you run this command, the more securely your drive will be erased.
sudo dd if=/dev/zero of=/dev/rdisk3 bs=4096
# ^ ^ ^
# Binary data add the r optimal MacBook Pro block size
Check your disk with diskutil list. Prefix disk with an r.
Check your optimal block size with stat -f "%k" .
For me, this takes about 20 minutes to full a 250GB harddrive. You will see no progress until the command is finished. If you want to see progress, you can update dd brew install coreutils and use
sudo gdd if=/dev/zero of=/dev/rdisk3 bs=4096 status=progress
# ^ ^
# note the g
