HDD zeroing (for security) help

I have some spare HDDs that I would like to potentially sell/give to friends (assuming CDM score is good) Before I do that though, I would like to securely erase any data on them. Currently I've been blundering around trying to use DD to fill each disk with zeros but to be honest I'm clueless. Anyone here able to give me tips/guide as to how I should properly zero my disks? thanks

Killdisk zeros hardrives. Although I would put it in a pc with only the hardrive you want to zero. The paid versions dose multiple passes so all data is gone to DOD standards.
Just make a boot disk or usb drive.

1 Like

My zeroing station is running kali live (only live usb I had lying around) Any command line stuff you'd recommend? (I generally prefer running things in terminal as opposed to learning a new GUI)

Shred should do the trick from the command line if you're worried about doing multiple passes. I know it's in Debian and Redhat flavors: http://linux.die.net/man/1/shred

To wipe disk sda with 3+1 passes and write 0's for a final pass:
sudo shred -vfz /dev/sda

2 Likes

Only thing i know is killdisk but it is easy to use because it only does one thing and that is wipe hardrives.
http://www.killdisk.com/downloadfree.htm
Looks like there are linux versions you should be able to apt-get that aren't bootable versions.(can create bootable media with it) I suggest the bootable because its easy and if you only have the target drive no mistakes can be made.

1 Like

thanks for the responses :) off to zero some disks...

just download darik's boot and nuke (DBAN) it does many options for wiping drives (multiple at one time in a system if you want) including DoD conformant wipes and beyond. I use it whenever I get a used drive so I can't accidentally see something illegal and then have to report it, no see no touch no report, easier on me like that.

It is a boot ISO, but can be put onto a memstick with various memstick image utilities, of which I prefer rufus.

One gotcha with DBAN, if the system has a media controller (like sd card reader) built in it will crash.

1 Like

ok I'll make sure and take a look at all of these :)

whats all this stuff on DBAN website about how much better blanco is? should I be using blanco if I intend on selling drives?

no idea, I still prefer dban verymuch and have used it for a very long time, I know it works, im familiar with it, I know it's very secure, and it's a proven tech. good enough for me.

how many drives can it zero at once? (or is there a limit at all?)

thanks again for all the help

the limit is how many drives the system can handle. The realistic limit is how much the CPU and IO can handle before bottlenecking and being more worth it to do in two sessions. This of course has a lot to do with the system and drive controllers you choose for this task, and the type of wipe you choose.

No problem, glad to help.

DD is burning the file to USB as we speak... Off to zero some drives!

Phenom 9750 on an ECS board with sata 2 gonna bottleneck 1tb WD greens? (up to four at once off motherboard ports)

not even close to bottlenecking iirc

also this isnt for zeroing drives, it's for scrubbing them. different task. zeroing is not secure at all, scrubbing is. other than that, the result is the same - blank drives.

what's the difference?

You can use Eraser ( http://eraser.heidi.ie/ ) which is free, to perform a Department of Defense level wipe (DoD 5220.22M, 7 Pass). It's not too much different than Killdisk.

Well, if you overwrite all sectors on the disk with 010101 etc. three times,only a government power or a Russian crime syndicate can recover data after that. If a sector is marked as bad and is inaccessible to disk, and if there is data stored on that sector, then it may be possible to recover that data by actually removing the platters and recombing them. I don't know what you mean by "Scrubbing" but sometimes there is no way to access these "Bad" sectors at a software level, since the onboard disk electronics will refuse to touch them.

Easiest way, and the way I do it, is through windows. Diskpart, select the disk and clean all. 100% zero out of the disk including MBR/GPT etc.

Edit: I noticed this was in the linux forum afterwards. I love parted magic outside windows. It'll zero or scrub a disc for you.

You want to re-write random bits, not zeroes, and run multiple passes, because:

https://www.usenix.org/legacy/publications/library/proceedings/sec96/full_papers/gutmann/index.html

1 Like

Yall are getting way too deep into this and attempting to spout out way too much technical detail for a consumer use hard drive. No one with the capabilities to recover data of even a single zero over is going to buy some random hard drive off ebay to try to recover someones bills.docx and porn pics off their drive.

A full zero out is more than sufficient to sell a drive off for public use.

I use a 20 passover write for our data before sending the drive off to get shredded and that's -only- because I have to be HIPPA compliant.