On Mon, Aug 17, 2015 at 11:30 PM, Helmut Walle <[email protected]> wrote:
> dd if=/dev/zero of=/dev/sdx > ... > If you want better security use /dev/urandom instead of /dev/zero, however > take into account that this can be slower as it does require some CPU work, > whereas /dev/zero produces the zero bytes with very little CPU involvement > and thus is noticeably faster, particularly on old hardware. > Security & convenience (speed) rarely go together :-) Blasting zeros onto the disk is nice, because you can easily tell later on if it worked. If you put random data on there you might not be able to confirm it was a successful write! https://en.wikipedia.org/wiki/Data_remanence discusses the problem quite well, and while there are various organisations that publish standards requiring multiple passes with differing data patterns, there don't seem to be any successful "reconstructions" from the simpler delete. https://kromey.us/2013/04/the-myth-of-data-remanence-484.html The more complex overwrite/delete cycles are a handy workout for the drive, however; if you have time, running multiple passes of dban on the disk both destroys any data on there, and confirms that there are no terminal bad blocks :-) which is a nice extra. -jim
_______________________________________________ Linux-users mailing list [email protected] http://lists.canterbury.ac.nz/mailman/listinfo/linux-users
