Securely wipe disk
There are a variety of applications that securely wipe a disk like and . dcfldd is an enhanced version of dd with features useful for forensics and security. It accepts most of dd's parameters and includes status output. Install from the official repositories.
Select a target
One can use fdisk to locate all read/write devices on the target system. Theoretically, this will include USB drives (thumb and HDD) provided that the user can access the devices from the O/S. To list them, enter the following:
# fdisk -l
Inspect the output looking for lines that start with devices such as /dev/sda or /dev/hda (ide drives). In this example, the USB thumb drive comes up as /dev/sdc as shown:
Disk /dev/sdc: 4063 MB, 4063232000 bytes 125 heads, 62 sectors/track, 1024 cylinders Units = cylinders of 7750 * 512 = 3968000 bytes Disk identifier: 0x00000000
The goal is to totally fill the thumb drive with zeros, so we will be targeting /dev/sdc as shown above. If interested is a specific HDD partition, make note of the correct location from the fdisk -l output. For example, /dev/sda1 or /dev/sdb5 etc.
Overwrite the disk
When ready, issue the following to overwrite the entire partition/drive with zeros. Again, make _certain_ that the of=... line points to the target drive and not to a system disk!
# dcfldd if=/dev/zero of=/dev/sdX bs=4M
with random data:
# dcfldd if=/dev/urandom of=/dev/sdX bs=4M
The process is finished when dcfldd reports, "No space left on device." For example:
18944 blocks (75776Mb) written.dcfldd:: No space left on device
Repeating this process may not significantly decrease the ability to reconstruct the data (see: Secure deletion: a single overwrite will do it).
Example run times
The community is encouraged to populate the table in this section.
Get the model with hdparm:
# hdparm -i /dev/sdX | grep Model
Time the run clearing the disk:
# time dcfldd if=/dev/zero of=/dev/sdX bs=4M 18944 blocks (75776Mb) written.dcfldd:: No space left of device real 16m17.033s user 0m0.377s sys 0m51.160s
Calculate MB/s by dividing the output of the dcfldd command by the time in seconds. For example: 75776Mb / (16.4 min * 60) = 77.0 MB/s.
|Hitachi HTS725016A9A364||7,200 RPM||SATA2||160 GB||43 minutes||63 MB/s|
|Intel SSDSA2M080G2GC||SSD||SATA2||80 GB||16 minutes||77 MB/s|
|Samsung HD322HJ||7200 RPM||SATA2||320GB||1.15 hours||74MB/s|
|Seagate ST31000333AS||7,200 RPM||SATA2||1 TB||2.92 hours||90 MB/s|
|Seagate ST31500341AS||7,200 RPM||SATA2||1.5 TB||4.13 hours||96 MB/s|
|Western Digital/WD20EARS||5,900 RPM||SATA2||2 TB||5.91 hours||94 MB/s|
Check progress with dd
By default, there is no output of dd until the task has finished. One can force some output simply by opening up a 2nd root terminal and issuing the following command:
# kill -USR1 <PID_OF_dd_COMMAND>
# kill -USR1 $(pidof dd)
This causes the terminal in which dd is running to output the progress at the time the command was run. Example:
605+0 records in 605+0 records out 634388480 bytes (634 MB) copied, 8.17097 s, 77.6 MB/s