• ARTICLES
SEARCH

How-To Geek

Use an Ubuntu Live CD to Securely Wipe Your PC’s Hard Drive

Have you ever given or sold a PC to somebody else, but really wanted to completely wipe the hard drive first? Today we’ll show you how to use an Ubuntu Live CD to get your personal information off your PC.

sshot-1

When you delete a file in Windows, Ubuntu, or any other operating system, it doesn’t actually destroy the data stored on your hard drive, it just marks that data as “deleted.” If you overwrite it later, then that data is generally unrecoverable, but if the operating system don’t happen to overwrite it, then your data is still stored on your hard drive, recoverable by anyone who has the right software.

By securely deleting files or entire hard drives, your data will be gone for good.

Note: Modern hard drives are extremely sophisticated, as are the experts who recover data for a living. There is no guarantee that the methods covered in this article will make your data completely unrecoverable; however, they will make your data unrecoverable to the majority of recovery methods, and all methods that are readily available to the general public.

Shred individual files

Most of the data stored on your hard drive is harmless, and doesn’t reveal anything about you. If there are just a few files that you know you don’t want someone else to see, then the easiest way to get rid of them is a built-in Linux utility called shred.

Open a terminal window by clicking on Applications at the top-left of the screen, then expanding the Accessories menu and clicking on Terminal.

sshot-11

Navigate to the file that you want to delete using cd to change directories and ls to list the files and folders in the current directory.

As an example, we’ve got a file called BankInfo.txt on a Windows NTFS-formatted hard drive.

sshot-15

We want to delete it securely, so we’ll call shred by entering the following in the terminal window:

shred <file>

which is, in our example:

shred BankInfo.txt

sshot-16

Notice that our BankInfo.txt file still exists, even though we’ve shredded it. A quick look at the contents of BankInfo.txt make it obvious that the file has indeed been securely overwritten.

sshot-14

We can use some command-line arguments to make shred delete the file from the hard drive as well. We can also be extra-careful about the shredding process by upping the number of times shred overwrites the original file.

To do this, in the terminal, type in:

shred –remove –iterations=<num> <file>

By default, shred overwrites the file 25 times. We’ll double this, giving us the following command:

shred –remove –iterations=50 BankInfo.txt

sshot-18

BankInfo.txt has now been securely wiped on the physical disk, and also no longer shows up in the directory listing.

Repeat this process for any sensitive files on your hard drive!

Wipe entire hard drives

If you’re disposing of an old hard drive, or giving it to someone else, then you might instead want to wipe your entire hard drive. shred can be invoked on hard drives, but on modern file systems, the shred process may be reversible. We’ll use the program wipe to securely delete all of the data on a hard drive.

Unlike shred, wipe is not included in Ubuntu by default, so we have to install it. Open up the Synaptic Package Manager by clicking on System in the top-left corner of the screen, then expanding the Administration folder and clicking on Synaptic Package Manager.

sshot-2

wipe is part of the Universe repository, which is not enabled by default. We’ll enable it by clicking on Settings > Repositories in the Synaptic Package Manager window.

sshot-3

Check the checkbox next to “Community-maintained Open Source software (universe)”. Click Close.

sshot-4

You’ll need to reload Synaptic’s package list. Click on the Reload button in the main Synaptic Package Manager window.

sshot-5

Once the package list has been reloaded, the text over the search field will change to “Rebuilding search index”.

sshot-6

Wait until it reads “Quick search,” and then type “wipe” into the search field. The wipe package should come up, along with some other packages that perform similar functions.sshot-7

Click on the checkbox to the left of the label “wipe” and select “Mark for Installation”.

sshot-8

Click on the Apply button to start the installation process. Click the Apply button on the Summary window that pops up.

sshot-9

Once the installation is done, click the Close button and close the Synaptic Package Manager window.

sshot-10

Open a terminal window by clicking on Applications in the top-left of the screen, then Accessories > Terminal.

sshot-11

You need to figure our the correct hard drive to wipe. If you wipe the wrong hard drive, that data will not be recoverable, so exercise caution!

