Hello,
How would you wipe a SSD or HDD quickly, without the data being fully recoverable? I know some files will be recovered, and I'm fine with that as long as you cannot recover 100% of the drive.
Thank you!
Hello,
How would you wipe a SSD or HDD quickly, without the data being fully recoverable? I know some files will be recovered, and I'm fine with that as long as you cannot recover 100% of the drive.
Thank you!
Normal quick format would wipe and NOT 100% recoverable. Actually no guarantee at all that any would be recoverable. Non-quick format would be even with less chance of recovering, I guess !!
For mechanical HDDs manufactured after 2001, which is essentially any one you find nowadays, the built-in ATA Secure Erase command is all you need. It will wipe everything, including reallocated and hidden sectors, and since it's run by the firmware, it'll be as fast as possible. I use HDAT2 to send it, but if you can't or don't want to hotplug disks to get rid of frozen status, try Parted Magic. Any other Linux distribution that includes hdparm will also work, just make sure you disable power savings and sleep mode everywhere, because you don't want to computer going into standby in the middle of the process.
But if that's not quick enough for you, I guess you can delete the first 10% of each disk and/or partition.
For SSDs, things are more complicated. I encourage you to read the attached papers, but here are the key points:
- Traditional overwriting techniques are ineffective because of how flash memory works.
- You rely exclusively on a good implementation of the ATA Secure Erase command, but sadly that's delivered by few manufacturers; two particularly egregious cases had the drives reporting success, when only the first few sectors (or none at all) had been erased.
- Speed is a non-issue when the command does work effectively, it runs in less than a minute on even the highest-capacity drives.
- The only 100% effective way to sanitize information in any solid-state storage medium is to use full disk encryption from day zero, and discard the key(s) when you need to "erase" it.
"I just remembered something that happened a long time ago."
This is good. I'll keep this in mind the next time I buy USB-SSD drives.The only 100% effective way to sanitize information in any solid-state storage medium is to use full disk encryption from day zero, and discard the key(s) when you need to "erase" it.
But for now, for an SSD, what would be best? Should I use:
ordiskpart
clean
format fs=ntfs quick
diskpart
clean all
format fs=ntfs
I would run clean all, which is equivalent to zero-filling. The full implications of that are described in the papers, but essentially, it'll stop any adversary that can't disassemble the disk and read the flash chips directly. Under Windows 8 and above, you'll want to run defrag x: /o after recreating the partition, to send the TRIM command and restore writing performance; for Windows 7 and below, there's this.
Both of your examples are missing create partition primary, by the way. Can't format something that doesn't exist anymore
"I just remembered something that happened a long time ago."
this is a bad idea because by doing so you completely rely on the quality of whatever encryption you used.Originally Posted by anon
Your account has been disabled.
@anon
Fully automated code.
Code:CLS ECHO. ECHO ============================= ECHO Running Admin shell ECHO ============================= :checkPrivileges NET FILE 1>NUL 2>NUL if '%errorlevel%' == '0' ( goto gotPrivileges ) else ( goto getPrivileges ) :getPrivileges if '%1'=='ELEV' (shift & goto gotPrivileges) ECHO. ECHO ************************************** ECHO Invoking UAC for Privilege Escalation ECHO ************************************** setlocal DisableDelayedExpansion set "batchPath=%~0" setlocal EnableDelayedExpansion ECHO Set UAC = CreateObject^("Shell.Application"^) > "%temp%\OEgetPrivileges.vbs" ECHO UAC.ShellExecute "!batchPath!", "ELEV", "", "runas", 1 >> "%temp%\OEgetPrivileges.vbs" "%temp%\OEgetPrivileges.vbs" exit /B :gotPrivileges setlocal & pushd . set "psCommand=powershell -Command "(new-object -COM 'Shell.Application')^ .BrowseForFolder(0,'Please choose a folder.',0,17).self.path"" for /f "usebackq delims=" %%s in (`%psCommand%`) do set "SrcDrv=%%s" if "%SrcDrv:~3,1%"=="" (set SrcDrv=%SrcDrv:~0,-1%) (echo select disk %SrcDrv% echo clean all echo convert mbr echo create partition primary echo format quick fs=ntfs echo exit ) | diskpart.exe defrag %SrcDrv%: /o
A strong key, an algorithm with no known vulnerabilities and an audited open-source implementation of it should be assumed whenever encryption is used
"I just remembered something that happened a long time ago."
And what software would you recommend? I would use TrueCrypt but I'm not so sure anymore.A strong key, an algorithm with no known vulnerabilities and an audited open-source implementation of it should be assumed whenever encryption is used
TrueCrypt is okay. Even though its development ended under rather mysterious circumstances, the source code has been audited and confirmed to be safe.
DiskCryptor is also good. When compared to TrueCrypt, it essentially trades container support for faster decryption speeds.
"I just remembered something that happened a long time ago."
that's the wrong approach. the crucial part here is that you're preparing for the future i.e. the encryption you apply when you start using the disk is meant to keep you safe at some time in the future when you wanna sell it or something similar. and exactly that's the problem, what's considered safe today can be totally useless in let's say 3 years from now.A strong key, an algorithm with no known vulnerabilities and an audited open-source implementation of it should be assumed whenever encryption is used
unless you can see the future this method always is a gamble.
don't get me wrong, for a little more privacy this is good enough but can obviously never be considered 100% (except for clairvoyants)
Your account has been disabled.
how about mentioning what would you consider 'a good idea' or 'a good approach'?
this applies to any method or approach used, from private to corporate ones of any scale (in this era)
agreed, no materialistic method is 100% sure
not even for them as they can only see parts of the future, not the whole, not whatever they may want to see
if it has to remain usable: none. ssds are only really wiped if you burn them.
not at all, if you wipe a non-ssd before selling for example it it's fine.this applies to any method or approach used
anyway since Master Razor said he'd be fine with having just most of the data wiped using any of the mentioned methods should do the job. i just jumped in to fix the 100% statement
Your account has been disabled.
and if the process of burning is successful, and if no method can retrieve such data and if no one can access your memory of the data and if no one can re-materialize the data and if no one already made a backup of that data, and, and,...
it may be fine, but you do realize that even a small chance that something may go wrong at any stage of the process is basically a gamble, ie. a 99,9% successful deletion rate leaves that 0,1% open to data retrieval
in other words, whatever (materialistic) method anyone may suggest, with any level of technological abilities, it still does not guarantee 100% security... ever
additionally, in the spiritual sense, if your karmic equation points to a failure in security, nothing you do will avoid that failure, on the contrary, whatever you do will lead towards the failure
you might need a vacation
Your account has been disabled.
Posting Permissions
Reply With Quote
Bookmarks