[weric]

does anyone know of a UNIX command to securely erase a hard drive? i want to wipe a 2nd drive before i toss it out.

[Millennium]

If you truly want to eradicate the data on a hard drive that you're tossing out, you don't need a UNIX command; you need a sledgehammer. If the drive was always getting corrupted on you, this also provides for a satisfying way to "get revenge", so to speak.

[chris v]

I really big magnet will probably be effective, too.

If, you've got Tech Tool Pro, you can "write zeros," but you'd probably have to do that three or four times to really effectively guarantee that the CIA won't be able to extract your pr0n.

CV

[Millennium]

A big magnet isn't enough, if you're worried about Them (whoever They are) getting a hold of your data.

I remember reading once that the US Army's standard procedure for decommissioning a hard drive involved twelve low-level formats (alternating all 0's and all 1's), then taking the drive out, covering it with thermite, igniting the thermite, and burying the remains once they'd cooled. For added security you might want to break the remains into pieces and bury them separately. However, I'd say this is perhaps going a little overboard.

Just remember if you decide to do this to keep the drive well away from the house, trees, plants, animals, clothing, and anything else even remotely flammable while it's being melted down.

[NeXTLoop]

If you're running 10.2.3 you can open Disk Utility and do a "Zero all data" format from within it. But as Chris said, you should probably do it several times to be on the safe side.

[[APi]TheMan]

Originally posted by Millennium:
If you truly want to eradicate the data on a hard drive that you're tossing out, you don't need a UNIX command; you need a sledgehammer. If the drive was always getting corrupted on you, this also provides for a satisfying way to "get revenge", so to speak.

Word.

[Vanquish]

rm -P and after doing that, zero your drive

[macmike42]

The low-tech way:

1) Sledgehammer
2) Gasoline
3) Fire
4) ???
5) Profit!!!

The high-tech way:

sudo cat /dev/random > /dev/disk0

Obviously the low-tech way is much more reliable, since the high-tech way will probably crash itself before it finishes.

[weric]

thanks for the tip.

can you tell me what this command actually does?

sudo cat /dev/random > /dev/disk0

and how do i determine the disk? i would think disk0 is my primary drive.

thanks!

[macmike42]

Sorry, I probably should have stated more clearly that cat /dev/random was kind of a joke. However, it should, in theory, destroy the drive.

Explanation:

The 'cat' command outputs the contents of a file.

The /dev directory contains lots and lots (302 on my system) of 'special files', each of which represents a device on the system (hard drives, serial ports, printers, even speakers and microphones on Linux). By reading and writing to these files, you can communicate with these devices as if they were files.

/dev/random and /dev/urandom are 'random devices'. In UNIX in general, /dev/random will generate 'more random' output than /dev/urandom, but will sometimes stall while 'gathering entropy', whereas /dev/urandom will just take whathever entropy it can find.

The '>' operator writes the output of a command to a specified file.

/dev/disk0 is your startup disk not your startup parition, or volume. Therefore if you write to /dev/disk0, the first thing that will be overwritten will be your partition map, so a few bytes of data written to that device will probably render your startup disk unbootable.

/dev/disk0s6 is the sixth partion on my startup disk, and the first HFS+ partition (the first 5 are for the partition map and various drivers and patches).

The 'df' (disks and filesystems?) command lists filesystems, as well as what device corresponds with them (and other useful info). The first one listed is your root partition, aka your startup parition. You can figure out which /dev file coresponds with each partition from the first column on the left.

Truthfully, I would not ever use the command I jokingly quoted, and would not recommend it to anyone. Although in theory it is quite sound, a typo could make you very angry. Nothing beats a tall bonfire for "securing" sensitive data.

[Angus_D]

Originally posted by macmike42:
The 'df' (disks and filesystems?)

I think it's disk free (space).

[macmike42]

Originally posted by Angus_D:
I think it's disk free (space).

Is that disk Free as in a Freedom or as in Beer?

[Simon]

Originally posted by macmike42:
The low-tech way:

1) Sledgehammer
2) Gasoline
3) Fire
4) ???
5) Profit!!!

I believe that the only thing you have to do is heat up your hard disk above the Currie temperature. At least that should get rid of the magnetic traces of your data, but I'm not a solid state physicist so I can't guarantee...

