Shredding files from your hard disk

-

When you normally 'delete' a file from your hard disk, it's not actually removed from the disk. Instead, only the information that such a file exists is removed. The storage space occupied by the file is made available for reuse. It is therefore possible to recover the deleted files, as long as those disk areas are not overwritten. There are a variety of tools to recover deleted files. But this post is about deleting files permanently and thereby eliminating the possibility of recovery.

One of my hard disks had failed and since it was under warranty, I wanted to return it to the service centre. I wanted to make sure that all files on the disk are destroyed. The following gives the steps to be taken to wipe-out files from the disk using a Linux machine.


The shred utility

The 'shred' program can be used to repeatedly over-write a file's contents so that it's nearly impossible to recover the original data. shred uses specially designed patterns that are written over the file's contents over several passes to maximise the damage caused to the original data.

To shred one file, use the following command:
shred --verbose filename

By default, shred uses 3 overwrite passes. You can change it by using the -n option. You may wish to do more passes on more sensitive files or less passes on ordinary files to save time.

The following command does 2 over-write passes on a file:
shred --verbose -n 2 filename

If you want the file to be deleted after shredding, do this:
shred --verbose --remove filename

shred cannot automatically process directories recursively. You can use the find command as below to shred all files inside a directory recursively:
cd target_dir
find . -name "*" -type f -exec shred '{}' \;

If you want an entire partition to be shredded, the easier way is to first unmount the partition and then do:
shred --verbose /dev/sdxx

Make sure you substitute sdxx with appropriate device for your target partition (sda1, sdb5 etc.)



A less secure, but simpler alternative

If you're not too bothered about security and are not paranoid about government agents conducting Magnetic force microscopy on your HDD to recover your sensitive files, then you can simply overwrite them once with zeros.

This ought to be enough for most purposes:
dd if=/dev/zero of=/dev/sdxx



For the absolutely paranoid

  1. You have your filesystem encrypted to begin with, don't you?

  2. Use shred with 25 passes

  3. As the shred manual says: the best way to remove something irretrievably is to destroy the media it's on with acid, melt it down, or the like

  4. Don't give your HDD to the service centre. Bury it (or what's left of it after step 3) in your backyard instead and buy a new one.


More info
Do info coreutils 'shred invocation' to know more about the shred program.
Read this for some theory on file recovery and secure deletion.

Comments

Post a Comment

Popular posts from this blog

Qt - Enabling qDebug messages and Qt Creator

-
I have been struggling for the past two hours to get qDebug() messages from my Qt 5 application to show up on the 'Application output' pane in Qt Creator IDE on Linux. Finally I found a solution, thanks to a user on Qt IRC channel. To enable log messages in Qt, do the following: Edit ~/.config/QtProject/qtlogging.ini and make sure it has: [Rules] *.debug=true qt.*.debug=false With this, I was getting the messages when I run the application from a terminal. But Qt Creator was not showing the qDebug() messages. To have the messages displayed in Qt Creator, do the following: Qt creator > Tools > Options > Kits, select your kit, find Environment, click change and add: QT_ASSUME_STDERR_HAS_CONSOLE=1 This fixed the problem for me. I thought I should document the full process here as Google wasn't getting me good leads. My environment: Fedora 29 Linux x86-64 Qt 5.11.3 Qt Creator v4.7.2 References: https://bugzilla.redhat.com/show_bug.cgi?id=12272
Read more

പേര്

-
Image
ഒരു പേരിലെന്തിരിക്കുന്നു എന്ന് പലരും ചോദിക്കറുണ്ടല്ലോ.. പക്ഷേ ചില കുട്ടികളുടെ പേരുകള്‍ കേട്ടാല്‍ ഇത്രയും വേണമായിരുന്നോ എന്ന് തോന്നിപ്പോകും. ഈയടുത്ത് ഒരാള്‍ 'മൃത്യു' എന്ന് പേരുള്ള ഒരു കുട്ടിയെ പരിചയപ്പെട്ടു എന്ന് പറഞ്ഞുകേട്ടു. ഏതാണ്ട് ഒരു കൊല്ലം മുമ്പ് ഞാനും ഭാര്യയും ഞങ്ങള്‍ക്ക് ജനിക്കാനിരിക്കുന്ന കുഞ്ഞിന്റെ പേര് തപ്പിനടക്കുകയായിരുന്നു. സ്കാനിങ്ങ് ചെയ്തപ്പോഴൊന്നും കുട്ടി ആണാണോ പെണ്ണാണോ എന്നൊന്നും ഞങ്ങള്‍ അന്വേഷിച്ചില്ല. പക്ഷേ യാതൊരു അടിസ്ഥാനവുമില്ലാത്ത ഏതോ തോന്നല്‍ കാരണം കുട്ടി പെണ്ണ് തന്നെ എന്ന് ഞങ്ങള്‍ ഉറപ്പിച്ചു. എന്റെ പേരന്വേഷണത്തിലുള്ള ചൂടില്ലായ്മയെ പഴിച്ച് പ്രിയതമ കൊണ്ടുപിടിച്ച അന്വേഷണം തുടങ്ങി. അദ്ദേഹത്തിന് ഒരുപാട് നിബന്ധനകള്‍ ഉണ്ടായിരുന്നു. ആരും കേട്ടിട്ടുള്ള പേരായിരിക്കരുത്, S, U, Vമുതലായ അക്ഷരമാലയില്‍ അവസാനത്തില്‍ വരുന്ന അക്ഷരങ്ങളില്‍ തുടങ്ങരുത് മുതലായ കഠിനമായ നിബന്ധനകള്‍. അങ്ങനെ ഇടയ്ക്കിടയ്ക്ക് ഇദ്ദേഹം ഓരോ പേരുകള്‍ കണ്ടുപിടിച്ച് കൊണ്ടുവരും. ഒട്ടുമിക്ക പേരുകളും ഞാന്‍ വീറ്റോ ചെയ്തുകളയും. ഇത് വായിക്കുമ്പോള്‍ നിങ്ങള്‍ക്ക് ഒരു പക്ഷേ ഞാന്‍ ചെയ്തത് ശരിയായില്ല എന്ന്
Read more

Dakhani Degh - Restaurant

-
Just had dinner at the [relatively] new Dakhani Degh restaurant at Chacka Jn., Thiruvananthapuram (just around the corner – towards the Petta-Palayam road). I had heard good words being spoken about the place and couldn't wait to check it out. The very thought that there's a potentially good untested (by me) restaurant in the city had made me restless. Talk about the pressures of being the local gourmand ;-) Dakhani Degh is a restaurant (probably a chain of restaurants) specializing in Hyderabadi cuisine - most notably the Hyderabadi Dum Biryani (or HDB - as these people call it). To be frank, I have never tasted authentic Hyderabadi Biryani, till now, that is. The word 'Dakhani' is derived from 'Deccan' - revealing the Hyderabad connection and 'Degh' is the copper vessel used for cooking (info from the menu card). The specialty of the restaurant is of course the Biryani - with very less oil in it. In fact, their USP is non-sticky fingers once you'v
Read more