What is the most secure way to wipe your hard drive?Phil Biundo
What is the most secure way to wipe your hard drive?
You’ve probably read stories about people’s identifies and even secret government data being stolen from recycled hard drives. Will disk-wipe software protect you when you recycle your hard drive? Or should just you ask someone who has a drill press to physically destroy your old hard drives?
Physical destruction is the most obvious way to make your data hard to retrieve. A hard drive can also be destroyed with an angle grinder or by degaussing. For most of us, however, this is overkill and it’s wasteful. If your old drive is still good, someone can use it.
How can you assure that your data will be safe after you recycle your drive without physically destroying the drive? Simply deleting files or formatting the drive isn’t enough if you have sensitive or confidential data on the drive. The files will remain on the hard drive, invisible to you, but easily read by anyone who knows how to retrieve them.
If there are certain files or folders you want to wipe selectively, software like the free, open-source Eraser can do that for you.
Encrypt the drive?
You may wonder about simply encrypting the drive and throwing away the keys. This should work as long as you use robust encryption, but using disk-wipe software doesn’t usually involve more work and actually removes your data from the drive by writing other information over everything. It works by making a specified number of passes over the drive, writing ones or zeroes with each pass. The more passes it makes, the harder it will be for anyone to recover your data.
How many passes?
This is where things become blurred. . People have strong but differing opinions about this. Some people insist that standards such as the US Defense Department’s DoD 5220.22M 3 pass requirement is the minimum safe standard for wiping a hard drive, but others insist that more passes, such Peter Gutmann’s 35 pass algorithm, is the only real safe approach.
Yet even Peter Gutmann has conceded that his method is mostly obsolete on current hard drives, and many believe that a single pass is sufficient. For most of us who aren’t going to have the NSA or the KGB trying to recover data from our old hard drives, a single pass might be enough.
Don’t wipe the wrong drive!
This might seem obvious, but if you have multiple drives in your system, you need to be careful. Before wiping your hard drive, first shut down the computer and disconnect all other drives and boot from a CD or USB flash drive. It would take just a moment of inattention to lose everything on the wrong hard drive.
Also, of course make sure that all your data has been backed up before you wipe the drive.
How to wipe an SSD?
SSDs store data differently than hard drives.The intense, large-scale writes described above could prematurely wear out your SSD. Most SSD manufacturers offer utilities that include tools for securely erasing the SSD. For example, Intel has the Solid-State Drive Toolbox and OCZ has the SSD Guru, which both include Secure Erase options.
You’ll find a wide variety of free and paid software for securely wiping your drives. You can find them with searches such as “disk wipe” and “disk erase.” A few well-known commercial ones are Active KillDisk, Avanquest, Diskstroyer, and iolo’s DriveScrubber (none of these are endorsements). One free alternative is the old standby GParted.
Operating system utilities
Some operating systems have utilities that claim to secure erase a drive. On a Mac, OS X has Disk Utility, which allows you to erase files up to seven passes. Windows 8, 8.1, and 10 have options to fully clean the drive. The dd command can accomplish this in Linux. If you have high security needs, however, none of these may be sufficient.
No method is guaranteed
None of these methods is absolutely guaranteed to protect your data. If a government agency or criminal organization is skilled and determined enough, nothing short of totally pulverizing your drive will be enough to keep someone from getting data from it. The key thing to determine is how valuable the data might be to others and to what lengths they might be willing to go to recover it.
For most of us, a single pass with any good disk-wipe software will be enough. If you’re still worried, do multiple passes before donating the drive to a worthwhile organization.
Confirm the wipe
Before giving it away, however, you may want to confirm that the wipe has been successful by using data recovery software to try to recover deleted data. One example is Recuva, which scans your drives for deleted files and gives you a report listing them.
Despite the scary headlines we see about private data being recovered from recycled drives, the average person will be safe using disk-wipe software with one or more passes. If you’re a business that’s handling other people’s personal or financial data, then destroying the hard drive may be the best option.