incremental disk wipe?

Petter Adsen petter at synth.no
Sat Mar 7 14:52:10 UTC 2015


On Sat, 7 Mar 2015 06:25:27 -0800
rikona <rikona at sonic.net> wrote:

> Hello Rashkae,
> 
> Friday, March 6, 2015, 11:22:38 PM, Rashkae wrote:
> 
> > On 15-03-07 01:09 AM, rikona wrote:
> >> I was checking the timing of securely wiping large disks - looks
> >> like it takes a looooong time. Is there a way to do this in smaller
> >> 'chunks', that might complete in an hour or so, eventually filling
> >> up the entire disk? I'm not hiding plots from NSA, so I don't need
> >> extreme security - just enough to discourage easy-tech snoops. :-))
> >>
> > dd if=/dev/zero of=/dev/sdX bs=4M
> 
> > This will be as fast as you can go, but it will still take a modern 
> > large hard drive several hours to finish.  But a drive that writes 
> > 200MB/s still only writes 200MB/s... the drive can't multiple
> > chunks simultaneously.
> 
> Thanks to you and others for the replies. I wasn't thinking of
> multiple chunks simultaneously - rather sequentially. Let's say I'll
> be away from the comp for 30 min or so. How can I keep it busy for
> JUST 30 min - no more, to do *part* of the wipe? Then, later, do
> another 30 min, eventually wiping the entire disk?

Why not just start the wipe before you go to bed or something? I think
that would be the easiest way to do it, by far.

> I was considering filling the disk with huge numbers of innocuous
> files, to replace the original data, then deleting all. I can do this
> a bit at a time. Would this be reasonably secure? If so, how to write
> a CL to generate many file copies, with different names, from 1-5
> 'base' files - but be able to limit how many are produced so one try
> takes only about 20-40 min? [This is a USB2 disk, not fast] Would this
> be much slower - enough to make it not a good choice?

You could script a shell loop (take a look at "help for" and/or "help
while") and use seq ("man seq") to generate part (or all) of the
filenames, so that they differ. Then you could just break the job when
you don't want it to run anymore, and start it up again when you're
going to be away from the computer for a while.

As long as you overwrite all data on the disk, it should be non-trivial
to restore them. Afterwards, you could always take a look with testdisk
and photorec to see if they are able to recover any of the original
data - they probably won't. If they can't do it, and you're not worried
about sophisticated techniques, then you're probably safe.

But the _easy_ way is to just do the whole thing with either shred or
dd in one go when you're gone or asleep for a few hours - you _do_
sleep, don't you? ;-)

HTH,

Petter

-- 
"I'm ionized"
"Are you sure?"
"I'm positive."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 213 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20150307/74539800/attachment.sig>


More information about the ubuntu-users mailing list