Drive Data Erasure

Detailed on this page are the various applicable ways to securely erase data from a drive.

  • Assumes commands are run as root, and drive is correctly identified.
  • Keep your drives encrypted whenever possible. There is little reason not to do so.
  • For SSDs adding the discard or discard=async option to your mounts can reduce deleted data lifetime.

Method 1

This method applies to traditional hard drives, flash drives, SD cards, and the like.

  • shred --iterations 1 --verbose /dev/sdX

Method 2

This method applies to solid state drives and advanced flash drives.

  • blkdiscard /dev/sdX #minimize wear from next step
  • shred --iterations 1 --verbose /dev/sdX
  • hdparm --user-master u --security-set-pass password /dev/sdX
  • hdparm --user-master u --security-erase-enhanced password /dev/sdX

Method 3

This method only applies to hybrid solid state hard drives.

  • shred --iterations 1 --verbose /dev/sdX
  • hdparm --user-master u --security-set-pass password /dev/sdX
  • hdparm --user-master u --security-erase-enhanced password /dev/sdX

Method 4

This is the ultimate method for ensuring destruction of data.

  • Perform the medium's respective method detailed above.
  • Take apart the drive.
  • Take a hammer or drill to the platters or flash chips.

Bonus 1: Erase Free Space

This is a non-destructive method for an in-use drive to greatly reduce the recovery chance of deleted files.

  • cd into a path on the drive
  • scrub --no-hwrand -p random -X cfs

Bonus 2: Erase Free Space on Android

This is a non-destructive method for an Android device.

Donate