How to REALLY erase a hard drive - Update

How to REALLY erase a hard drive - Update

Summary: A new version of HDerase.exe has been releasedGo direct to UCSD's Center for Magnetic Recording Research website to download version 3.

SHARE:
TOPICS: Hardware
35

A new version of HDerase.exe has been released Go direct to UCSD's Center for Magnetic Recording Research website to download version 3.2.

HDerase.exe accesses an ATA disk drive's internal Secure Erase commands to wipe a disk clean. Merely deleting a file doesn't delete your data: the data is still on the disk and can be recovered by anyone with a few readily available tools. Credit card numbers, passwords, emails, medical info, anything on your hard disk is liable to be recovered.

What is Secure Erase? Secure Erase is built into all ATA-compliant disks drives since 2001. This functionality is recognized by the US Government's National Institute of Standards and Technologies (NIST) as equivalent to magnetically wiping a drive (degaussing) or physically destroying it. NIST also rates the secure erase commands as more secure than external host-based drive wiping utilities such as Boot and Nuke. Secure Erase complies with HIPAA, Personal Information Protection and Electronic Documents Act (PIPEDA), the Gramm-Leach-Bliley Act (GLBA), and California Senate Bill 1386 for data destruction.

There is no data recovery after running HDerase.exe! Don't mess with it if you don't know what to do with a blank drive.

HDerase.exe is for techies If you aren't comfortable working at the DOS command line, formatting disks and installing software, HDerase.exe is not for you. Find someone who is familiar to set it up and train you if you have a lot of disks to erase.

From the readme:

HDDerase.exe is a DOS-based utility that securely erases "sanitizes" all data on ATA hard disk drives in Intel architecture computers (PCs). It offers the option to run the drive internal secure erase command, security erase unit, based on the ATA specification by the T13 technical committee. To run the utility make a floppy, recordable CD-R, or USB DOS bootable disk; then copy HDDerase.exe to the bootable media. Reboot the computer with the floppy, CD-R, or USB inserted, and type "hdderase" at the system DOS prompt. Make sure to set the correct priority boot order in the system BIOS, such as first boot floppy, CD-R, or USB depending on which media is used to run HDDerase.exe. HDDerase.exe must be run from an actual DOS environment and not a Window based DOS command prompt environment.

HDerase.exe improvements A partial list from the revision history:

  • HDDerase sets user password as "idrive" before performing (enhanced) secure erase. HDDerase also attempts to unlock drive with passwords from previous versions.
  • If selected drive is locked with a non-HDDerase password the user is given the option to: 1) unlock with user password, 2) unlock with master password (if high security), 3) secure erase with user password, 4) secure erase with master password, 5) enhanced secure erase with user password (if supported), 6) enhanced secure erase with master password (if supported). If option 3, 4, 5 or 6 is selected any possible HPA and/or DCO areas will not be reset.
  • If the system BIOS executes a "security freeze lock" command upon drive detection HDDerase attempts to bypass this. A hard reboot is required if the attempt is successful. Afterwards HDDerase should be run once more and the drive should not be in a frozen state. HDDerase will not attempt to bypass if a Host Protected Area is set. NOTE: This internal method may not work on all drives (MAXTOR drives for sure) and the FAQ should be checked for other methods to bypass the BIOS freeze lock.

The Storage Bits take Given all the stories about data recovered from used computers you'd think people would be a little more paranoid. UCSD's CMRR is doing good work here. I'd like to see a version for Mac users. Any takers?

Learn more about Secure Erase at How to REALLY erase a hard drive.

Comments welcome.

Topic: Hardware

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

35 comments
Log in or register to join the discussion
  • I prefer physical destruction, so much more satisfying >:) (nt)

    nt = no text
    CobraA1
    • With a some mods to your launcher, hard drives make good skeet too.

      PULL!!!!
      Hallowed are the Ori
    • Reading comprehension

      There is the possibility that someone would want to destroy the data and NOT the drive itself.

      Try reading the article title. Its says to ERASE a hard drive, not destroy it. In other words, in the context of the article your comments are useless.
      ibabadur1
      • oh come on...

        ...lighten up
        D T Schmitz
      • ..and besides

        What if you're a lousy shot?

        :)

        George
        guiri
        • Practise makes perfect

          re. and besides.
          I guess the fun would be, keep trying until you get it right. After testing 1" bullet proof Lexan with various weapons, including a shotgun, I would recommend a 357 after you're done with skeet. A shotgun at any distance against a hard drive will do little to damage the platters. Maybe the heads but not the platters.

          Have fun!!!!
          dave01234
          • You are correct

            A 357 does a good job. My .22 just wouldn't do much damage to the platters. and my shotgun just put a bunch of little dents in it unless I got real close, and wheres the sport in that? My favorite all-around was the 9mm using hollow point bullets. Try it, its great family fun!
            jdunigan
  • dd if=/dev/zero of=/dev/hda

    Some Linux arcana:
    [url=http://talkback.zdnet.com/5208-12694-0.html?forumID=1&threadID=33314&messageID=613948&start=-9747]FYI[/url]

    Be safe and secure folks.
    Hail HIPAA!
    D T Schmitz
    • dd if=/dev/zero of=/dev/hda won't work.

