How to REALLY erase a hard drive

How to REALLY erase a hard drive

Summary: You may already know that "deleting" a file does nothing of the sort. But did you know that your disk drive has a built-in system for the secure erasure of data?

SHARE:

You may already know that "deleting" a file does nothing of the sort. But did you know that your disk drive has a built-in system for the secure erasure of data?

No? Then read on.

What do you mean "delete" doesn't delete? File information is maintained in a directory so your operating system can find it. All that "delete" does is erase the file's reference information. Your OS can't find it, but the data is still there.

That's what those "file recovery" programs look for: data in blocks that the directory says aren't in use.

You really want to do this If you keep business, medical, or personal financial information on disks, simple deletion isn't enough to protect the data when disposing of the equipment.

Besides identity theft, data loss may leave you or your company liable under federal laws such as HIPAA, Sarbanes-Oxley, Graham-Leach-Bliley or other state laws. Criminal penalties include fines and prison terms up to 20 years. Not to mention the civil suits that can result.

So what's the magic? Something called Secure Erase, a set of commands embedded in most ATA drives built since 2001. If this is so wonderful, why haven't you heard of it before? Because it's been disabled by most motherboard BIOSes.

Secure Erase is a loaded gun aimed right at your data. And Murphy's Law is still in force. But hey, if you're smart enough to read Storage Bits, you're smart enough to not play with Secure Erase until you need to.

How does Secure Erase work? Secure Erase overwrites every single track on the hard drive. That includes the data on "bad blocks", the data left at the end of partly overwritten blocks, directories, everything. There is no data recovery from Secure Erase.

Says who? The National Security Agency, for one. And the National Institute for Standards and Testing (NIST), who give it a higher security rating than external block overwrite software that you'd have to buy. Update: There is an open source external block overwrite utility called Boot and Nuke that is free.

Secure Erase is approved for complying with the legal requirements noted above.

UCSD's CMRR to the rescue The University of California at San Diego hosts the Center for Magnetic Recording Research. Dr. Gordon Hughes of CMRR helped develop the Secure Erase standard.

Download his Freeware Secure Erase Utility, read the ReadMe file and you're good to go.

To use it you'll need to know how to create a DOS boot disk - in XP you can do it with the "Format" option after you right-click the floppy icon in My Computer.

August 2009 Update: The NSA is no longer supporting Dr. Hughes research, so he and his grad students can no longer support the software. However it still works. I also updated the link above. End update.

Update: Some folks have commented that I didn't actually say how to use the utility, leaving that to the readme. For those of you who'd like to judge how tricky this is - and it is definitely not for newbies - here's a quote from the instructions:

Instructions for using HDDerase.exe ---------------------------------------- Copy the downloaded file, HDDerase.exe onto the created floppy/CD-ROM bootable DOS disk. Boot the computer in DOS using the bootable disk. Make sure to set the correct boot priority setting in the system BIOS. Type "hdderase" at system/DOS prompt to run HDDerase.exe. All ATA hard disk drives connected to the main system board will be identified and their information displayed. Make sure that the jumpers on the hard disk drives are correctly configured. Avoid setting the jumpers to CS (cable select) on the hard disk drives. Master or slave jumper setting is preferred.

There's more, but if this is more than you want to deal with then Secure Erase isn't for you. Update II: A late commenter says "Floppy boot does not understand SATA drives and thus the method described does not work." I don't know if it is true or not, but if it is it is worth knowing. Maybe someone well-versed in Windows floppy booting can confirm.

Update III: Well, it appears that bad information can be found on the web. Who knew? This just in from Daniel Commins, a grad student in the CMRR program:

SATA drives can be erased after being booted from a Windows XP MS-DOS startup disk using our software, with over a dozen such drives from various manufacturers I have tested as proof. Another excerpt from the FAQ section of the readme file:

Q: Can HDDerase.exe be used to erase my onboard SATA drive?

A: Yes, but some BIOS configuration may be required. Since hdderase.exe only detects drives on the primary and secondary IDE channels (P0, P1, S0, S1) the BIOS must be configured so that the SATA drive is detected one of these channels. This can be done by switching the SATA drive from "enhanced mode" to "compatibility mode" in BIOS (compatibility mode is sometimes called "native mode" or "IDE mode"). E.g. BIOS >> IDE configuration >> onboard IDE operate mode >> compatibility mode. Note - not all BIOSs support this feature.

Thanks for setting the record straight, Daniel.

The Storage Bits take Protecting data sometimes means erasing it. With this utility every storage pro has another tool to protect confidential information.

