About drive wiping: You're probably better off using the ATA Secure Erase command, which is very quick and does the entire disc. dd and other tools risk not doing blocks marked as bad, for example.
He's right that a single overwrite of zero is probably good enough to make sure that data is gone, but it's probably not enough to persuade other people that it's gone. A few passes of pseudo random data is probably better if you need to persuade other people that the data has gone.
But if it's really important drive wiping is what you do to protect the drives until you get a change to grind them.
There is also a cryptographic erase option on secure erase if the drive supports it. It is nearly instantaneous and you can follow up with other slower methods if desired.
Also for SSDs, using the secure erase method is important because of overprovisioning and garbage collection. If that is not available, on most SSD algorithms, doing two full pass writes (with random sector data if drive supported compression) will get you close to wiping out all contents as possible.
>but it's probably not enough to persuade other people that it's gone.
I believe there is a long standing bounty for anyone who can retrieve useful data from a drive that had been zero'd once. No one has been able to thus far.
A lot of the disk wiping "culture" stems from a much earlier time when disk technology was less reliable, especially in regards to writes. Dan Gutmann himself says that the Gutmann method is long antiquated and only worked with MFM/RLL encoded disks from the 80s and early 90s.
Perhaps instead of humoring these people, we should be educating them. A zero'd out disk is a wiped disk until someone proves otherwise.
This may be my paranoia talking, but is there a way short of an examination with a scanning electron microscope to ensure that the erase command is actually doing what it's supposed to do?
Not so much that the drive manufacturers are engaging in malfeasance (though that's certainly not off the table), but that it's not unheard of for certain agencies in certain governments to crock low level system components (intercepting them in shipping and so forth) so they work against the user.
> Unfortunately, there is no command-line option to have `dd` print progress
How difficult could it be to write a dd command from scratch that does include progress-reporting? I mean, dd is simply reading blocks of data from one file descriptor and writing them to another.
I tend to run `watch kill -USR1 $(pidof dd)` in a second terminal. Watch executes your command repeatidly (by default every two seconds) so you then get regular dd status updates.
'>>' will cause O_APPEND to be specified as flags when opening "/dev/sda". I'm pretty sure this flag is ignored on block devices as it's obviously useless.
The redirection will happen in your shell, but the command will be called inside the shell invoked by sudo. So that won't work either unless you have write privs to the block device, but if that were the case, you probably didn't need sudo to read the dmg file. So this will likely fail for a reason other than the one you pointed out.
Namely, the syntax is one character shorter. (But only because I used whitespace around >).
With dd, you can control the transfer units (the size of the read and write system calls which are performed) whereas cat chooses its own buffering. However, this doesn't matter on regular files and block devices. The transfer sizes only matter on raw devices where the block size must be observed. E.g. traditional tape devices on Unix where if you do a short read, or oversized write, you get truncation.
> is there a disadvantage to using a higher blocksize?
Maybe, depending on the details. Imagine reading 4 GB from one disk then writing it all to another, all at 1 MB/sec. If your block size is 4 GB, It'll take 4000 seconds to read, then another 4000 seconds to write... and will also use 4 GB of memory.
If your block size is 1 MB instead, then the system has the opportunity to run things in parallel, so it'll take 4001 seconds, because every read beyond the first happens at the same time as a write.
And if your block size is 1 byte, then in theory the transfer would take almost exactly 4000 seconds... except that now the system is running in circles ferrying a single byte at a time, so your throughput drops to something much less than 1 MB/sec.
In practice, a 1 MB block size works fine on modern systems, and there's not much to be gained by fine-tuning.
It is worth noteting that the shred program mentioned is more or less useless on modern filesystems for a variety of reasons, the man-page has a list that it will fail to work correctly on (btrfs, ext3, NFS).
It may well be that the only usable filesystem for it, is FAT32 (and possibly NTFS, not sure on that thou).
The "Unable to install GRUB" recommended fix to remove the GPT is wrong. The proper thing to do is create a 1MiB partition, BIOSBoot partition type (gdisk internal code 0xEF02), and then grub-install will find it and install core.img there automatically.
Also, some (flash) drives are compressing data on the fly. Writing zeroes to such a drive might just not actually write anything at all to the flash cells except for some run length descriptors (numbers).
Since the worry seems to be speed, here's a tool I wrote to get random bytes about as fast as drives can accept (well, at least spinning disk drives, there might be some flash drives that are faster):
The people who propose using multiple overwrites are clear that they're talking about making it harder to recover bits. (They're wrong, but it's what they say.)
[+] [-] DanBC|10 years ago|reply
He's right that a single overwrite of zero is probably good enough to make sure that data is gone, but it's probably not enough to persuade other people that it's gone. A few passes of pseudo random data is probably better if you need to persuade other people that the data has gone.
But if it's really important drive wiping is what you do to protect the drives until you get a change to grind them.
[+] [-] pkaye|10 years ago|reply
Also for SSDs, using the secure erase method is important because of overprovisioning and garbage collection. If that is not available, on most SSD algorithms, doing two full pass writes (with random sector data if drive supported compression) will get you close to wiping out all contents as possible.
[+] [-] baldfat|10 years ago|reply
# openssl enc -aes-256-ctr -pass pass:"$(dd if=/dev/urandom bs=128 count=1 2>/dev/null | base64)" -nosalt </dev/zero \ | pv -bartpes <DISK_SIZE> | dd bs=64K of=/dev/sd"X"
To randomize the drive/partition using a randomly-seeded AES cipher from OpenSSL (displaying the optional progress meter with pv): https://wiki.archlinux.org/index.php/Securely_wipe_disk/Tips...
