Hard drive sanitisation - A homebrew approach

I often get asked the questions "Why should I securely erase my disk", "What is the best way to securely erase a disk?" and "What to use to ensure that a disk has been sanitised?". In this article I discus these options, but first a little reminder why at some stage everyone needs to securely erase data.

Part 1 — Overview

Why should I securely erase my disk?

At some stage, everyone needs to securely erase data at some point—even on a home laptop, Desktop or even on a Mac. After all, securely erasing your data ensures your personal and private information does not end up being found and abused by someone else.

So, when should you erase data from your machine? A few common scenarios that warrant a secure wipe of your drive include:

  1. Your laptop, desktop or server is sold or donated
  2. A hard drive is replaced as part of an upgrade
  3. The system is not yours and needs to be handed over (a loaner or belongs to your company)
  4. The hard drive is being trashed

What if I have nothing to hide?

I've had plenty of people who say, "It's ok, I have nothing to hide," But how much would you bet that almost everyone who says these things also have a front door on their home, locked when they're sleeping, and curtains covering their windows for privacy, as well as passwords protecting their email accounts to keep others out? Odds are everyone does these things.

Nothing to hide, huh?

Whether it's your friendly neighbourhood law enforcement agency, a burglar or dumpster diver who rummages through your rubbish bin for old hard drives with the intention of extracting data, we can rest assured (or not so much) that there are people out there who are after your data. Targeted or by accident, if a nefarious individual gets their hands on your data, you can very well end up in trouble.

Why would hackers target the data on your personal computer?

In all of the above mentioned scenarios that warrant a secure wipe of your drive, your data is leaving your possession, so making sure it is properly deleted is paramount. Whether your system is used to store school work, projects at work, personal files or just used for browsing the web, information from that system is valuable to someone other than you. Some of the things that can happen if data recovered from your old system or hard drive can be devastating, including:

  • Identity theft
  • Employment-related fraud
  • Loan/Credit card fraud
  • Phone or utilities fraud
  • Tax fraud
  • Get hacked

Your browser history, auto-saved names and passwords in your browser, email contents, sensitive documents, like tax returns, are all very valuable to someone who knows how to use it against you. Also think of photos, videos, chats and again email contents that may include sensitive and personal content that can be used to blackmail you or destroy your reputation.

Of course, you can keep every hard drive and flash drive you've ever owned to reduce the chances of the above happening, but after a while this method starts taking up a lot of space. So the next best thing is to securely erase them.

Part 2 — Using system utilities

Here I cover the options available for various operating systems.

Sun Solaris

Both of these methods have been tested on an Ultra-10 running Solaris 8 and an Ultra-20 running Solaris 10 with good results.

  • Using the dd command This is my preferred method on an Solaris system:
    # dd if=/dev/urandom of=/dev/rdsk/c#t#d#s2 bs=10k
    This will ensure that random (not completely random, but good enough) data is written to the devices RAW geometry. Thus removing all traces of previous data on the disk1
  • Using the format command Although we could use the analyse->purge sub-command from within the Solaris format(1M) command.
    # format
    format> analyze
        read     - read only test   (doesn't harm SunOS)
        refresh  - read then write  (doesn't harm data)
        test     - pattern testing  (doesn't harm data)
        write    - write then read      (corrupts data)
        compare  - write, read, compare (corrupts data)
        purge    - write, read, write   (corrupts data)
        verify   - write entire disk, then verify (corrupts data)
        print    - display data buffer
        setup    - set analysis parameters
        config   - show analysis parameters
    analyze> purge
    analyze> quit
    format> quit

    Basically, the purge writes three distinct patterns over the disk (0xaa, 0x55 and 0xaa again). If the verification passes, a hex-bit pattern (0x40) is then written over the disk.

    NOTE: The above procedure complies with DoD wipe disk standard 5220-22-M


For HP-UX based systems, it is recommended to use the raw device for improved speed and the input from /dev/zero (since /dev/urandom does not exist at the time of writing).

