1 |
On Sun, Jul 12, 2015 at 8:35 AM, Marc Joliet <marcec@×××.de> wrote: |
2 |
> |
3 |
> My question is how precisely the disks should be cleared. From various sources |
4 |
> I know that overwriting them with random data a few times is enough to render |
5 |
> old versions of data unreadable. I'm guessing 3 times ought to be enough, but |
6 |
> maybe even that small amount is overly paranoid these days? |
7 |
> |
8 |
> As to the actual command, I would suspect something like "dd if=/dev/urandom |
9 |
> of=/dev/sdx bs=4096" should suffice, and according to |
10 |
> https://wiki.archlinux.org/index.php/Random_number_generation#.2Fdev.2Furandom, |
11 |
> /dev/urandom ought to be random enough for this task. Or are cat/cp that much |
12 |
> faster? |
13 |
|
14 |
I'd probably just use a tool like shred/wipe, but you have the general idea. |
15 |
|
16 |
I'd probably follow it up with an ATA secure erase - for an SSD it is |
17 |
probably the only way to be sure (well, to the extent that you trust |
18 |
the firmware authors). |
19 |
|
20 |
If it weren't painful to set up and complicated for rescue attempts, |
21 |
I'd just use full-disk encryption with a strong key on a flash drive |
22 |
or similar. Then the disk is as good as wiped if separated from the |
23 |
key already. |
24 |
|
25 |
-- |
26 |
Rich |