coreutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Securely wipe laptop hard drive

From: Eric Blake
Subject: Re: Securely wipe laptop hard drive
Date: Fri, 24 Sep 2021 08:40:16 -0500
User-agent: NeoMutt/20210205-773-8890a5 
On Fri, Sep 24, 2021 at 12:30:48PM +0000, Evan Greenup wrote:
> +1 Here,
> 
> If shred can support shredding directory tree recursively, it would be 
> awesome.

It can't, because that's not how shred works.  Recursively shredding
files within a larger filesystem does NOT guarantee that the old file
is wiped out, because modern file systems tend to write the new file
to a different part of the block storage while leaving the old storage
unchanged other than marked as unused; with the right software, it's
fairly trivial to read the contents of those areas of the disk.  On an
even more fundamental level, SSD disks tend to use wear-leveling
technology, where the hardware itself will dynamically reroute writes
to the same logical address to different portions of the storage over
time, again leading to hardware still containing old data that was not
overwritten.  If you are not shredding an entire disk, chances are you
are not actually shredding the old data from the storage.  Adding a
recursive option to shred to visit a series of files (rather than an
entire block device) would give users a false sense of security, so we
are unlikely to do it.

> 
> Sent with ProtonMail Secure Email.
> 
> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
> 
> On Friday, September 24th, 2021 at 9:06 PM, jedenfalco via GNU coreutils 
> General Discussion <coreutils@gnu.org> wrote:
> 
> > I have a laptop and want to securely wipe the hard drive. It would be good 
> > to be able to wipe out an directory tree (e.g. /home) but it seems that dd 
> > can only wipe an entire drive.
> >
> > This means that I have to remove the hard drive and connect it externally 
> > to another PC to wipe it.

No need to unplug the hard drive, when you could instead boot your
computer from a live USB stick with a minimal operating system that
contains enough software to perform the shredding of your unmounted
hard drive.  You may have to tweak BIOS/UEFI settings to be able to
boot from live media instead of from the hard drive, but that's still
easier than moving the hard drive to a different PC.

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3266
Virtualization:  qemu.org | libvirt.org
reply via email to
[Prev in Thread] Current Thread [Next in Thread]