How to wipe the flash drive
- Login o registrati per inviare commenti
Normally when we format drives or delete files the system just removes the file descriptor pointing to that file, but the content of the files is still there and can be mostly recovered with some tools. Now, how to remove/format completely the files from the flash drive so that they cannot be recovered anymore? I remember that the latest Ubuntu had this future in the Disk Utility, I think it was called "safely format" or so.
You can use the shred command for this. It overwrites a file with random information. You can use it in a terminal, like this:
shred file1
It safe to remove the file after this. You can shred and delete files with command, like this:
shred -u file1
thank you! any way to format the whole USB drive in a similar way?
EDIT: here it is:
To wipe a full hard drive like /dev/sdX, we can use:
shred -fz /dev/sdX
Other options:
- BleachBit: http://bleachbit.sourceforge.net/
- secure-delete
Syntax: srm [-dflrvz] file1 file2 etc. Options: -d ignore the two dot special files "." and "..". -f fast (and insecure mode): no /dev/urandom, no synchronize mode. -l lessens the security (use twice for total insecure mode). -r recursive mode, deletes all subdirectories. -v is verbose mode. -z last wipe writes zeros instead of random data.
- using dd to wipe drives
To overrite data with zeros:
$ sudo dd if=/dev/zero of=/dev/sdX
To overwrite data with random data:
$ sudo dd if=/dev/urandom of=/dev/sdX
This 2011 paper argues that single files cannot be securely deleted on flash media. You'll have to wipe the whole media.
http://www.usenix.org/events/fast11/tech/full_papers/Wei.pdf
Hello.
I think some things are important to notice.
shred is not secure in EXT3 file system, or any system using journaling for that matter. Also it is a command line only tool.
A more secure and easy way to securely wipe a file is this:
install nautilus-wipe (in the reps). It will install secure-delete and add a "wipe" option to right click menu.
Now, right click the file you wish to securely erase. Click options and choose 2 passes, last pass with 0s. Click wipe. It will destroy the file. Since, as lembas mentioned, flash drives are not easy to securely erase a file, if you don't want to delete other files you have in that drive, right click the drive you had the file on, and choose "wipe available space". Again, 2 passes, 0s in the last one. This rewrite the entire free space in the drive, which will cause a rewrite of any "remains" of the file you deleted, and it will also make you have the entire free space filled with "0". This way, it is impossible for even an "expert" to retrieve your files using software tools. Keep in mind that many specialized companies have ways to disassemble your drive, and read "deeper" into it. So, if you fear the NSA might try to recover a file from your drive, only solution would be to destroy it ;P lol.
But to make sure that some guy who has a nice recovery software tool won't get access to your files, the steps I described above are enough, and probably the best (in terms of user friendliness).
Keep safe =)
GNUser wrote:
shred is not secure in EXT3 file system, or any system using journaling for that matter.
When erasing "normal" files (not a whole partition... and triser apparently wants to erase the whole Flash drive), it is true that a copy of the files can be present in the journal. However, and as far as I understand:
- if the file is large enough (a few MB is large), one could only find, in that way, small fragments, not the whole file;
- if the file is old enough (in terms of the number of blocks written on the filesystem since the creation of the file), then nothing can be found in the journal.
Any reference about nautilus-wipe doing a better job at that (and, if real, about the penalty in terms of the time required to wipe)?
With 'shred', one can also overwrite two times (instead of three times, the default) the file plus a third pass to write zeros:
$ shred -n 2 -z file [file2 ...]
Actually is more a "lack of reference". I have read a little about both (homepages of each, forums, wiki, etc) and while founding several references about shred being unsafe in journaling systems, I found none in the nautilus wipe. I am not deying that it might also not be 100% safe, but still, I think nautilus wipe has still the advantage of giving you a menu option instead of relying on command line only. And, in the method I described above, I use its ability to wipe free space so that the software recover tools have less a chance of finding "remains" of the file.
As to speed, I haven't used shred in quite some time now, so I can't really compare. But I would say that securely wiping a file is never a fast process.
You can overwrite multiple times. I don't know if there's a limit. The more passes, the more time consumption.
-n # indicates how many overwrites you want the program make...
-n25 twenty five times
-n2 two times
$ shred -n35 -v -z -u file
-n35 overwrites it 35 times. -v shows you what's going on. -z Fills with zeros. -u Remove the file after overwriting it.
It doesn't delete folders. It's a good idea to rename the file before shred it.
If you want to delete a lot of files or entire directories you must do a bash script.
For wiping out the entire drive/partition use:
$ shred -n35 -v -z partition
Only on a hard drive partition with a filesystem without journaling. Otherwise the advice is crap.
No, 'tis not.
Hi triser,
I found this really helpful when wiping my USB drive:
http://techthrob.com/2009/03/02/howto-delete-files-permanently-and-securely-in-linux/
I'm sure I used the sswap command.
Hope it is helpful!
@triser You surely want to read the comment made by Jonathan DePrizio in that url
I made this wiki --> https://trisquel.info/en/wiki/wipe-out-files-and-partitions on this topic, please add there your knowledge.
- Login o registrati per inviare commenti