In the terminal window, type in:

sudo fdisk -l

A list of your hard drives will show up. A few factors will help you identify the right hard drive. One is the file system, found in the System column of  the list – Windows hard drives are usually formatted as NTFS (which shows up as HPFS/NTFS). Another good identifier is the size of the hard drive, which appears after its identifier (highlighted in the following screenshot).

sshot-12

In our case, the hard drive we want to wipe is only around 1 GB large, and is formatted as NTFS. We make a note of the label found under the the Device column heading. If you have multiple partitions on this hard drive, then there will be more than one device in this list.

The wipe developers recommend wiping each partition separately.

To start the wiping process, type the following into the terminal:

sudo wipe <device label>

In our case, this is:

sudo wipe /dev/sda1

Again, exercise caution – this is the point of no return!

sshot-13

Your hard drive will be completely wiped. It may take some time to complete, depending on the size of the drive you’re wiping.

Conclusion

If you have sensitive information on your hard drive – and chances are you probably do – then it’s a good idea to securely delete sensitive files before you give away or dispose of your hard drive. The most secure way to delete your data is with a few swings of a hammer, but shred and wipe from a Ubuntu Live CD is a good alternative!

This technique isn’t the only way to dispose of data from an old PC, but it just goes to show how truly versatile a Linux Live CD can be when repairing a Windows PC—you can reset your password, clean off a virus infection, recover deleted files, or even recover files from your dead Windows computer. If you don’t want to carry optical media around with you, you can always create a bootable Ubuntu flash drive instead.

Trevor is our resident Linux geek, but always keeps his eyes open for neat Windows tricks too.

  • Published 04/19/10

Comments (27)

  1. Mark

    That’s a rather overcomplicated way to wipe a hard drive. Here’s one that’s slightly less complicated.

    1. Download Darik’s Boot and Nuke (Free, Open-source utility) as an ISO
    2. Burn iso
    3. Boot iso
    4. Type “autonuke” and press enter.

  2. Thomas

    Funnily a few swings of hammer is a really bad method to wipe a hard disk.
    Good luck before you manage to break the platters, a HD’s case is super resistant.

    What you could do is drill at least 3 holes through the HD and its platter, but then you’ll need a professional drill because it will require a lot of power.

    Last but not least (this is the solution we use at work) is a degausser. It’s an expensive machine that generates a strong magnetic field and a. destroys most of the electronic inside and b. erases everything on the HD.

    I have other solutions in fact, use CCleaner to wipe the HD, in the options of CCleaner you can ask to wipe empty space on a particular HD. Basically the software will write “0″ on all the empty space of your HD. So simply format the HD with Windows for example and then use CCleaner to wipe empty disk space. By writing “0″ everywhere, you are sure your old data will not be recoverable.

  3. Thomas

    Another story about HD wipe, we had about 500s HD at work to throw away, instead of degaussing them one y one, we arrange with a waste management company to shred them all in an industrial shredder. One guy of our department had to go to visually confirmed the HDs were dead. Basically after the shredder you’re left with HD particules…. now this is what I call data security ;-)

  4. whiplash55

    Great Linux tips, keep them coming!
    Mark

  5. The Geek

    @Mark

    You’re right, there are a few easier methods for wiping a drive, but we’ve been going through a series on how to use an Ubuntu Live CD to perform various PC maintenance tasks. The point is that you can take your Live CD anywhere, and use it to perform almost any maintenance task.

  6. John

    If you don’t have internet access to install wipe, could you use “shred *”?

  7. Ryan

    I don’t mean to crush your work but wouldn’t be alot easier to burn a disc of DBAN, since in your article you burn the ubuntu cd, and then install packages on top of that, but their is no point if dban is made to do that.

  8. Mike

    Why not just use DBAN http://www.dban.org/ ? It does the whole drive and performs a DOD type wipe.

  9. The Geek

    You can definitely use DBAN, we were just trying to illustrate how you can do the same thing with a Live CD.

  10. Spydey

    Nice article. Thanks for the info. I will be sure to download wipe for my persistent ubuntu live usb drive. I never leave home with out it! It has come in handy on so many occasions!

