Hard drive sanitisation - A homebrew approach

Updated 22 Sep 2016 Read time 7 min(s) 13 sec(s) (3612 views). Misc

I often get asked the questions "Why should I securely erase my disk", "What is the best way to securely erase a disk?" and "What to use to ensure that a disk has been sanitised?". In this article I discus these options, but first a little reminder why at some stage everyone needs to securely erase data.

Part 1 — Overview

Why should I securely erase my disk?

At some stage, everyone needs to securely erase data at some point—even on a home laptop, Desktop or even on a Mac. After all, securely erasing your data ensures your personal and private information does not end up being found and abused by someone else.

So, when should you erase data from your machine? A few common scenarios that warrant a secure wipe of your drive include:

Your laptop, desktop or server is sold or donated
A hard drive is replaced as part of an upgrade
The system is not yours and needs to be handed over (a loaner or belongs to your company)
The hard drive is being trashed

What if I have nothing to hide?

I've had plenty of people who say, "It's ok, I have nothing to hide," But how much would you bet that almost everyone who says these things also have a front door on their home, locked when they're sleeping, and curtains covering their windows for privacy, as well as passwords protecting their email accounts to keep others out? Odds are everyone does these things.

Nothing to hide, huh?

Whether it's your friendly neighbourhood law enforcement agency, a burglar or dumpster diver who rummages through your rubbish bin for old hard drives with the intention of extracting data, we can rest assured (or not so much) that there are people out there who are after your data. Targeted or by accident, if a nefarious individual gets their hands on your data, you can very well end up in trouble.

Why would hackers target the data on your personal computer?

In all of the above mentioned scenarios that warrant a secure wipe of your drive, your data is leaving your possession, so making sure it is properly deleted is paramount. Whether your system is used to store school work, projects at work, personal files or just used for browsing the web, information from that system is valuable to someone other than you. Some of the things that can happen if data recovered from your old system or hard drive can be devastating, including:

Identity theft
Employment-related fraud
Loan/Credit card fraud
Phone or utilities fraud
Tax fraud
Get hacked

Your browser history, auto-saved names and passwords in your browser, email contents, sensitive documents, like tax returns, are all very valuable to someone who knows how to use it against you. Also think of photos, videos, chats and again email contents that may include sensitive and personal content that can be used to blackmail you or destroy your reputation.

Of course, you can keep every hard drive and flash drive you've ever owned to reduce the chances of the above happening, but after a while this method starts taking up a lot of space. So the next best thing is to securely erase them.

Part 2 — Using system utilities

Here I cover the options available for various operating systems.

Sun Solaris

Both of these methods have been tested on an Ultra-10 running Solaris 8 and an Ultra-20 running Solaris 10 with good results.

Using the dd command This is my preferred method on an Solaris system:
```
# dd if=/dev/urandom of=/dev/rdsk/c#t#d#s2 bs=10k
```
This will ensure that random (not completely random, but good enough) data is written to the devices RAW geometry. Thus removing all traces of previous data on the disk¹

Using the format command Although we could use the analyse->purge sub-command from within the Solaris format(1M) command.

# format
...
format> analyze
ANALYZE MENU:
    read     - read only test   (doesn't harm SunOS)
    refresh  - read then write  (doesn't harm data)
    test     - pattern testing  (doesn't harm data)
    write    - write then read      (corrupts data)
    compare  - write, read, compare (corrupts data)
    purge    - write, read, write   (corrupts data)
    verify   - write entire disk, then verify (corrupts data)
    print    - display data buffer
    setup    - set analysis parameters
    config   - show analysis parameters
    quit
analyze> purge
...
analyze> quit
format> quit

Basically, the purge writes three distinct patterns over the disk (0xaa, 0x55 and 0xaa again). If the verification passes, a hex-bit pattern (0x40) is then written over the disk.

NOTE: The above procedure complies with DoD wipe disk standard 5220-22-M

HP-UX

For HP-UX based systems, it is recommended to use the raw device for improved speed and the input from /dev/zero (since /dev/urandom does not exist at the time of writing).

