# Need a secure wipe on an HDD before selling, ideas?



## satindemon4u (Jul 27, 2017)

Hello all. I have a 4TB IronWolf NAS drive that I am going to more than likely sell. However, before doing so I want to make sure that it is secure and everything is actually wiped and can't be recovered.

Is there a way to do this or is my best bet to just keep the drive or have it shredded? If I can securely wipe it, recommendations of programs to do the job?

Sorry for the possible dumb question, never wanted to a truly secure wipe before!


----------



## Boatvan (Jul 27, 2017)

I am a Darik's boot and Nuke (DBAN) fan. You have many options on passes/methods.

https://sourceforge.net/projects/dban/

EDIT: For 4TB, get ready for the long haul. Wiping a drive that big securely will take days though


----------



## satindemon4u (Jul 27, 2017)

Boatvan said:


> I am a Darik's boot and Nuke (DBAN) fan. You have many options on passes/methods.
> 
> https://sourceforge.net/projects/dban/
> 
> EDIT: For 4TB, get ready for the long haul. Wiping a drive that big securely will take days though



Thanks for the warning, I guess I am in it for the long haul then xD


----------



## DRDNA (Jul 27, 2017)

satindemon4u said:


> Hello all. I have a 4TB IronWolf NAS drive that I am going to more than likely sell. However, before doing so I want to make sure that it is secure and everything is actually wiped and can't be recovered.
> 
> Is there a way to do this or is my best bet to just keep the drive or have it shredded? If I can securely wipe it, recommendations of programs to do the job?
> 
> Sorry for the possible dumb question, never wanted to a truly secure wipe before!


*CCleaner *has an option in its tools for Drive wipe, 7 passes should be good then a high level format (the long format) then run Recuva and see if you can get anything....should be good to go!

*https://www.piriform.com/CCLEANER*


----------



## Boatvan (Jul 27, 2017)

satindemon4u said:


> Thanks for the warning, I guess I am in it for the long haul then xD


Luckily, you can walk away once it is started. I'd recommend the Department of Defense 3 pass method. It's good enough for the DoD, it's good enough for me. Though the Gutmann is for the super paranoid (35 passes!). The validity of that method is in question though.


----------



## Jetster (Jul 27, 2017)

The easiest software but it takes awhile, I've tried most of them 

http://www.fileshredder.org/


----------



## satindemon4u (Jul 27, 2017)

So many options! I figured there were a ton out there but the problem came down to sifting through them.


----------



## Boatvan (Jul 27, 2017)

satindemon4u said:


> So many options! I figured there were a ton out there but the problem came down to sifting through them.


Yep. The choice is yours. DBAN isn't the most user friendly, but it is effective. CCleaner is a good product as well. I'm sure file shredder is too.


----------



## satindemon4u (Jul 27, 2017)

Boatvan said:


> Yep. The choice is yours. DBAN isn't the most user friendly, but it is effective. CCleaner is a good product as well. I'm sure file shredder is too.



What's crazy is that I have been using CCleaner for years for the typical cleaning features but never realized it had a wiping method in there.


----------



## Boatvan (Jul 27, 2017)

satindemon4u said:


> What's crazy is that I have been using CCleaner for years for the typical cleaning features but never realized it had a wiping method in there.


Lol I've also used it for years but have never used the drive wipe feature. Just uninstaller, cleaner, and registry cleaner!


----------



## jboydgolfer (Jul 27, 2017)

satindemon4u said:


> I have a 4TB IronWolf NAS drive that I am going to more than likely sell. However, before doing so I want to make sure that it is secure and everything is actually wiped and can't be recovered



if thats a seagate drive try this (it'll likely work even if it isnt)
_*Seagate Discwizard*_


----------



## Ahhzz (Jul 27, 2017)

Boatvan said:


> I am a Darik's boot and Nuke (DBAN) fan. You have many options on passes/methods.
> 
> https://sourceforge.net/projects/dban/
> 
> EDIT: For 4TB, get ready for the long haul. Wiping a drive that big securely will take days though


I'm a +1 on DBaN. excellent software, set how many and what type passes, and check back in a few days


----------



## Solaris17 (Jul 27, 2017)

dban


----------



## satindemon4u (Jul 27, 2017)

Hmmm. Dban sounds simple enough...


----------



## thebluebumblebee (Jul 27, 2017)

jboydgolfer said:


> if thats a seagate drive try this (it'll likely work even if it isnt)
> _*Seagate Discwizard*_


It is a Seagate drive and I like the idea of using the manufacturer's own software for this job, even though it is from Acronis.  Page 67 in their user manual.  Also, if I understand dBan correctly, it will completely tie up the computer it's running on while the Seagate utility can work in the background?????


----------



## Boatvan (Jul 27, 2017)

thebluebumblebee said:


> It is a Seagate drive and I like the idea of using the manufacturer's own software for this job, even though it is from Acronis.  Page 67 in their user manual.  Also, if I understand dBan correctly, it will completely tie up the computer it's running on while the Seagate utility can work in the background?????


