Re: [gentoo-user] Securely deletion of an HDD

Sun, 12 Jul 2015 06:01:45 -0700 

On Sunday 12 Jul 2015 13:35:25 Marc Joliet wrote:
> Hi,
> 
> I have to failed drives that I want to give away for recycling purposes,
> but want to be sure to properly clear them first.  They used be part of a
> btrfs RAID10 array, but needed to be replaced (with "btrfs replace").  (In
> the meantime I converted the array to RAID1 with only two drives.)
> 
> My question is how precisely the disks should be cleared.  From various
> sources I know that overwriting them with random data a few times is
> enough to render old versions of data unreadable.  I'm guessing 3 times
> ought to be enough, but maybe even that small amount is overly paranoid
> these days?
> 
> As to the actual command, I would suspect something like "dd
> if=/dev/urandom of=/dev/sdx bs=4096" should suffice, and according to
> https://wiki.archlinux.org/index.php/Random_number_generation#.2Fdev.2Furan
> dom, /dev/urandom ought to be random enough for this task.  Or are cat/cp
> that much faster?
> 
> Any thoughts?
> 
> Greetings

I use urandom a couple of times (3 to 5), because random takes too long and I 
don't store state secrets on my disks.  Then I dd onto it a final round of 
/dev/zero.  Finally, run hdparm to securely erase it for good measure.[1]  All 
of this could be an overkill, but do it out of habit these days.

It is worth saying that I use haveged to increase entropy:

[I] sys-apps/haveged
     Available versions:  
            1.5
       ~    1.7a
            1.7a-r1
       ~    1.9.1
     Installed versions:  1.7a-r1(12:46:23 04/21/14)
     Homepage:            http://www.issihosts.com/haveged/
     Description:         A simple entropy daemon using the HAVEGE algorithm

I should clarify that disks which contained financial data are dealth with a 
high speed angle grinder, after I remove the outer casing of the drive and don 
a pair of goggles.[2]  *Only then* do I recycle the bits left.  ;-)


[1] https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase

[2] You can also use a hammer, a drill, or any similar implement which will 
completely break the physical disk platters to bits.

-- 
Regards,
Mick

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply via email to