The purpose of this blog entry is to show how easy it is to securely erase the sensitive information on an old computer.
I recently purchased a new desktop for my use at home and prior to disposing of my old computer wanted to be sure that the data on it was securely erased. I have done this multiple times in the past, mostly at previous employers but I don’t recall ever documenting how to do it.
For those of you that want to be sure that your data is completely gone before donating or throwing out your old PC, here are the simple steps you need to take, see below for more detail on each step:
- Boot from a Linux-based CDROM
- Figure out which devices you want to securely erase.
- Use the “shred” command to wipe the device clean.
In more detail, here’s what I did with my computer:
1. Boot from a Linux-based CDROM. My preference for Linux-based CDROMs is Knoppix. Knoppix has good hardware support and is pretty easy to use. You can download a CD image from knoppix.org. Once you’ve created the CD, place it in your drive and boot the computer from it. When you are at the inital Knoppix boot screen, you can just hit “Enter” to load Linux.
(Just hit “Enter”)
2. Figure out which devices you want to securely erase. In Knoppix, this is pretty easy. You’ll see at least one hard drive icon on your desktop which will be named something like hda1 or sda1.
(Hard Disk icon)
You may see more than one of these if you have multiple partitions on your hard disk. The device is this name without the number at the end. Typically IDE devices start with “h” and SATA/SCSI devices start with “s”. All you do when you know this is put a “/dev/” at the front of it (e.g. /dev/sda or /dev/hda)
3. Use the “shred” command to wipe the device clean. In its simplest form, you can just open a command window, type ‘su -‘ and hit enter to become root (administrator) and then ‘shred /dev/sda/’
(Launch a command window)
This will start the wiping process. This command is very thorough by default. I think it overwrites the disk with different patterns 25 times. If I recall correctly, the DoD standard for wiping hard drives is to overwrite data 7 times. 1 time is enough for most purposes, but I usually do 5 passes or so. The command I usually run is ‘shred -vzn 5 /dev/sda’ This does 5 passes, followed by a pass of zeros and it shows you the progress as it’s running.
(my shred command)
You can now throw that old computer out or donate it knowing that nobody is going to get any of your personal information from it. Tune in later, I plan on reviewing a few options for protecting your data on the PC that you still have through encryption.
Q & A
Why should I wipe my hard drive?
There have been many cases where a second-hand computer has been purchased which had sensitive data on it. Sensitive things that have been found include usernames, passwords and account numbers. There is probably more information about you than you think. All of which can be used by someone that wants to steal your identity.
Can’t I just delete the files I don’t want people to see?
While this may seem like a good idea, the files aren’t actually removed from the disk. The files are still there and can be recovered with an undelete utility.
Why would you want to overwrite the entire disk more than once?
Disks are magnetic media. Have you ever recorded over an audio cassette more than once? You may have noticed that you can hear a “ghost” of the previous recording when you play it back. The same principle can be applied to hard drives. With some expensive equipment, your hard drive could be analyzed and the “ghost” data recovered. Chances are nobody is going to do this unless there is sufficient motive to do so. Shredding or wiping the hard drive makes this method of recovery impossible.
You seem pretty paranoid, what other paranoid stuff do you do?
If I have any media that may have sensitive or non-public information on it, I either shred it or burn it. With my paper documents, I both shred and burn them. I only have a strip-cut shredder and that paper makes it really easy to start a fire in our woodburning stove. I also typically encrypt any partition that I expect will have sensitive data on it. It’s free to do in Linux, on Windows you can encrypt your data with this software. (stay tuned for more on encryption)
If you have other questions, feel free to post them below and I’ll do my best to answer them.