On Sun, Jul 12, 2015 at 8:35 AM, Marc Joliet <[email protected]> wrote: > > My question is how precisely the disks should be cleared. From various > sources > I know that overwriting them with random data a few times is enough to render > old versions of data unreadable. I'm guessing 3 times ought to be enough, but > maybe even that small amount is overly paranoid these days? > > As to the actual command, I would suspect something like "dd if=/dev/urandom > of=/dev/sdx bs=4096" should suffice, and according to > https://wiki.archlinux.org/index.php/Random_number_generation#.2Fdev.2Furandom, > /dev/urandom ought to be random enough for this task. Or are cat/cp that much > faster?
I'd probably just use a tool like shred/wipe, but you have the general idea. I'd probably follow it up with an ATA secure erase - for an SSD it is probably the only way to be sure (well, to the extent that you trust the firmware authors). If it weren't painful to set up and complicated for rescue attempts, I'd just use full-disk encryption with a strong key on a flash drive or similar. Then the disk is as good as wiped if separated from the key already. -- Rich