PS. Mac users already have a similar option under the Finder: "Secure Empty Trash". And with Disk Utility you can perform a secure erase of all drive free space.

Comments welcome. Another August 2009 update: Laptop users should have charged batteries and preferably wall power. If power fails during a secure erase the ". . . the drive will be in a locked state, preventing all I/O access." Since a large drive can take 2-3 hours to erase, I recommend plugging in wall power for all notebook machines. End update.

Topics: Storage, Hardware, Software, Software Development

About

Robin Harris has been a computer buff for over 35 years and selling and marketing data storage for over 30 years in companies large and small.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

311 comments
Log in or register to join the discussion
  • You've got to be kidding, right?

    This article fails to mention the Darik's Boot and Nuke? Which is without question, and always has been, the best open source (so you know it actually works) and respected hard drive wiper for many many years.

    Come on. This article gets a 'D' at best.
    tecopa03
    • Boot & Nuke is technically and legally inferior

      I guess in your rush to defend what you've used you overlooked a few key points:
      <ul>
      <li>Boot & Nuke is an external disk wiper and will, for instance, ignore
      remapped block</li>
      <li>Boot & Nuke is not NIST certified per NIST 800-88 to meet legal
      requirements, nor could it be, since it is an external disk wiper</li>
      <li>Secure Erase is faster and allows you to erase multiple disks in parallel
      since it is the disk doing the work, not the CPU</li>
      </ul>
      I like open source software too, but sometimes you need to look under the covers
      to understand what you are getting.

      Robin
      R Harris
      • Message has been deleted.

        tecopa03
        • DBAN vs. Secure Erase

          Checked it out for myself, then talked to a good friend who is a computer sciences professor at a nearby state university. We tried it out on 2 systems. Robin's right, Secure Erase is SIGNIFICANTLY faster and completely compliant with U.S. gov standards and practices, DBAN is effective but much slower and NOT technically compliant. In a world where people get sued at the drop of a hat and "noncompliance" can involve obscene fines and endless harassment by government agencies... no thanks I'll take the "compliant" choice every time... Thanks for the heads up Robin!
          tech3@...
        • I have to agree...

          ... with Mr. Harris. If you'll read the Boot & Nuke FAQ, it states explicitly that he will not state that DBAN will work properly, and when asked "Does DBAN conform to my favorite certification or fulfill my local regulatory requirements? HIPAA, Sorbanes-Oxley, PIPEDA, et al?" the answer is simply "No." If you want/need such certifications, you are instructed to buy EBAN, which is the commercial version of DBAN.

          Given this, I would strongly recommend you discuss the legal implications of your present data sanitation practices with your legal department.

          Also, since "Secure Erase" is free and that the body that created the utility (CMRR) is not a commercial entity but a research center based at the University of California, San Diego, I believe your accusations of Mr. Harris benefiting financially from promoting this utility are baseless. If you wish to examine the code for this utility to confirm to your own satisfaction that it works as advertised, I suggest you contact Dr. Hughes at CMRR.
          muzhik
          • More secure way.

            Hi all, the software in question is top dog, but for me i take the harddrive to bits, breakup the disks into small pieces and pass on to recycling (melted down for new).Though if you would want the harddrive to have a secound life then "Secure Erase" is the way to go.
            Peconet Tietokoneet-21703818799325819467806990363298
        • Please be polite

          You lose credibility and make it difficult to be taken seriously when you are vulgar and rude.
          krisaustinse@...
          • Rightful observation

            Justifiable observation and, when vulgarity is introduced in the message, it is the clearest indicator of the writer being uneducated. Now, how's that for a disk wipe?
            professordnm
        • You really should READ an article before you begin to slam it.

          You'd see that Secure Erase IS IN THE HARDWARE.

          If you really do work for the DoD (not DOD), I shudder for our national security and begin to understand where some of our problems are coming from.

          From now on RTFA!
          friedcow
          • I used to work for the Department of Defense

            Even the security gurus are often clueless about the software they use and 'recommend'.

            The fact of the matter is, most of them are handed an application, told that it does such and such, and ordered to use it and nothing else. Failure to do so is considered failure to obey a lawful order and a nasty legal offense which tends to eliminate any desire to explore other alternatives, or even understand how something works.

            My favorite story is the time I bought a couple of pallets of computers from DRMO, and found the OSI had nelected to remove their investigation case files from a bunch of them. And after repossessing them for two weeks to 'sanitize' them, returned them to me after merely deleting the files and not properly erasing them.

            And you don't even want to know the abysmal institutional and individual acts of stupidity my brother saw when he worked for crypto maintenance.

