4

How can I quickly wipe a disk (filesystem/partitions) without overwriting all content with random data? For example shred could accomplish what I want but takes to much time.

tomwassing
  • 143
  • 1
  • 1
  • 4
  • 4
    1. Do you want to overwrite everything with zeros which is faster than with random data? 2. Do you want to change the mapping (which is faster than overwriting with zeros (and at least as secure)? 3. Do you want to destroy the drive physically? 4. Do you want to 'only' wipe the partition table (or better the first mibibyte) and replace it with another partition table with one or more partitions with new file systems without overwriting all data? This can be very quick, and will work well, if you intend to use the drive yourself. – sudodus Jul 02 '18 at 20:31
  • 3
    What is the goal here? Security? – Dessa Simpson Jul 02 '18 at 21:39

5 Answers5

7

If you don't care about actually destroying the data on the disk, you can probably do something like dd if=/dev/urandom of=/dev/sdc bs=1M count=2 to fry the first couple of megabytes (which would include the MBR and partition table).

Be super-duper sure about which block device you point at as there are no taksey-backsies on this command

DopeGhoti
  • 73,792
  • 8
  • 97
  • 133
  • 1
    Be aware that this is **very insecure**. Although the partition table is deleted, the file-system is left completely intact. Nowadays, tools align partitions to 1 MiB boundaries by default. An average user would plug in the drive, create a new partition table and a new partition. The file-system would be discovered with all data instantly available. It does not even need an IT professional for this to happen. The situation is even worse in case the disk contains a GPT. The operating system would find the undamaged secondary header and would simply recover the partition table. – Hermann Aug 31 '18 at 11:03
  • 2
    The OP asked for quick, not secure. – DopeGhoti Aug 31 '18 at 15:08
  • 1
    True, yet this method is so far on the "fast" side of "fast vs. secure" that data can be recovered *by accident*. I recommend overwriting with `count=2` so the header of the first partition is destroyed as well. Not much slower, but it yields a dramatic increase in security. – Hermann Aug 31 '18 at 17:46
  • 1
    Fair. I've adjusted the `count`. – DopeGhoti Aug 31 '18 at 17:47
  • Although security is not a consideration, this is still remarkably easy to recover from. Running `mkfs` would at least remove all the super-node backups but is still very insecure. – symcbean Jun 05 '23 at 15:34
5

The fastest (and also the safest) is to encrypt the whole disk when it is new. Then, to erase, just erase the encryption key. Done in half a second, unfeasible to recover any data.

  • 1
    Very true. But not so useful after the fact, though. – roaima Jul 02 '18 at 21:17
  • Which fact????? – Jamie Hutber May 14 '19 at 21:38
  • 4
    @JamieHutber The "after the fact" is an English idiom to express "after something has been done already". In this case, after the disk has been used it becomes more difficult to make a "whole disk encryption". Still doable IMO. –  May 14 '19 at 23:08
3

A really quick and easy option for magnetic disks is a degaussing bulk eraser. 20 seconds and your data is gone forever.

roaima
  • 107,089
  • 14
  • 139
  • 261
  • 1
    Or a crusher or shredder. See, e.g., https://www.semshred.com/data-destruction-type/hard-drives/hdds/ – Mark Wagner Jul 02 '18 at 20:03
  • If such a degaussing beast did exist, nobody would shred disks. You can't since the field force in the disk is too high. – schily Jul 02 '18 at 20:11
  • 2
    @schily [they do exist](https://www.datadestroyers.eu/degaussers/degausser_datagauss_lg.html). Not cheap though. – roaima Jul 02 '18 at 21:06
  • @MarkWagner I did consider suggesting a [hammer](https://www.screwfix.com/p/magnusson-fibreglass-handled-club-hammer-1kg/9984V), but I decided the OP probably wanted to reuse the disk. – roaima Jul 02 '18 at 21:15
2

ATA Secure Erase is available on non-SSD drives, too. See https://askubuntu.com/questions/42266/what-is-the-recommended-way-to-empty-a-ssd on how to request the operation.

Hermann
  • 5,789
  • 2
  • 17
  • 32
  • To clarify: ATA Secure Erase is a procedure which allows you to ask the disk drive to *completely erase itself*, and once the erasure process has been started, the drive is supposed to not accept any other commands until it has been completely wiped. *If properly implemented in the disk firmware*, even removing the power mid-erase should not help: the disk should go right back on erasing itself as soon as the power is re-applied. For threats advanced enough to interrupt this, you'd need some form of physical destruction anyway. – telcoM Aug 31 '18 at 19:14
  • @telcoM it seems trivial to get an identical disk that isn't erasing and swap the platters which contain the actual data. – AnnoyinC Jun 17 '21 at 14:50
  • Be aware that this requires trusting the drive’s firmware to actually securely delete everything, which it may or may not do. – Andrew Marshall Jun 24 '21 at 20:15
  • @AnnoyinC AndrewMarshall Both concerns are somewhat valid, but assume an extremely high profile target. Under those circumstances, complete thermal destruction is the only "quick" and "secure" way. – Hermann Jun 24 '21 at 22:48
0

To secure wipe your disk you must overwrite your data. Overwriting damaged sectors or "sectors which are not accessible" is not possible - for that you have to destroy the disk (as mentioned).

Following are some tools i know for overwriting disk with for example zeros. Some tools can offer solutions to be faster to wipe more discs at once for example.

  • dd (i think well known)
  • dcfldd (like dd with status and for example multiple outputs!)
  • ddpt (more used to copy storage devices)
  • ddrescue (more used to get data back ;-)
  • shred

So if you wan't wipe more than one disk dcfldd can be a good choice.

Also you can use Darik's Boot And Nuke (DBAN). "It is an entirely free data destruction program used to completely erase all the files on a hard drive." This can make the process easier (and for that faster?).

Thinking of writing zeros the bottleneck is the write process. Look that your disk is the bottleneck. For example connect your USB3 disk to an USB3 Port.

I also saw a "private" program which test sectors for zeros, so you do not have to overwrite zeros with zeros. Good for ssd-drives (every write tasks short the life of an ssd-disk). It seems a lot slower but in some circumstances it is fast, for example if the disk is not used much (like a transport disk for small datas) because reading ist faster than writing.

Djf
  • 1