quick question on wiping harddrive

[jhu]

is using dd sufficient to make sure erased files become difficult to retrieve? i'm currently using:

dd if=/dev/random of=file bs=1m count=1000

and then making enough of these to fill the harddrive and then deleting the files. is that sufficient?

 

[RedShirt]

That's probably good enough.

If your distro has shred, take a look at that (man shred).

It'd make the process easier on you.

I always use shred right off a Ubuntu live CD and let the process run overnight. It'll overwrite everything on the drives with random 1 or zeros as many times as you specify (I think the default is 30 times, but that is way way too long).

 

[Brazen]

You could do:

dd if=/dev/urandom of=/dev/sdX

and just let it run until it quits to wipe the entire drive ( replace /dev/sdX with whatever your harddrive is ). To make extra sure I usually do

dd if=/dev/urandom of=/dev/sdX && dd if=/dev/zero of=/dev/sdX

And if you have REALLY sensitive data and you think someone might really want to retrievie it, you could loop the previous pair of commands 3 times. It will take several days though.

 

[sourceninja]

I use truecrypt on any notebooks with sensitive data (for windows) and encrypted LVM on linux. That way a simple format and I should be good if I ever sell the machine or it is stolen. On my desktops, I use truecrypt to protect a volume where I keep all sensitive data. That keeps everything well protected and unrecoverable. I would encrypt the entire drive on my desktops, but the performance hit sucks for games.

I am still hunting for a solution for OSx. FileVault is not really what I am looking for. I really want something that won't let my mbp boot without the password to decrypt it.

For existing data, dban or shred is the way to go.