75.20 Wipe your Computer

{#security:wipe_disk}

20190908 Before we dispose of, sell or hand on our computer, it is important to back up the contents of the hard disk, if required, and to then wipe the hard disk.

When we use operating system commands to remove files from our hard disk the actual 1’s and 0’s are not removed from the disk, as such. Instead the directory information about the name and location of the file is lost and the area where the file was stored is made available for overwriting by other data. This means that the original data can be recovered even though the file has been deleted (but possibly not yet overwritten).

This is great if you have accidentally deleted data and need to recover it. There exist forensic tools to do this. A technique called Magnetic Force Microscopy (MFM) allows, at a cost, the recovery of even the last two or three layers of data as written to disk! But today’s hard disks are also clever in dealing with bad blocks and may unwittingly store some of your data permanently in places that no one generally has access to!

Thus we need to take special care when we really need to wipe the contents of our disks to completely remove any trace of possibly confidential data from the disk. The wipe package in Debian GNU/Linux provides a tool to do this.

For a copmuter that needs to be wiped we might boot from a USB containing a Ubuntu image and so run Ubuntu from the USB. This ensures the disks of the computer are available for wiping. In this scenario the universe repostiory will be required in order to install wipe, with hte following line in /etc/apt/sources.list:

deb http://archive.ubuntu.com/ubuntu/ focal universe

Update the repository information and then install the wipe command:

$ sudo apt update
$ sudo apt install wipe

Run the fdisk command to list the available disks and partitions.

$ sudo fdisk -l

Identify the Linux filesystem partition(s), for example, /dev/sda1:

$ sudo wipe /dev/sda6
Okay to WIPE 1 special file ? (Yes/No) yes
Wiping /dev/sda6, pass 0 (0 )   [   39110 /  5883392]  ETA 4d 11h

The default wipe takes a long time. For a quick wipe use -q to write random data just 4 times over each file. Here we also utilise -k to not unlink files and so keeps any device special files.

$ sudo wipe -kq /dev/sda1
Okay to WIPE 1 special file ? (Yes/No) yes 
Wiping /dev/sda6, pass 0 in quick mode   [   39110 /  5883392]  ETA 12h16m

To perform a more comprehensive (and not quick) wipe we might do the following, noting the use of -D to follow symbolic links (i.e., to dereference symbolic links:

  $ wipe -kD /dev/sda1

The wipe command and other similar commands do not guarantee data can not be recovered. There is various technology and backdoors that are likely to be able to recover data. To ensure privacy it is best to work with encrypted files and file systems.



Your donation will support ongoing development and give you access to the PDF version of this book. Desktop Survival Guides include Data Science, GNU/Linux, and MLHub. Books available on Amazon include Data Mining with Rattle and Essentials of Data Science. Popular open source software includes rattle, wajig, and mlhub. Hosted by Togaware, a pioneer of free and open source software since 1984. Copyright © 1995-2021 Graham.Williams@togaware.com Creative Commons Attribution-ShareAlike 4.0.