  1. Firstly, verify that /dev/zero special file exists:
    # ll /dev/null
    crw-rw-rw-   1 bin     sys     3 0x000004 Oct 10 20:26 /dev/zero
    If the device is not available, use the mknod to create it.
    # mknod /dev/zero c 3 0x000004
    # chown root:sys /dev/zero
  2. Use the dd to fill the target device:
    • HP-UX 1.11 / 11.23
      # dd if=/dev/zero of=/dev/rdsk/c#t#d#
    • HP-UX 11.31
      # dd if=/dev/zero of=/dev/rdisk/disk#

Macintosh Hard Drives

  • Pre OSX
    1. Boot the system from the Mac OS CD.
    2. Run the Drive Setup Utility under the Utilities folder on your Mac OS CD.
    3. Start by selecting the hard drive you wish to low-level format.
    4. Under the Function menu, select Initialization Options.
    5. Select Low Level Format (a check mark will appear) and click OK.
    6. Click Initialize at the bottom of the main screen.
    7. Again click Initialize.
  • OSX based systems
    1. Boot the system from the OSX Installation CD or DVD.
    2. From the Utilities menu at the top, choose Disc Utility.
    3. Then select the hard-disk you wish to sanitize.
    4. Under the Erase Tab, there is a Security Options section.
      • For most sanitation purposes the Zero-Out Option is satisfactory.
      • For sensitive information, I recommend using the 7-Pass Erase Option to ensure the data is rendered completely unrecoverable.
    5. Click OK then click Erase.

Linux based systems

  • Using shred Shred was originally designed to delete file securely. Firstly, overwriting it to hide its contents. However, the same command can be used to erase hard disk. For example, if your hard drive named as /dev/sda, then type the following command:
    # shred -n 5 -vz /dev/sda
    shred: /dev/sda2: pass 1/6 (249249)...
    shred: /dev/sda2: pass 2/6 (db6db6)...
    shred: /dev/sda2: pass 3/6 (random)...
    shred: /dev/sda2: pass 4/6 (aaaaaa)...
    shred: /dev/sda2: pass 5/6 (6db6db)...
    shred: /dev/sda2: pass 6/6 (000000)...
    • -n 5 — overwrite 5 times (default 25 times)
    • -v — show progress
    • -z — add a final overwrite with zeros to hide shredding
  • Using the scrub command This utility overrides hard disks with repeating pattens intended to make recovering data more difficult. For example, to scrub a raw device /dev/sdf1 with the default NNSA pattern, use:
    # scrub -p dod /dev/sdf1
    scrub: using DoD 5220.22-M patterns
    scrub: please verify that device size below is correct!
    scrub: scrubbing /dev/sdf1 1995650048 bytes (~1GB)
    scrub: random  |................................................|
    scrub: random  |................................................|
    scrub: 0x00    |................................................|
    scrub: verify  |................................................|
    Other scrub patterns are available with the -p option, review the scrub(1) man page.
  • Using the dd command Like the Solaris example above, we can use the dd command to securely wipe a disk. For example, to erase 1TB drive on /dev/sdc, use the following:
    # dd if=/dev/urandom of=/dev/sdc bs=4M
    256+0 records in
    256+0 records out
    1073741824 bytes (1.1 GB) copied, 20.3907 s, 52.7 MB/s

Part 3 — The physical approach

What if the drive is not accessible?

For drives that are not accessible, there is only one option to ensure the data is unrecoverable: Smash it to bits.

Physical destruction can be used in the following instances:

  • When computers or hard drives are inoperable.
  • When data tapes such as DDS (Digital Data Storage), DLT (Digital Linear Tape), DAT (Digital Audio Tape), or DC (Data Cartridge) cannot be overwritten through reformatting or initialization.

A short destruction process

  • Remove the hard drive, tape, or cartridge from the computer or storage unit.
  • Get on all your safety equipment, Hard-Hat, Safety Glasses, and Gloves. Place the device flat or on its side and strike it with a heavy hammer until it is crushed.
    NOTE: Pay particular attention to damaging the platters inside the hard drives where data is magnetically recorded. This type of damage will normally discourage the average person from attempting to recover any data.

1 As the drives controller maintains the bad sector tracking, any data written into bad sectors previously may still be there though the quality of this data would be questionable otherwise the sector would never have been marked bad in the first place.