[Hozie]

Ok, I'm no expert on these issues, but can anyone tell me the following:

why the hell is it necessary to zero the HDD several times? I mean, you do a low-level-format, it takes 8 hours to write 1's and 0's all over the place (and I mean on every writable portion of the drive). Right, it's been re-magnetized into a different configuration of 1's and 0's than before. The only reasons I can think of that this wouldn't be secure are:

1) There's a way to recreate the original state by examining the magnetic traces...ehm... or sumtin'.
2) The 1's and 0's that are written on the disk bear a relationship to the 1's and 0's that were there before. This could be possible if the LLF application was really an algorithm that took old bits and transformed them into new bits that it then writes on the disk in the place of the old ones. Doesn't make much sense why it'd do this though.

Anyone with a faint clue (and/or remarks from forensic analysts will be taken into account as well ).

[mrtew]

It seems to me that erasing the directorys and then copying some huge image file repeatedly until the disc is full would be better than writing zeros. I think the underlying data would 'show thru' zeros better than a complex jumble of image data. I'd just take the platter out of the drive and bend it. It would be pretty hard to read the data when the disk itself wouldn't spin.

[Miniryu]

Just put everything on the hard drive into the trash and then empty it.

[Hozie]

Just put everything on the hard drive into the trash and then empty it.

Why, I didn't think about that! You must be joking, right?

[Millennium]

Originally posted by Hozie:
Ok, I'm no expert on these issues, but can anyone tell me the following:

why the hell is it necessary to zero the HDD several times? I mean, you do a low-level-format, it takes 8 hours to write 1's and 0's all over the place (and I mean on every writable portion of the drive). Right, it's been re-magnetized into a different configuration of 1's and 0's than before. The only reasons I can think of that this wouldn't be secure are:

1) There's a way to recreate the original state by examining the magnetic traces...ehm... or sumtin'.
2) The 1's and 0's that are written on the disk bear a relationship to the 1's and 0's that were there before. This could be possible if the LLF application was really an algorithm that took old bits and transformed them into new bits that it then writes on the disk in the place of the old ones. Doesn't make much sense why it'd do this though.

Anyone with a faint clue (and/or remarks from forensic analysts will be taken into account as well ).

Your first idea was correct; faint traces of the old magnetic pattern are left behind which can be figured out.

Also, when the magnetic pattern of a drive is held for any significant lengvth of time (even overnight). the hard drive's material is "pulled" slightly out of position. Not wnough to harm the drive, of course; we're talking a a fraction of a micron at most. But with a scanning tunnelling microscope, it's possible to detect this slight deformation of the disk, and recreate the data from that. This can last through hundreds of reformats.

Copying a single image file over and over is actually no better than several low-level formats, because either method has a pattern which can be figured out. The best way to do this, actually, is a cycle of three formats, using ones, zeroes, and random data. Repeat that cycle at least ten times and they'll need to use that microscope.

Of course, only the NSA is known to actually have the technology required to do this trick, and if they're after you then you need more help than an Internet messageboard can provide.

[Xeo]

Disk Utility has the option to zero data now. It's probably good enough for what you want to do (keep John Doe from using Unerase to see what you had on your disk). Of course, there's always opening the drive, scratching it, pouring chemicals on it, then burning it. I liked the idea of breaking it into several pieces then burying each separately. I'd add onto that burying each piece in a different country than the others. One or two pieces should make their way into the ocean.

[hadocon]

Originally posted by Xeo:
Disk Utility has the option to zero data now. It's probably good enough for what you want to do (keep John Doe from using Unerase to see what you had on your disk). Of course, there's always opening the drive, scratching it, pouring chemicals on it, then burning it. I liked the idea of breaking it into several pieces then burying each separately. I'd add onto that burying each piece in a different country than the others. One or two pieces should make their way into the ocean.

I like your Ocean idea. It's romantic

Seriously though, if the NSA was after me I would think that pulverizing the platters and mixing them with a thick mixture of chlorine sand (like the kind for your pool) and lawnmower gas, taking it all down to the river and ignighting it - melt that sucker like the Terminator!

FYI: Don't breathe the fumes AT ALL or you will be like "air tastes like burning!"... Oh yah, dont look at the flame to too long either. It burns bright like a welders torch.

IMPORTANT: Do not extinguish with water - it will EXPLODE. Dump sand on to smuther flames instead.

DISCLAIMER: Don't ever do any of this, unless the NSA is after you.

[dfiler]

The feds have some amazing data recovery gear. Here's one technique for recovering zero'd and overwritten data.

They take the platters out and mount them in hardware with incredibly precise head positioning mechanisms. This allows them to read data back at a higher resolution than it was written. Feed this through a super computer for an undisclosed amount of time and it is possible to recover data which has been overwritten numerous times. The key is that the bits aren't written to exactly the same location with subsequent writes. There is a minute amount of slop in disk mechanisms.