Firstly, verify that /dev/zero special file exists:

# ll /dev/null
crw-rw-rw-   1 bin     sys     3 0x000004 Oct 10 20:26 /dev/zero

If the device is not available, use the mknod to create it.

# mknod /dev/zero c 3 0x000004
# chown root:sys /dev/zero

Use the dd to fill the target device:

HP-UX 1.11 / 11.23
```
# dd if=/dev/zero of=/dev/rdsk/c#t#d#
```
HP-UX 11.31
```
# dd if=/dev/zero of=/dev/rdisk/disk#
```

Macintosh Hard Drives

Pre OSX
1. Boot the system from the Mac OS CD.
2. Run the Drive Setup Utility under the Utilities folder on your Mac OS CD.
3. Start by selecting the hard drive you wish to low-level format.
4. Under the Function menu, select Initialization Options.
5. Select Low Level Format (a check mark will appear) and click OK.
6. Click Initialize at the bottom of the main screen.
7. Again click Initialize.
OSX based systems
1. Boot the system from the OSX Installation CD or DVD.
2. From the Utilities menu at the top, choose Disc Utility.
3. Then select the hard-disk you wish to sanitize.
4. Under the Erase Tab, there is a Security Options section.
  - For most sanitation purposes the Zero-Out Option is satisfactory.
  - For sensitive information, I recommend using the 7-Pass Erase Option to ensure the data is rendered completely unrecoverable.
5. Click OK then click Erase.

Linux based systems

Using shred Shred was originally designed to delete file securely. Firstly, overwriting it to hide its contents. However, the same command can be used to erase hard disk. For example, if your hard drive named as /dev/sda, then type the following command:
```
# shred -n 5 -vz /dev/sda
shred: /dev/sda2: pass 1/6 (249249)...
shred: /dev/sda2: pass 2/6 (db6db6)...
shred: /dev/sda2: pass 3/6 (random)...
shred: /dev/sda2: pass 4/6 (aaaaaa)...
shred: /dev/sda2: pass 5/6 (6db6db)...
shred: /dev/sda2: pass 6/6 (000000)...
```
- -n 5 — overwrite 5 times (default 25 times)
- -v — show progress
- -z — add a final overwrite with zeros to hide shredding

Using the scrub command This utility overrides hard disks with repeating pattens intended to make recovering data more difficult. For example, to scrub a raw device /dev/sdf1 with the default NNSA pattern, use:

# scrub -p dod /dev/sdf1
scrub: using DoD 5220.22-M patterns
scrub: please verify that device size below is correct!
scrub: scrubbing /dev/sdf1 1995650048 bytes (~1GB)
scrub: random  |................................................|
scrub: random  |................................................|
scrub: 0x00    |................................................|
scrub: verify  |................................................|

Other scrub patterns are available with the -p option, review the scrub(1) man page.

Using the dd command Like the Solaris example above, we can use the dd command to securely wipe a disk. For example, to erase 1TB drive on /dev/sdc, use the following:
```
# dd if=/dev/urandom of=/dev/sdc bs=4M
256+0 records in
256+0 records out
1073741824 bytes (1.1 GB) copied, 20.3907 s, 52.7 MB/s
```

Part 3 — The physical approach

What if the drive is not accessible?

For drives that are not accessible, there is only one option to ensure the data is unrecoverable: Smash it to bits.

Physical destruction can be used in the following instances:

When computers or hard drives are inoperable.
When data tapes such as DDS (Digital Data Storage), DLT (Digital Linear Tape), DAT (Digital Audio Tape), or DC (Data Cartridge) cannot be overwritten through reformatting or initialization.

A short destruction process

Remove the hard drive, tape, or cartridge from the computer or storage unit.
Get on all your safety equipment, Hard-Hat, Safety Glasses, and Gloves. Place the device flat or on its side and strike it with a heavy hammer until it is crushed.
NOTE: Pay particular attention to damaging the platters inside the hard drives where data is magnetically recorded. This type of damage will normally discourage the average person from attempting to recover any data.

¹ As the drives controller maintains the bad sector tracking, any data written into bad sectors previously may still be there though the quality of this data would be questionable otherwise the sector would never have been marked bad in the first place.