Wipe hard drives
Securely delete files and folders or whole file systems to hinder recovery, e.g. through means of computer forensics.
Linux
See also:
- Securely wipe disk (Arch Wiki)
Tools
- nwipe – variety of recognised secure erase methods, fork of the dwipe command used by Darik's Boot and Nuke (dban).
- srm (secure remove) – version of
rm
tailored to overwrite files.
HDDs
fdisk -l # find out optimal I/O block size dd if=/dev/zero status=progress bs=512 of=/dev/disk/by-id/…
Other tools which can help with secure delete of data on HDDs:
badblocks -wsv -t random /disk/by-id/…
large HDDs (>8TB)
Since badblocks was originally written to verify floppy disks, its design isn’t construed for modern HDD drives. With sizes such as 18 TB drives, even the regular tip to use -b 4096 won’t help anymore. This is an alternative: Span a crypto layer above the device:
cryptsetup open /dev/disk/by-id/FIND_OUT_WITH_LSBLK CHOOSE_A_NAME --type plain --cipher aes-xts-plain64
Fill the now opened decrypted layer with zeroes, which get written as encrypted data:
shred -v -n 0 -z /dev/mapper/CHOSEN_NAME
Compare fresh zeroes with the decrypted layer:
cmp -b /dev/zero /dev/mapper/THE_NAME_YOU_CHOSE
If it just stops with a message about end of file, the drive is fine. This method is also way faster than badblocks even with a single pass1.
Windows
Fastcopy can wipe and delete files as well.