Wednesday, August 30, 2017

Securely Erasing Your Old Hard Drive Easily with Linux or a Mac

I have been thinking of the easiest way to completely and securely erase a hard drive lately.  I was given two old laptops and was asked by a dear family member to help get some personal effects off of an old laptop.

To keep this short, I was able to do that using an external hard drive case and my own machine.

Since I use Linux, I am immune to windows viruses, I can simply copy the desired data to my computer.  I now have a directory of 1.1 GB of pictures, writings and other information on my desktop which I will burn to a DVD and say "Here you go, enjoy".

Mac people and other BSD people can rejoice in that as well.

She'll need to scan that for viruses before she looks at it in detail since she's on windows.

Ok, that's all done right, just toss the drive in the nearest secure shredder or sneak it into the trash or....

Not so fast.

You see, data can be forever.

A CD typically lasts 10 years.
A CD that "you" wrote may not last that long, say 5 years.
A DVD will last longer, I haven't had one that I wrote fail yet, and some are well more than 10 years.

I still don't trust that removable and optical stuff.

But, if I can get the computer I am looking at now to recognize the drive, the data will still be there.  Useful or not.

Even those old 500 MB drives from the first days of the IDE era can be read if I have a way to convince my laptop to read it.  How?

Get an external hard drive case.   You need to know what kind of hard drive you have in your hands.

IDE External Cases are still available.
Serial ATA or SATA cases are available in USB 3.0 and 2.0 if you want cheap.

I paid under $5 for mine when they were on sale.

Put the drive in question in the case.
Plug the drive case into the computer.

Assuming that your computer can see the drive and the data on it, now what.  You've got your data off and you want to securely erase the drive.

Here's where Linux comes in to play, although a Mac will work as well.

Don't have a Mac or Linux computer?  The easy fix is to download a copy of Ubuntu and burn that to a DVD or to a memory stick and boot from that.   That is all done via a program called unetbootin and it is available for any modern operating system that I can reasonably think of.   Follow the instructions and you end up with a bootable USB stick.  Boot from that stick.  Plug the external drive in.

Now you're looking at Linux.
(If you're a Mac guy, you can to follow this on your Mac.)

Commands from this point forward will be in BOLD

Start Terminal.

Get root with "su" or "sudo su" and give it the system's password.  

Verify the address of the external drive.  "dmesg" will give the device name at the end of the display.  You can also find it in gparted (if installed).  The address will be similar to /dev/sdb.

Verify it again.  "Measure twice and cut once".

In terminal enter the following command - I am assuming that the operating system thinks that the external drive is on "/dev/sdb".  You need to know which partition and this will tell you where it is:

fdisk -l /dev/sdb

(Man, I hate Helvetica - That is a lower case -l )

On the Windows drive I have in question, it gave me two partitions - sdb1 and sdb2.  Windows being what it is, will almost always use sdb1 as the boot partition, and it will almost always be the largest one and the one in question with your data.

Since I have cleared out all the data that I would be worried about in an earlier step, I do not have to worry about deleting any partitions.  But I do have to create a space to work with.

Within terminal, mkdir work will make an empty directory to play with.

To access the data on the external drive: mount /dev/sdb1 work

To verify you have connected to the drive, cd work 

To list any data files you left in that directory, ls  will show you.

To create a big file to overwrite all that empty space enter the following command.
    dd if=/dev/urandom of=junkfile.txt

That dd Command will write random garbage out to the file called junkfile.txt until it runs out of space. Out of Space is a bit misleading because certain disk formats have maximum file sizes, so just run it again with a different name on the "of" portion of the command - like "junkfile1.txt" until you are satisfied.

That's about it.   Your empty space on the drive has been filled with garbage.  You can delete that junkfile.txt and use the drive as a floppy if you like.  Since you previously deleted things that you wanted to be securely deleted, this happened with it was overwritten with random data.

The theory goes that with the "new" and "large" disks we have inside of our computers over the last few years, simply writing garbage out would be sufficient.

The Geek version was that the old drives had enough space between tracks that the data would sometimes, but not always, be mirrored and repeated in the empty spaces.  Some of the information could be "recovered" by reading that space.

You don't have the technology to do that.  Any "normal" person finding your drive would not either.

New drives over the last few years are so densely packed that that space between the tracks is too small to store extra copies of the data.

If you are super worried (paranoid) about your data, give the drive to a destructive person, and some hand tools, and let them disassemble it for the magnets.  Or run over it with a truck.   Or both.

But this is as far as I go with my own personal data.

No comments:

Post a Comment