            That's why I'm none too impressed by our government agencies when it comes to security.
            Dr_Zinj
          • Too true...

            Unfortunately, public servants tend not to bother with doing things well, but rather with doing them just barely well enough.

            For an example, look here:

            http://screamingweasel.org/~bixbyru/notmyjob.jpg

            As for private industry, where there is a profit motive, things can be a little better. They're not always better, but usually they are.

            As a former Federal staffer m'self, my heart goes out to you.

            Bix
            bixbyru@...
          • Turned into DRMO

            If I read your message correctly, you blame OSI and not DRMO. I have turned in plenty of computer equipment to DRMO it just would not be possible for them to wipe everything they get.

            I can remember using the DOD authorized software we got from TobyHannah(sp?)to do a low level wipe (7 passes) on about 250 computers we then turned into DRMO. We had to attach a form to each one to verify they were wiped. We had them stacked on pallats in our storage room with a monitor on each pallet and a couple of power strips. We would boot with the wipe disk, start the wipe, unplug the keyboard and monitor and move to the next one. We probably wiped about 20-30 at a time, and let them run all day as it took so long, usually starting a batch before we left for the night. Then move the monitor cable back to verify they were done.

            Lots of work, sounds like this utility would run much faster. Did I mention the computers we were wiping were 386 and 486 with only 20-40GB drives in 2002? Gotta love army hardware.
            swattz101
          • 386?

            With a drive over a gig? Why upgrade the drive on something that oulde?

            Wow...
            bixbyru@...
          • Sandpaper and Elbow-Grease

            Ex Navy vet here.. I recall disassembling HDDs and taking sandpaper to the plattens before dispoal of the remains as a frizbee.
            CiberWulf
          • Degausse and done

            I have to say I prefer the current method required the IA unit I am working for now at Camp Lejeune. Buy the NSA approved degausser and render the drives forever inoperable. Only takes about 10 seconds per drive, though it costs a good bit more than free. Taxpayer money hard at work.
            Silverbow
        • Repeat: Boot & Nuke is inferior. Get over it.

          Inferior doesn't mean "bad." It just means, "not as good." Read Boot and Nuke's
          FAQ and it says it isn't certified. Read NIST's <a href="http://csrc.nist.gov/
          publications/nistpubs/800-88/NISTSP800-88_rev1.pdf" >Guidelines for Media
          Sanitization </a> and you'll see that the class of product that B&N belongs to is
          classified as technically inferior to Secure Erase.<br>
          <br>

          Repeat: Secure Erase has been approved at a higher security level than any
          external wipe software, including B&N, by NIST. B&N can protect against a
          keyboard attack only - which they note. Secure Erase protects against that and a
          laboratory attack.<br>
          <br>
          But your dumbest comment is that I've been paid to promote this.<br>
          <br>
          As you never noticed, Secure Erase is already built into ATA disk drives. The utility
          I point to is free and non-commercial. SE is part of the ATA standard, so while it
          isn't "open source" it certainly is "open". Nobody is making any money off SE.<br>
          <br>

          The only incentive I have to promote this is that it is, I believe, a better way for
          people who want or need to erase sensitive data to do the job.<br>
          <br>

          Why don't you come up for some air, take a deep breath, and actually read the
          B&N FAQ and the Secure Erase documentation? Then maybe you can add
          something worthwhile to this thread.

          Robin
          R Harris
          • Repeat: Boot & Nuke is inferior. Get over it.

            Thanks for the info. Great job. Applied knowledge is power. The article was informative for me.
            DBOYCE
          • Dumbest comments...

            "But your dumbest comment is that I've been paid to promote this."

            I would argue that the dumbest comments are yours. Secure Erase is not certified...especially by NIST.

            How can you certify a program that's claim to fame is telling the drive controllers firmware to "erase the drive"? Heck, MHDD can do that too.
            rob.elm@...
          • MHDD, etc.

            You are correct, MHDD does issue firmware erase commands like the CMRR program and we are all lucky that both programs are completely free! You can try to belittle both programs with your wording, but the fact is that a firmware erase command is inherently more secure than any software, including DBAN, because it is not susceptible to malware and viruses. I can see why it this issue may be confusing because the erase method is very simple in both programs--it does just involve telling the drive controllers firmware to "erase the drive", but it will always offer a higher security of erasure than the most complex software written to do the same thing.
            alper83
          • SE IS NIST certed

            NIST special pub 800-88 states that either secure erase or degaussing are the ONLY approved methods of purging an ATA hard drive. (Table A-1, page 18)

            And, yeah, I do this for a livin'.

            Jerry
            MSCIS, CFI, ISSO
            jwhoover