There are times when we want to erase all the data on a drive for security reasons, such as before we sell a computer we will want to be sure all private information is erased.
Other reasons to erase a drive include legal requirements and to be sure a virus is removed from a drive, for example, one hiding in the boot sector.
Erasing a drive is also called destroying the data, shredding the data, overwriting the data, wiping the data, sanitizing the drive and other terms.
When an operating system (Windows, MacOS, Linux) deletes a file, the data is merely marked for deletion and the data often can be recovered. Formatting and partitioning drives to not explicitly destroy data either. Data can also be found in drive slack space, bad blocks (remapped sectors) and Hidden Areas.
To erase a drive therefore requires that data (zeros or random numbers) be written to the entire drive. The only way to really be sure all data is impossible to recover is to physically destroy the drive, such as shredding the drive and electronics.
There are many applications that can overwrite data on a drive. Some are freeware, some are commercial and Unix/Linux contains a utility that will do the job called “dd.”
DBAN (Darik’s Boot and Nuke) is a free utility that has been a favorite for years. It has many methods of overwriting data including DOD methods. Download it and make a bootable CD or USB. dban.org
KillDisk is a commercial product that is very popular. It has many methods of overwriting data including DOD methods. KillDisk has a free demo version that will only overwrite with zeros but this meets most needs. KillDisk will generate a certificate to document the erasing of the drive and can run from a boot disk or an app in Windows or Linux. The full Professional software license starts at $49.95. killdisk.com
Other sources of drive erasing utilities
Drive erasing is included in some applications such as CCleaner, Acronis True Image, MacOS.
Proprietary software such as those mentioned are closed source so we don’t know how they work. Another issue is they may not work with RAID array controllers. Some RAID array controllers have utilities built in to erase drives.
Unix/Linux dd utility
Unix and Linux have a very powerful utility included called “dd” which copies blocks of data from source to destination. Copying zeros to every block of a drive can be as simple as
dd if=/dev/zero of=/dev/sda
The dd command requires knowledge of Unix/Linux. Use caution, it will overwrite what you tell it to. The “lsblk” command will show you your drives. The dd utility can be used in a bash script to document a method and include information like start time, elapsed time, computer MAC address, drive serial number, drive size, type and more. See below for an example script.
Using a disk editor you can prove to yourself that the drive is indeed filled with zeros (or random numbers if this is what you choose to overwrite data with).
All drive overwriting methods take time, a lot of time, hours and even days for large arrays.
Example of a Linux bash script for deleting data on a server array set to RAID 0 and screen capture of a dd script.
echo “Run with root account command line: bash wiper &> outputfile.txt”
echo “Dell server”
echo “serial number”
echo “SCSI controller ”
echo “drive /dev/”
echo “MAC Addresses:”
echo “Block Devices:”
echo “Start time:”
echo “dd command: (example: dd if=/dev/zero of=/dev/cciss/c0d0 bs=512)”
dd if=/dev/zero of=/dev/sda bs=512
dd if=/dev/zero of=/dev/sdb bs=512
dd if=/dev/zero of=/dev/sdc bs=512
# dd if=/dev/zero of=/dev/sdd bs=512
# dd if=/dev/zero of=/dev/sde bs=512
# dd if=/dev/zero of=/dev/sdf bs=512
echo “End time:”
echo “Elapsed time: (Integer values)”
echo “$(($ENDTIME – $STARTTIME)) seconds.”
echo “$((((($ENDTIME – $STARTTIME)) / 60))) minutes.”
echo “$((((($ENDTIME – $STARTTIME)) / 3600))) hours.”
echo “Task finished. ”