myfixlog.com Got a fix, how to, or an answer? Earn some money!

... Info Report ...
Views: 12147
100% Success Rate (1 votes)
Did this work for you?
Logger: jake
Date: March 8th, 2011
| Share
... ...
How to Securely Erase (Wipe) a Hard Drive for Free with DD

How Do I...

How do I securely erase a pen drive or hard drive for free?

Related:
How to Make a Virtual Machine out of a Physical Computer using Free Software
How to use the File Carver Foremost to Recover a Deleted File
Tags: hard drive, Ubuntu, Free, dd, BootMed, Secure, Erase, Wipe, Delete

The Fix

Summary: This tutorial was made specifically for the BootMed Ubuntu Remix.

When a file is deleted, or a drive is formatted, the files are not completely destroyed.  What is destroyed is the information about where they are stored on your drive.  You could think of it as someone taking the street numbers off your house.  Your house may be a little harder to find, but it is still there.  To recover these files, all you need is a file carver, which searches for files based on their signiture, not the location of the file.  File carvers available for free and are not difficult to use.  (click here to see how to use one)

So when you sell a computer or a pen drive, it is important to securely erase it first.  Otherwise anyone could recover some of your files, even if you have done a factory restore!

Data on a drive is stored in 1's and 0's.  A secure eraser changes every single 1 or 0.  This way, all information is destroyed.  Most secure erasers will 'Zero' a drive, meaning that they change every bit to zero.

Ubuntu, (and the BootMed remix) come with dd, a program for copying disks.  Dd can also securely erase hard drives by either changing all bits to zero, or by changing bits randomly to one or zero.

To test this method's effectiveness I will first scanned my pen drive with a file carver/undeleter and found 285 files, 73 of which are actual files, 212 are deleted files.  After I securely erase the dirve, I will check it again.

CAUTION: If you are going to wipe a hard drive, or even just a partition on a hard drive, make sure that you have the system CD's.  If the factory restore information is stored on your hard drive, DO NOT wipe your drive with this method, unless you have another way to reinstall the operating system.


Step 1 - Finding the Drive's Address

Image 3

Image 2

Image 1

In order to wipe your drive you must first find its address.  The way that Ubuntu gives addresses to storage devices is very different from the way that Windows gives addresses (C:, D: etc). To complicate things even more, there are 2 addresses that a drive can have, a /dev and a /media address (the first is the device's address the other is the mount point, the place where you can access the files).  We are interested in the /dev address of your drive and the /media address of your external hard drive.

On the BootMed desktop you will see an icon called GParted, double-click it.  (Image 1)  It may take a few seconds for GParted to open. In the window that opens, click on the drop down box in the upper right portion of the window.  In the drop down box you will see a list of drives (hard drives, external hard drives, pen drives) and their sizes.  If you know the size of your hard drive, identifying it will be easy.  (Image 2) Once you have selected your hard drive from the drop down box, you will see a 'horizontal bar' appear that represents your hard drive and its partitions.  (Image 3)  The address will be inside the bar, above the size of the drive (ex: /dev/sdb5.)

The numbers at the end of the address are a suffix that represent partitions.  For example, if you wipe /dev/sdb, you will wipe the whole drive.  If you wipe /dev/sdb5 you will just wipe a partition.

Make a note of the address and be sure to copy it exactly, these addresses are case sensitive.

Step 2 - Wiping the Drive

Image 2

Image 1

To wipe the drive, open Terminal from the desktop.  This will open DOS like window, in which you will type a command that will tell dd to wipe your drive.  First you will need to build the command.  Here is how it works:

sudo(space)dd(space)if=/dev/zero(space)of=(drive address)(space)bs=1M

Ex:

sudo dd if=/dev/zero of=/dev/sdb bs=1M

(Note: if you want to wipe your drive with random information change if=/dev/zero to if=/dev/urandom)

Once you have your command written in terminal, (Image 1) hit enter.  Dd will now start wiping your drive, denoted by the blinking cursor.  This may take many hours to complete!  Sadly, dd does not come with a "progress bar," so you will just have to wait it out.  When it finishes it will give you a short read out of the speed at which it was wiped and say "No space left on the device." (Image 2) This means that the wiping is completed

If for some reason you really need to wipe a drive well (the NSA is after you, etc), my suggestion would be to first wipe your computer with random 1's and 0's, and then wipe it with 0's.  That should throw them off ;)

Step 3 - The Results

After I wiped my pen drive, I re-scanned my drive with a filecarver/undeleter.  I was not able to find any files.  While dd is not the fastest or most elegant, it certainly does the job!


Additional Resources

There are no resources.

Comments

Add a Comment
There are no comments.
AboutContact