      This just dumps zeroes on to every sector on the disk. This will only thwart newbies. There are several ways of doing data recovery after this. I've dealt with a data recovery company who has multiple clean rooms, where they open up your drive platters and use STM techniqies to recover data. There are professional data recovery companies specializing in this.

      Secure erase writes random bits to every sector multiple times.
      kraterz
      • I don't believe it

        /dev/zero or /dev/random will write and nothing is recoverable thereafter.
        D T Schmitz
        • Believe it

          kraterz is correct. One overwrite (and sometimes even two or three) doesn't sufficiently erase old data. It is, with the proper tools, completely possible to recover traces of the old bits recorded to the magnetic surface.

          You've no doubt seen on TV or the movies where someone lightly rubs a pencil across a pad of paper to see what was written on the sheet just torn from the top of the pad? Although this is very simplified, the idea in the previous paragraph works on the same principal, and it's used more frequently than you might imagine.

          Don't depend too much on the tools you're suggesting to destroy sensitive data. (...and in today's society, your SSN and bank account numbers are sensitive data.)
          Zeppo9191
          • Nonsense

            nt
            D T Schmitz
          • Not Nonsense , _dietrich

            Just because you haven't heard of it doesn't mean it isn't true. There are tools that can resurrect data from the magnetic residue under the zeros that "dd" command line writes, from the edges of the track that doesn't get overwritten, and a bunch of other ways.

            You can believe what you want to, but I wouldn't want MY data on your old hard drives!
            dumptux
      • dd is better

        @kraterz <br />True, it should be relatively easy to recover data wiped with a single pass, esp when the pass is a zero-fill. But if you<br><br /><code>dd if=/dev/urandom of=/dev/hdX</code><br>10 times(you cant use /dev/random to wipe a disk, it's pool is too small for that)<br /><br>finally <br><code>dd if=/dev/zero of=/dev/hdX</code><br><br />then the data is definitely unrecoverable...<br><i>IF it is, you should be able to demonstrate saving 20TB of data in my 2 TB HDD!</i><br><br>PS:I dont think secure erase wipes the same block more than 3 times..
        hashanga
  • Here's the best way to "erase" your drive.

    This is one of the best methods I've seen:
    http://driveslag.eecue.com/
    kraterz
  • Secure erase not so secure

    When writing finite bits to the disk sector, there is a finite probability that the resultant string of randomised bits MAY in fact generate something incriminating.

    For example: (regardless of how unlikely this may seem), any string of random characters may well create a brand new wordfile on the computer by pure chance .. which contains legible words, which string together to form sentences which may in turn connect the previous owner of the hard disk with Al-Qaida, the Mafia, insider trading, un-patriotic activites, Linux 'development', or any manner of unsavory activities.

    The larger the hard disk being randomly 'wiped' in this fashion, the greater the probability that some new and undesirable content would be created by chance.

    I for one would NOT place my trust in such a tool, risking a lifetime of torment in Guantanimo Bay in exchange for the 'security' of having my hard disk cleaned prior to resale.

    The solution ? One should purchase a new copy of the Vista for the said hard disk, and install this on the disk. This would effectively wipe clean the disk of any previous content. The disk could then be disposed of cleanly, with a note that the new owner must purchase another legal copy of the Vista before installing the disk.

    In this situation - everyone wins.
    jerryleecooper
    • I'll bet you are a hoot at a party

      I've actually had that happen. That's why I'm sending this from the comfort of the minimum security ward at the home for wayward computer programmers. Actually, it's not so bad in here, I don't have to pay bills, taxes or cook and the view is terrific. I'm thinking this is an excellent retirement strategy. If I can just think of some way to get back in when I get out in 10 years.
      nyabdns
    • Only if you consider Microsoft to be "Everyone". (NT)

      .
      Update victim
    • Not so bad

      Guantanamo Bay isn't that bad, they feed you well and you have cool iguanas to play with.
      cuba_pete1
    • Ahh, the old "million monkeys on a million typewriters" theory...

      To paraphrase a quote from the last decade: the theory that a million monkeys on a million typewriters will eventually create the works of Shakespear is, thanks to the Internet, oficially disproved.

      At best, your theory [i]might[/i] apply to the occasional random word, but the chance that these random words might be strung together into an intelligible sentence (let alone one that might falsely implicate you in any type of criminal or subversive activity) is incredibly remote.

      With your type of paranoia, how do you leave the house without massive panic attacks? ;)

      Oh, btw, installing Vista (or any other OS, for that matter) will NOT render the old data unrecoverable. Even on the sectors that were used by the new data, it's possible, with the right equipment, to reconstruct data by recovering slight traces of the previous bits recorded there. As to the sectors unaffected by the install, it's a simple chore to recover that data.

      I'm sure you know better, jerryleecooper, but I'm worried about the newbs who might take you seriously.
      Zeppo9191