Secure Your Privacy in Linux by Wiping Data Cleanly and Safely

Page content

Wiping Data From a Drive in Linux

Whether you’re selling your computer at a garage sale, giving it to a friend or even disposing of it through a recycler; wiping the hard drive is a smart thing to do to protect your privacy. Linux has some simple to use tools in order to achieve this.

The most common way this is achieved is by “zeroing-out” the hard drive. What this does is it overwrites every bit on a hard drive to 0 since the contents of the drive are in binary. The reason this is done, rather than simply partitioning the disk, is because often only the partitioning data is erased. This is a small memory block that contains the file system’s information on it. Only erasing the partition data leaves the actual contents of the hard drive intact. This can be reversed easily and is not ideally secure.

One of the most simple to use tools Linux has to offer to wipe a hard drive is the ‘shred’ command. Every Linux distribution should include it but for the purpose of wiping an entire drive you will want to boot using a Live-CD distribution so the computer does not boot off of the drive you are trying to clean.

The basic command to wipe the drive is (making sure to erase the appropriate device):

shred –vfz –n 10 /dev/hda

The ‘z’ option is what “zeroes-out” the hard drive. If left off, the overwritten bits will be randomized with 0s and 1s rather than all 0s. The other important option is the ‘n’ option. This indicates the number of times to shred the drive. In theory it becomes more difficult to recover any information from the drive every time it is run through the shredder. By default this option is set to 25.

The amount of time the wipe takes mostly depends on the size of the drive itself and the number of iterations set using the ‘n’ option.

These steps will prevent most methods of data extraction. However, with hard disk storage prices being quite reasonable, the absolute safest way to secure your privacy is to wipe the drive, remove it from the computer and then destroy it by cutting it up and incinerating it.