Then I take out the drill press and make a bunch of holes.
[+] [-] drzaiusapelord|10 years ago|reply
I believe there is a long standing bounty for anyone who can retrieve useful data from a drive that had been zero'd once. No one has been able to thus far.
A lot of the disk wiping "culture" stems from a much earlier time when disk technology was less reliable, especially in regards to writes. Dan Gutmann himself says that the Gutmann method is long antiquated and only worked with MFM/RLL encoded disks from the 80s and early 90s.
Perhaps instead of humoring these people, we should be educating them. A zero'd out disk is a wiped disk until someone proves otherwise.
[+] [-] Karunamon|10 years ago|reply
Not so much that the drive manufacturers are engaging in malfeasance (though that's certainly not off the table), but that it's not unheard of for certain agencies in certain governments to crock low level system components (intercepting them in shipping and so forth) so they work against the user.
..or just plain ignorance. A study indicates that back in 2011, half of the major drive vendors weren't doing the erase correctly. https://www.usenix.org/legacy/events/fast11/tech/full_papers...
[+] [-] gruez|10 years ago|reply
You only need one.
https://en.wikipedia.org/wiki/Data_erasure#Number_of_overwri...
[+] [-] amelius|10 years ago|reply
How difficult could it be to write a dd command from scratch that does include progress-reporting? I mean, dd is simply reading blocks of data from one file descriptor and writing them to another.
[+] [-] itchyouch|10 years ago|reply
dd if=/dev/zero count=10 bs=1M | pv > file.bin
The other way to see progress on `dd` is to issue a signal 3 (USR1, iirc) to the dd process. kill -3 <dd pid>
[+] [-] dmytrish|10 years ago|reply
[+] [-] mvo|10 years ago|reply
[+] [-] rca|10 years ago|reply
dd if=/dev/zero of=/dev/null status=progress 4814691328 bytes (4,8 GB) copied, 4,000000 s, 1,2 GB
It's only the size copied and the speed but it's usually enough.
[+] [-] BuildTheRobots|10 years ago|reply
[+] [-] unknown|10 years ago|reply
[deleted]
[+] [-] relaxitup|10 years ago|reply
https://www.gnu.org/software/ddrescue/
[+] [-] vog|10 years ago|reply
However, I often do the following, which works pretty well:
[+] [-] cnvogel|10 years ago|reply
[+] [-] acranox|10 years ago|reply
[+] [-] Sir_Cmpwn|10 years ago|reply
[+] [-] orik|10 years ago|reply
[+] [-] nailer|10 years ago|reply
[+] [-] rsync|10 years ago|reply
[1] http://www.rsync.net/products/attic.html
[+] [-] kazinator|10 years ago|reply
With dd, you can control the transfer units (the size of the read and write system calls which are performed) whereas cat chooses its own buffering. However, this doesn't matter on regular files and block devices. The transfer sizes only matter on raw devices where the block size must be observed. E.g. traditional tape devices on Unix where if you do a short read, or oversized write, you get truncation.
[+] [-] SeldomSoup|10 years ago|reply
[+] [-] opejn|10 years ago|reply
Maybe, depending on the details. Imagine reading 4 GB from one disk then writing it all to another, all at 1 MB/sec. If your block size is 4 GB, It'll take 4000 seconds to read, then another 4000 seconds to write... and will also use 4 GB of memory.
If your block size is 1 MB instead, then the system has the opportunity to run things in parallel, so it'll take 4001 seconds, because every read beyond the first happens at the same time as a write.
And if your block size is 1 byte, then in theory the transfer would take almost exactly 4000 seconds... except that now the system is running in circles ferrying a single byte at a time, so your throughput drops to something much less than 1 MB/sec.
In practice, a 1 MB block size works fine on modern systems, and there's not much to be gained by fine-tuning.
[+] [-] rdc12|10 years ago|reply
It may well be that the only usable filesystem for it, is FAT32 (and possibly NTFS, not sure on that thou).
[+] [-] esaym|10 years ago|reply
[+] [-] cmurf|10 years ago|reply
[+] [-] x0|10 years ago|reply
http://linux.die.net/man/1/pv
[+] [-] feld|10 years ago|reply
[+] [-] shin_lao|10 years ago|reply
[+] [-] pflanze|10 years ago|reply
Since the worry seems to be speed, here's a tool I wrote to get random bytes about as fast as drives can accept (well, at least spinning disk drives, there might be some flash drives that are faster):
https://github.com/pflanze/fastrandom
I'm expecting you to figure out where this tool goes wrong and produces predictable bytes yourself. Also, please tell me if you do :)
Anyway, even if it isn't secure, it will be enough to foil compression algorithms.
[+] [-] lucaspiller|10 years ago|reply
"Give us the encryption keys" "It's not encrypted, I used /dev/urandom" vs "Yes, I wiped it"
[+] [-] unknown|10 years ago|reply
[deleted]
[+] [-] DanBC|10 years ago|reply
And random data is very easy to see.
The people who propose using multiple overwrites are clear that they're talking about making it harder to recover bits. (They're wrong, but it's what they say.)
[+] [-] BCM43|10 years ago|reply
[+] [-] fiatjaf|10 years ago|reply