I think it enough for all the needs of ordinary people to overwrite once (and with zeros). You can do it with zerofree
sudo apt install zerofree
sudo zerofree /dev/sdxn
where x is the device letter and n is the partition number (for media devices probably sdb1).
Running sfill with 'wipe mode is secure (38 special passes)' needs 38 times longer time and will wear the drive 38 times more. Moreover is probably a waste of time.
You can use options to make it faster and (maybe) less secure. If I understand the manual correctly, sfill should work like zerofree when using the following options (but I have not tested).
sudo sfill -llz /path-to-mountpoint
or maybe they must be separate
sudo sfill -l -l -z /path-to-mountpoint
but you might as well let it write random data once
sudo sfill -l -l /path-to-mountpoint
I don't know if zerofree or sfill is more efficient (faster), when doing the same thing. (I need not guess here, but if you know, please edit this answer.)
According to the comment by @bodhi.zazen
Data can not be recovered if it is overwritten more than once
so the following command with sfill might be a good option (it overwrites twice),
sudo sfill -l /path-to-mountpoint
man sfill describes the option -l:
-l lessens the security. Only two passes are written: one mode with 0xff and a final mode with random values.
Low level wiping
If you really need this high level of security, it is better to backup or clone the data to another drive and wipe the drive with a special tool, that works on a lower level, for example hdparm or DBAN. It will be much more efficient (much faster).
It is possible to use re-linking between logical addresses and physical memory cells with hdparm. This is a kind of encryption rather than overwriting the whole memory and very efficient. I think the following link can help you use that method,
Re: best way to wipe a drive - with hdparm
After the low level wiping you can either restore the file data to the wiped drive or simply use it on the other drive (if cloned with Clonezilla, which clones used data blocks and skips free blocks).
How to know the progress or at least that something is happening
There is an option for verbose mode, -v. I see that you have already used it. I don't know any other way to make sfill tell you more, and it does not look like you get a progress view.
But if you want to know if the process is still doing something, you can try with iotop
sudo apt install iotop
sudo iotop -o
Best Answer
Actually, the filesystem is still mounted, and some writes are buffered meaning they are still in RAM waiting to be written to the disk. Let's say
ddcorrectly overwrites everything, and just behind it the buffers are getting flushed and some potentially sensitive data is getting written back to the disk. So no, this is not a secure way of wiping a disk.You can avoid this issue by first remounting in read-only mode the root filesystem and any other filesystems that are on the disk (or unmounting them completely, but you won't be able to with the root file system), and then, no more writes should be allowed on the filesystems at all (so no buffers to flush) so your command should be safe now, even though it's still a bad idea in case of panic because it takes a long time.
If you want to have some sort of panic delete feature, I suggest encrypting your disk with LUKS (the Ubuntu installer can do that) and then following my answer over on Security Stack Exchange. This involves wiping the cryptheader which is only 2MBs in size and that takes less than a second to overwrite. Then restart the system and the disk encryption keys will be gone from memory, with no ways to restore them since the cryptheader itself is gone as well.