    -Spydey

  11. Vanja

    Only useful if you don’t have DBAN around…

  12. Se7en

    It is my understanding that modern hard drives no longer need the 25 times overwrite thing? That even the original author of that idea disavowed it?

    http://news.softpedia.com/news/Data-Wiping-Myth-Put-to-Rest-102376.shtml

    I know the default response is “better safe than sorry”, but it makes a huge difference in time when you are talking a lot of drives and data…so if its not necessary, why continue to propogate the idea?

    Unless there is new evidence about data recovery, in which case, nevermind :p

  13. Trevor Bekolay

    @John

    Yes, you can sudo shred * in the root folder of a drive to obscure everything. It is less thorough than wipe, because journaling file systems may be able to revert the changes, but it’ll still be more secure than quick formatting the drive.

  14. Trevor Bekolay

    @Se7en

    Unfortunately I don’t have the background in data security to answer your question as well as it should be answered. I share your skepticism, especially considering how incredibly dense information is packed on a hard drive nowadays (I’m still amazed that the technology doesn’t break down way more than it does now).

    There are some advances in data recovery on the OS level, primarily with new journaling filesystems. With write caching, multiple iterations might not even get propogated to disk (of course, in this case, you also won’t take as big of a speed hit).

    But yeah, you’re probably right that one or two iterations are all you need. I leave the wipe settings at their default simply out of ignorance of how much is really necessary.

  15. weirdtalk

    shred can also wipe the empty space.

    This command is the equivalent (I think, don’t quote me) to a DoD3 wipe:

    shred -zn4 /dev/hda

    z makes the last pass zero the data. n lets you choose how many passes (4 in this case).

    To my knowledge I don’t know of any method to recover data from a zeroing (shred -zn1 ) that you can do or even pay for. So unless you have a lot of free time to spend on wiping you disk, or are paranoid that the government will get you, I wouldn’t bother. (shred -zn1 is what I use.)

  16. CVL

    IIRC:

    sudo dd if=/dev/urandom of=/dev/sd?

    works pretty well, too. Might be slower than some of the targeted utilities, but all options will have to write every sector of the disk at least once, and that can’t be too fast!

  17. Alok

    Great, great article and all the screenshots are superb and helpful!!! Keep up the excellent work!

  18. michael

    This is good enough for government wipes on hdd’s after 2005.

    dd if=/dev/zero of=/dev/sd?

    then you have to confirm it

    cat /dev/sd? | od
    which should say
    0000000……
    *
    472834937
    Thats 3 lines, ending in total disk size and confirm there is no data.

  19. Mark

    We use a security disintegrater to wipe our drives. Try to realign dust particles to reproduce a readable magnetic signature :) Basically grinds the drive into dust. Boards, platters, housing (drive complete) all goes in on end and dumps like sand in a hour glass on the other. This is by far the best method.

  20. Lunatic00

    I just ran this on an old 60Gb laptop HD and it took quite a lot of time (about 20h). Is there a way to wipe a HD quicker (less passage maybe).

  21. Matt

    sudo shred dev/sda -f -v -z –iterations==N

    Where N is the amount of iterations you want to run. I usually do two or three, it then overwrites it all with zeros. Technically overwriting with zeros should be enough for any normal person as recovery is quite expensive afterwards.

  22. Ovee

    Thank you so much for this article. Been looking for this all over the net, but none was complete like yours. I appreciate you taking the time and helping us out.

  23. Mr WordPres$uccess

    I want to thank you for this straight-forward guide. As I’m using Ubuntu to enter the world of Linux, I’m glad to know “little” tricks like this. Keep ‘em coming!

  24. Brandon

    Great walkthrough. Very helpful.

  25. JFekete9076

    How can I wipe free space on an ext4 partition without corrupting data?

  26. Oli

    if i do a full/complete (re)install of Ubuntu on said machine i’ll be parting with…does that work or are the files still there?

  27. Gin

    I used Dban and it actually did nothing…whats with that?

Enter Your Email Here to Get Access for Free:

Go check your email!