Revision of Wipe Out Files and Partitions from Thu, 04/18/2024 - 15:26

The revisions let you track differences between multiple versions of a post.

Why do wipe out files?

Many computer users ignore entirely the issue of securely deleting files or partitions on their computer. When a file is selected, moved to trash and hence removed from trash (or deleted directly via right click of the mouse - delete) only the reference to the file is removed from the file system table - until other data overwrites it, which could take months or even years, the file is indeed still present on the hard drive and can be easily recovered, partially or entirely. For this reason a user should never simply delete an important file (by important we mean data containing private information, or compromising data that would cause the user embarrassment or legal trouble if revealed to an adversary). The secure way of wiping a file is overwriting it with random data. Once the file has been overwritten it can not be recovered. As far as we know no one has ever managed to recover data after it has been overwritten (yes, a single pass is enough, and there is no need to overwrite a file 35 times..)

Note: be careful not to break the I/O limits of your device when wiping out, it can damage your hard drive and make it just a trash item.

WARNING: Note that due to wear levelling, securely deleting data from solid state drives (SSDs), USB flash drives, and SD cards is incredibly hard, if not impossible. The instructions below apply only to traditional disk drives. If you have an SSD your best bet is encryption: encrypt the entire hard drive or USB stick.

Tools

There are several tools to achieve this.

On Command Line:

  • shred
  • dd

On GUI:

  • Bleachbit

Wiping out files and partitions using the command line

Wiping out files

To wipe out a file you can use the following command:

 shred -f -nM -v -z -u file
Where: -f forces to overwrite, -nM overwrites it M times, -v shows you what's going on, -z fills with zeros, -u removes the file after overwriting it, file is the name of the file.

To wipe out a partition you can use the following command:

 shred -f -nM -v -z /dev/sdX
Where: -f forces to overwrite, -nM overwrites it M times, -v shows you what's going on, -z fills with zeros, X the letter of the drive.

Note: If the above does not work, you may need root privileges. Try with sudo.

Note: shred may not do a really secure deletion of files on some journaled file systems. The default file system on Trisquel is ext4. Ext4 is a journaled file system, sure, but shred will work normally, for the default mode is data=ordered. From the shred man page:

In the case of ext3 file systems, the above disclaimer applies (and shred is thus of limited effectiveness) only in data=journal mode, which journals file data in addition to just metadata. In both the data=ordered (default) and data=writeback modes, shred works as usual.

This applies to ext4 too. By default (meaning if you haven't manually changed the mode in fstab) shred will work perfectly fine.

Wiping out all partitions and partition table inside a device

To wipe out an entire storage device, you may try dd. To wipe out device sdb for example, run:

 dd if=/dev/zero of=/dev/sdb 
It should take a while but this command will fill the device with zeros.

Note: If the above does not work, you may need root privileges. Try with sudo.

Wiping out files using a GUI

Bleachbit is a user-friendly application that is able to shred files and folders. It can also securely wipe the free space of a given partition. We recommend users employ both the techniques (both shredding single files/folders and wiping the free space) as explained on the Bleachbit webpage under Limits of shredding files and wiping free disk space.

Final thoughts

Ultimately, we believe that wiping files and folders on a hard drive may never be 100% reliable, and it is always better to wipe the entire hard drive. But even that can sometimes not guarantee absolute effectiveness (think about for instance the bad sectors of a hard drive retaining fragments of shredded files, especially troubling with small files, say documents, which could persist entirely). A better and much more secure option is Full Disk Encryption .

Revisions

02/07/2014 - 21:47
antiesnob
08/10/2014 - 23:10
a_slacker_here
09/17/2016 - 16:39
SuperTramp83
09/17/2016 - 17:00
Mangy Dog
04/18/2024 - 15:12
knife