====== Wipe hard drives ======
Securely delete files and folders or whole file systems to hinder recovery, e.g. through means of [[:hacking:forensics|computer forensics]].
===== Linux =====
See also:
* [[https://wiki.archlinux.org/index.php/Securely_wipe_disk|Securely wipe disk]] (Arch Wiki)
==== Tools ====
* [[https://github.com/martijnvanbrummelen/nwipe|nwipe]] – variety of recognised secure erase methods, fork of the dwipe command used by Darik's Boot and Nuke (dban).
* [[https://en.wikipedia.org/wiki/Srm_(Unix)|srm (secure remove)]] – version of ''rm'' tailored to overwrite files.
==== HDDs ====
fdisk -l # find out optimal I/O block size
dd if=/dev/zero status=progress bs=512 of=/dev/disk/by-id/…
Other tools which can help with secure delete of data on HDDs:
* ''badblocks -wsv -t random /disk/by-id/…''
=== large HDDs (>8TB) ===
Since badblocks was originally written to verify floppy disks, its design isn’t construed for modern HDD drives. With sizes such as 18 TB drives, even the regular tip to use -b 4096 [[https://www.reddit.com/r/DataHoarder/comments/fbst8m/alternative_to_badblocks/|won’t help anymore]]. This is an alternative: Span a crypto layer above the device:
cryptsetup open /dev/disk/by-id/FIND_OUT_WITH_LSBLK CHOOSE_A_NAME --type plain --cipher aes-xts-plain64
Fill the now opened decrypted layer with zeroes, which get written as encrypted data:
shred -v -n 0 -z /dev/mapper/CHOSEN_NAME
Compare fresh zeroes with the decrypted layer:
cmp -b /dev/zero /dev/mapper/THE_NAME_YOU_CHOSE
If it just stops with a message about end of file, the drive is fine. This method is also way faster than badblocks even with a single pass[(https://wiki.archlinux.org/title/Badblocks#Alternatives)].
===== Windows =====
[[https://fastcopy.jp/|Fastcopy]] can wipe and delete files as well.