J
Jason Long
Guest
Hello.
How can I use Linux to Wipe all Data and impossible recovery?
Tnx.
How can I use Linux to Wipe all Data and impossible recovery?
Tnx.
OP
optimum
Guest
You can easily fill a disk with random data - your favourite search engine should provide numerous results...
OP
GrumpyOldMan
Guest
use dd to write from /dev/random to the device node for the disk itself.
Or use dban (Darik's Boot-And-Nuke)
Or use dban (Darik's Boot-And-Nuke)
OP
ryanvade
Guest
No such thing as impossible recovery. No matter how many wipes the data is still on the disk physically. The only 100% way to destroy data is to physically destroy the hard disk itself. Normally with a drill press or sledge hammer.
For the next best thing you will need a few hundred writes of random data (usually just 0). As the others have described.
OP
optimum
Guest
That seems overly dramatic. The platters can be glass substrate - which will produce lots of flying fragments - or ceramic which can also shatter. The softer ones are usually aluminium. So in most cases you should only opt for physical destruction if you don't have the time to dd the drive(s).
Doing a 100 pass zero fill is utterly pointless. Do you have any kind of technical source for this?
The Guttmann 35 pass method is no longer relevant for modern hard disk drives, which makes your 100 pass even less so. So a single pass dd of the whole disk to achieve a zero fill, or with random data, is sufficient.
https://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
(read the epilogues)
Doing a 100 pass zero fill is utterly pointless. Do you have any kind of technical source for this?
The Guttmann 35 pass method is no longer relevant for modern hard disk drives, which makes your 100 pass even less so. So a single pass dd of the whole disk to achieve a zero fill, or with random data, is sufficient.
https://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
(read the epilogues)
OP
ryanvade
Guest
With the proper tools and patience, the data can still be recovered from a one pass of dd. It will take time but, still it is possible. Even with modern HDDs. The only way to Completely destroy data from a HDD with no possible way to recover it is to physically destroy the disk. And since the OP asked for impossible recovery this is the only way. If you happen to have a super magnet then you can use that too now that I think about it.
https://www.nsa.gov/ia/_files/government/MDG/NSA_CSS_Storage_Device_Declassification_Manual.pdf
OP
optimum
Guest
So I link to a known white paper based on proven scientific research and your response is to repeat the same thing and link to a US government procedure...? The NSA could go over their disks with a steam roller for all I care, that doesn't mean it's required to remove data...
As with most government agencies, bureaucracy and blame apportionment takes precedence. The NSA's guidelines takes human error into account. Intelligence agencies aren't perfect, their employees even leave laptops and memory sticks on trains from time to time...
As with most government agencies, bureaucracy and blame apportionment takes precedence. The NSA's guidelines takes human error into account. Intelligence agencies aren't perfect, their employees even leave laptops and memory sticks on trains from time to time...
OP
blackneos940
Guest
Or fill it with NT Source Code..... :3 Oh.... Wait.....
..... Yeah, just go for what ryanvade said..... :3
OP
ryanvade
Guest
yeah that paper and the notes you pointed to are outdated and not proven. I think the worlds largest data collection agency probably knows how to protect their data.
By the way, I performed a 50 pass dd on an SD card (not the same type of media but for my purposes of this example) and then used Clonezilla to recover 57% of the original data. I doubt one pass would have been better than 57%.
OP
GrumpyOldMan
Guest
What did yo write with the dd? From /dev/zero or /dev/random?
OP
ryanvade
Guest
/dev/random . One pass just does not work well enough if the goal is total unrecoverable data loss.
*Edit: as a side note, it took 2 weeks of reading to get the data back. The SD card originally had ext4 filesystem and mainly consisted of text files.
OP
optimum
Guest
The white paper is out of date, that's the point... The epilogues are correct. It's valid.
An SD card is not a hard disk...
Do some more research...
OP
c2nix
Guest
Haha - why do we always feel it pertinent to overcomplicate simple requests.
dd if=/dev/zero of=/dev/sdX
Or
dd if=/dev/urandom of=/dev/sdX
(X = user defined variable)
This will cover most reasons that a user might want or need to erase media.
Keep in mind that nothing is ever deleted to a point where some form of forensic analysis can't recover it. Deeper the analysis needs to be / deeper the knowledge of these systems needs to be / deeper the pockets need to be to be able to afford the hardware or facility access to forensics - its all relative.
If its a bigger concern than writing random or zeros can cover - just buy new media - and you win.
dd if=/dev/zero of=/dev/sdX
Or
dd if=/dev/urandom of=/dev/sdX
(X = user defined variable)
This will cover most reasons that a user might want or need to erase media.
Keep in mind that nothing is ever deleted to a point where some form of forensic analysis can't recover it. Deeper the analysis needs to be / deeper the knowledge of these systems needs to be / deeper the pockets need to be to be able to afford the hardware or facility access to forensics - its all relative.
If its a bigger concern than writing random or zeros can cover - just buy new media - and you win.
OP
Jason Long
Guest
How about :
http://www.itsprite.com/3-best-tools-to-delete-data-securely-in-linux/
Thus, Data can be recovered?
OP
c2nix
Guest
Yes. No defined method will ever boast a 100% black and white fail proof recovery. But honestly - a bunch of grey area is really all one would need
Here is another way to think about deleted data - and a round about way of understanding recovered .txt docs.
Imagine a picture of cube that is full.(volume) It is deleted and run through recovery efforts. Depending on the depth of the deletion/recovery efforts, recovery successfully finds something. It may only be the frame of what looks to be a cube and might not be as vivid in detail but you still realize what you have probably once was a cube. Modern recovery software can make sense of all the fragments and fill-in some of the missing pieces of the puzzle. Obviously, text based deletions are a lot easier to piece together than your 1080p Star Wars library.
OP
Jason Long
Guest
Thank you.
What is your idea?
What is your idea?
OP
blackneos940
Guest
Oooh, me likey..... :3
OP
ryanvade
Guest
That was my point. If impossible recovery is what the OP wants the only way is to remove the Physical media. There are tons of forensic tools that can recover data from a dd wipe.
Last edited:
OP
optimum
Guest
I think people making claims about data recovery need to provide details of the "forensic tools", until that point you're just talking about some voodoo...
OP
Videodrome
Guest
Microwave
