We used to have a simple wipe and an enhanced wipe on SunOS. The first one overwrote the disk with a fixed bit pattern, the latter wrote and rewrote it with different patterns. The idea was to make it hard to detect residual magnetism from some older data. Definitely spinning-rust stuff. For anything from Confidential and up, we used the "large grinder" approach (:-)) --dave On 2024-03-23 10:50, Giles Orr via talk wrote:
I have, for many years, used "Darik's Boot and Nuke" on a USB stick to securely wipe spinning hard disks. It takes a long time, but I mostly understand and trust the process.
I'm now at the point that I have to wipe and dispose of SSDs, and I'm feeling a bit shaky on the methodology. Here's what I did:
# hdparm -I /dev/sdX
Looked for enabled/locked/frozen in the output ... I won't go into making sure those are toggled correctly, but that appears to be needed. This also lists what appears to be info about doing a wipe on the drive:
6min for SECURITY ERASE UNIT, 60min for ENHANCED SECURITY ERASE UNIT
Then, set a password (why? but seems to be needed):
# hdparm --user-master u --security-set-pass foobar /dev/sdX
Last, run the wipe:
# hdparm --user-master u --security-erase-enhanced foobar /dev/sdX
Doing something like `dd if=/dev/sdX bs=5M count=5 | strings` (or sending it to `less`) definitely shows that it's changed from something organized to something full of identical characters. But I've never seen this wipe process take more than 60 seconds, which makes me wonder about the `hdparm` declaration about the time required for a secure wipe.
So I guess the big question is: should I trust this process? Do we really think it's securely wiped? Or should I be taking a hammer to the chips on the SSD because that's the only way to ensure it's fully wiped?
-- David Collier-Brown, | Always do right. This will gratify System Programmer and Author | some people and astonish the rest dave.collier-brown@indexexchange.com | -- Mark Twain CONFIDENTIALITY NOTICE AND DISCLAIMER : This telecommunication, including any and all attachments, contains confidential information intended only for the person(s) to whom it is addressed. Any dissemination, distribution, copying or disclosure is strictly prohibited and is not a waiver of confidentiality. If you have received this telecommunication in error, please notify the sender immediately by return electronic mail and delete the message from your inbox and deleted items folders. This telecommunication does not constitute an express or implied agreement to conduct transactions by electronic means, nor does it constitute a contract offer, a contract amendment or an acceptance of a contract offer. Contract terms contained in this telecommunication are subject to legal review and the completion of formal documentation and are not binding until same is confirmed in writing and has been signed by an authorized signatory.