I need to securely erase harddisks from time to time and have used a variety of tools to do this:
cat /dev/zero > /dev/disk
cat /dev/urandom > /dev/disk
shred
badblocks -w
- DBAN
All of these have in common that they take ages to run.
In one case cat /dev/urandom > /dev/disk
killed the disk, apparently overheating it.
Is there a "good enough" approach to achieve that any data on the disk is made unusable in a timely fashion? Overwriting superblocks and a couple of strategically important blocks or somesuch?
The disks (both, spinning and ssd) come from donated computers and will be used to install Linux-Desktops on them afterwards, handed out to people who can't afford to buy a computer, but need one.
The disks of the donated computers will usually not have been encrypted. And sometimes donors don't even think of deleting files beforehand.
Update:
From the answers that have come in so far, it seems there is no cutting corners.
My best bet is probably setting up a lab-computer to erase multiple disks at once. One more reason to ask big companies for donations 🙂
Thanks everyone!
Best Answer
Overwriting the superblock or partition table just makes it inconvenient to reconstruct the data, which is obviously still there if you just do a hex dump.
Hard disks have a built-in erasing feature: ATA Secure Erase, which you can activate using
hdparm
:Pick a password (any password):
hdparm --user-master u --security-set-pass hunter1 /dev/sdX
Initiate erasure:
hdparm --user-master u --security-erase hunter1 /dev/sdX
Since this is a built-in feature, it is unlikely that you'll find a faster method that actually offers real erasure. (It's up to you, though, to determine whether it meets your level of paranoia.)
Alternatively, use the disk with full-disk encryption, then just throw away the key when you want to dispose of the data.