When you perform data deletion actions such as removing files and folders, formatting partitions, or partitioning disks, the actual data is not deleted. Rather, only the pointers to the data are removed. For instance, deleting a partition simply removes the partition's entry in the partition table, leaving the actual partition data intact. This can pose a problem when you need to securely erase data, like when disposing of a disk containing sensitive files or when selling your hard drive.
To securely erase all files and data on a disk, you can overwrite the existing data with empty or random data. In Linux, you can achieve this using the dd command by providing either zeros or random characters as input.
$ lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT loop0 7:0 0 55.4M 1 loop /snap/core18/19 loop1 7:1 0 55.4M 1 loop /snap/core18/19 loop2 7:2 0 51M 1 loop /snap/snap-stor loop3 7:3 0 219M 1 loop /snap/gnome-3-3 loop4 7:4 0 217.9M 1 loop /snap/gnome-3-3 loop5 7:5 0 31.1M 1 loop /snap/snapd/104 loop6 7:6 0 62.1M 1 loop /snap/gtk-commo loop7 7:7 0 64.8M 1 loop /snap/gtk-commo loop8 7:8 0 51M 1 loop /snap/snap-stor loop9 7:9 0 31.1M 1 loop /snap/snapd/107 sda 8:0 0 20G 0 disk ├─sda1 8:1 0 1M 0 part ├─sda2 8:2 0 513M 0 part /boot/efi └─sda3 8:3 0 19.5G 0 part / sdb 8:16 0 20G 0 disk └─sdb1 8:17 0 20G 0 part sr0 11:0 1 1024M 0 rom
$ sudo umount /dev/sdb1 [sudo] password for user: umount: /dev/sdb1: not mounted.
Launch live cd such as from Ubuntu installer if the disk can't be unmounted such as the root filesystem.
$ sudo dd if=/dev/zero of=/dev/sdb status=progress 21471859200 bytes (21 GB, 20 GiB) copied, 269 s, 79.8 MB/s dd: writing to '/dev/sdb': No space left on device 41943041+0 records in 41943040+0 records out 21474836480 bytes (21 GB, 20 GiB) copied, 269.451 s, 79.7 MB/s
This will take a while as dd will need to write every single bit of data within the disk. Time taken depends on the disk size and disk speed.
Replace /dev/zero with /dev/random or /dev/urandom to fill the disk with random character instead.
It is recomended to use /dev/random or /dev/urandom and to repeat this step multiple times (multi-pass) for SSD devices as some built-in function in SSD's controller might still leave some data intact with the common disk-zeroing method.
$ partprobe
$ lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT loop0 7:0 0 55.4M 1 loop /snap/core18/19 loop1 7:1 0 55.4M 1 loop /snap/core18/19 loop2 7:2 0 51M 1 loop /snap/snap-stor loop3 7:3 0 219M 1 loop /snap/gnome-3-3 loop4 7:4 0 217.9M 1 loop /snap/gnome-3-3 loop5 7:5 0 31.1M 1 loop /snap/snapd/104 loop6 7:6 0 62.1M 1 loop /snap/gtk-commo loop7 7:7 0 64.8M 1 loop /snap/gtk-commo loop8 7:8 0 51M 1 loop /snap/snap-stor loop9 7:9 0 31.1M 1 loop /snap/snapd/107 sda 8:0 0 20G 0 disk ├─sda1 8:1 0 1M 0 part ├─sda2 8:2 0 513M 0 part /boot/efi └─sda3 8:3 0 19.5G 0 part / sdb 8:16 0 20G 0 disk sr0 11:0 1 1024M 0 rom
# timeout 1 head /dev/sdb
A timeout needs to be set to the command since the disk is now empty, or else the command will need to scan the whole disk before it quits.
Comment anonymously. Login not required.