Secure Hard Drive Wipe

I’ve been wiping a lot of hard drives recently. I use shred to do the job.

shred -n6 -z -v /dev/sdx

What do you do to your drives before disposing of them?


  • dd if=/dev/zero of=/dev/whatever BS=1G

    relatively quick and nearly guaranteed to be secure.

  • Yeah that shred command basically does 6 passes of random writes to the device then comes back and writes a single pass of zeros. Maybe I am a bit paranoid. But then again just because you are paranoid doesn’t mean they aren’t out to get you.

  • I’m sure the program works well, but whenever I think about programs promising to do important things with random numbers, I think of this

  • I use DBAN –

    (Great blog, BTW)

  • Thanks Joe, I hope you keep coming around!

    mmm wonder if the isp used dban on the wrong drive? :/

    The web hosting provider that was running accidentally deleted the DBAN web site, so we are restoring a backup to a new server right now. Check later today (Wednesday August 26th 2009) and everything should be back online.

    Technical support and account management already know about this problem. This outage only affects non-essential materials that were publicly posted.

    — Darik

    source: (Aug 26th, 11:05am CST, 2009)

  • My company uses DBAN, and it’s good enough that they use it on old drives from their POS register systems.

  • dd if=/dev/urandom of=/dev/sdX ; dd if=/dev/zero of=/dev/sdX ;

    Even that’s overkill. Either one is more than adequate.

  • Dusty Wilson Ubuntu Unknow wrote:

    I just repartition, reformat, and reuse. Unless it’s dead, it gets used somewhere. If it’s dead, it gets physically destroyed.

  • Jinks Linux Unknow wrote:

    Always a nice read in this context: (I couldn’t find a better version, sorry.)

  • I haven’t seen anything that indicates that a single ‘dd’ isn’t adequate for any normal disposal process, or that nulls are worse than bytes.

    The error that you need to compensate for isn’t that dd might leave recoverable data, it’s that you might forget to dd a drive.

    So the ideal process would be to have person ‘a’ dd each drive, with nulls, and have person ‘b’ cat /dev/sdx back to the terminal and make sure that no bytes show up. (i.e. person ‘b’ needs to check that person ‘a’ ran dd.)

    A simple tracking system (an ‘x’ mark on the drive) ensures that ‘a’ and ‘b’ both did their jobs.

  • I have never seen anyone recover from writing over a sector either. Unfortunately I am in no position to dictate corporate policy so I just look for a tool that makes it as easy as possible.

    Nice link, I had forgotten about the challenge.

  • Nick Mac OS X Firefox 3.5.2 wrote:

    Another vote for DBAN.

  • Robert Mac OS X Safari 4.0.3 wrote:

    It is not a matter of reading from an overwritten sector. It literally takes low level hardware methods to retrieve data from “slightly” overwritten hard drive sectors. The OS reads the last thing written…. With that in mind, the “dd” vs. “shred” argument comes down to what you have on the hard drive and whether someone who could get it actually wants the info….

Leave a Reply

Your email is never shared.Required fields are marked *

To submit your comment, click the image below where it asks you to...
Clickcha - The One-Click Captcha