====== Wipe hard drives ======
Securely delete files and folders or whole file systems to hinder recovery, e.g. through means of [[:hacking:forensics|computer forensics]].

===== Linux =====
See also:
  * [[https://wiki.archlinux.org/index.php/Securely_wipe_disk|Securely wipe disk]] (Arch Wiki)

==== Tools ====
  * [[https://github.com/martijnvanbrummelen/nwipe|nwipe]] – variety of recognised secure erase methods, fork of the dwipe command used by Darik's Boot and Nuke (dban).
  * [[https://en.wikipedia.org/wiki/Srm_(Unix)|srm (secure remove)]] – version of ''rm'' tailored to overwrite files.

==== HDDs ====
<code bash>fdisk -l # find out optimal I/O block size
dd if=/dev/zero status=progress bs=512 of=/dev/disk/by-id/…</code>

Other tools which can help with secure delete of data on HDDs:
  * ''badblocks -wsv -t random /disk/by-id/…''

=== large HDDs (>8TB) ===

Since badblocks was originally written to verify floppy disks, its design isn’t construed for modern HDD drives. With sizes such as 18 TB drives, even the regular tip to use -b 4096 [[https://www.reddit.com/r/DataHoarder/comments/fbst8m/alternative_to_badblocks/|won’t help anymore]]. This is an alternative: Span a crypto layer above the device:

<code bash>cryptsetup open /dev/disk/by-id/FIND_OUT_WITH_LSBLK CHOOSE_A_NAME --type plain --cipher aes-xts-plain64</code>

Fill the now opened decrypted layer with zeroes, which get written as encrypted data:

<code>shred -v -n 0 -z /dev/mapper/CHOSEN_NAME</code>

Compare fresh zeroes with the decrypted layer:

<code>cmp -b /dev/zero /dev/mapper/THE_NAME_YOU_CHOSE</code>

If it just stops with a message about end of file, the drive is fine. This method is also way faster than badblocks even with a single pass[(https://wiki.archlinux.org/title/Badblocks#Alternatives)].

===== Windows =====
[[https://fastcopy.jp/|Fastcopy]] can wipe and delete files as well.