DBAN will indeed tie up a PC. It works in pre-boot environment. I'd still recommend this if you are looking at a security perspective. I can't attest to the other software's methods, but DBAN is widely accepted as secure.


----------



## Jetster (Jul 27, 2017)

Boatvan said:


> DBAN will indeed tie up a PC. It works in pre-boot environment. I'd still recommend this if you are looking at a security perspective. I can't attest to the other software's methods, but DBAN is widely accepted as secure.



That's why I like File shredder. You can use the PC while its working on a drive


----------



## Jetster (Jul 27, 2017)

Here's another that Drone recommended awhile back. Never used it but looks good 

https://sourceforge.net/projects/bitkiller/


----------



## Drone (Jul 27, 2017)

^ I forgot about that one!

Eraser  can do that too.

Killdisk has a lot of algorithms. (Freeware version has One Pass Zeros erase method only)


And here's a list of free shredders (July 2017)


----------



## Dbiggs9 (Jul 27, 2017)

Use a cloth like HRC worked for her


----------



## exodusprime1337 (Jul 27, 2017)

One pass writing zero using ccleaner or another tool like dd if familiar with linux is more than enough.  No need to wipe a drive for hours. Nobody has ever recovered data from a drive writing one pass with zero i believe.


----------



## satindemon4u (Jul 27, 2017)

Thanks everyone. I probably wont end up using Dban after all since I would definitely like to use my PC during this process. If I had another PC to use, it would be another story.


----------



## DRDNA (Jul 27, 2017)

satindemon4u said:


> Thanks everyone. I probably wont end up using Dban after all since I would definitely like to use my PC during this process. If I had another PC to use, it would be another story.


So its CCleaner to the rescue then. Its all good they all do what they should for the most part. At least check with Recuva (its free too)afterwords to be sure it meets that approval (even if thats not saying much)


----------



## satindemon4u (Jul 27, 2017)

DRDNA said:


> So its CCleaner to the rescue then. Its all good they all do what they should for the most part. At least check with Recuva (its free too)afterwords to be sure it meets that approval (even if thats not saying much)



Will do! Is it worth it two run ccleaner on it 2 or 3 times instead of just one? I know it was mentioned above that one would do the job but I can't see it hurting...


----------



## DRDNA (Jul 27, 2017)

satindemon4u said:


> Will do! Is it worth it two run ccleaner on it 2 or 3 times instead of just one? I know it was mentioned above that one would do the job but I can't see it hurting...


People will have many opinions on this but if your selling it I would run 7 passes and a slow format then sell it but thats me. I do many different things in the IT field and one of them for years was Virus control security and I had a fellow Tech. that worked with me who use to buy hard drives from Ebay just to see what he could re-retrieve just for fun. Just saying.... Oh and he was very successful at re-retrieving.

EDIT If there is nothing personal and nothing that really needs to be hidden for ever then 1-3 is fine.


----------



## xorbe (Jul 27, 2017)

Just boot any linux, and "dd if=/dev/zero of=/dev/sd[...] bs=1M" if you need to super secure wipe [multiple pass with random data] because someone is going to disassemble the drive and analyze residual write strength, you probably have other problems already ...


----------



## FordGT90Concept (Jul 27, 2017)

I never let a HDD leave my poession without getting DoD 5220.22-M erased.  Unless it doesn't work, then it gets disassembled and mutilated.  Can't be too safe with data these days.

And yeah, 4TB will take days to erase.


----------



## DRDNA (Jul 28, 2017)

FordGT90Concept said:


> I never let a HDD leave my poession without getting DoD 5220.22-M erased.  Unless it doesn't work, then it gets disassembled and mutilated.  Can't be too safe with data these days.
> 
> And yeah, 4TB will take days to erase.


yes Sir  https://www.lifewire.com/dod-5220-22-m-2625856


----------



## FordGT90Concept (Jul 28, 2017)

I do 100% verification on top of that to make sure nothing is left.  If verification fails, I may give it one more chance or else to the shredder it goes.


----------



## Jetster (Jul 28, 2017)

That's allot of work. Might just as well use them until they reach end of life and destroy it


----------



## FordGT90Concept (Jul 28, 2017)

Not really.  I drop the drive in a eSATA hot swap dock, load up Kill disk, select the drive and erase it.  I usually do it in my server because it's running 24/7 anyway.  Have to be super-duper careful not to select the wrong drive though. The actual erase takes a lot longer than getting it going.

I probably have half a dozen drives here (all erased) that out lived their service life (capacity too low).


----------



## OneMoar (Jul 29, 2017)

the fastest most secure way is to encrypt the drive with light weight encryption something like blowfish
then 'loose' the key(I advise using a password gen set at maxium with no less then 18chars) and delete the partitions
any attempts are data recovery will result in bunch of encrypted garbage assuming you could even reconstruct the data enough to get a block of read-able information out of it 

if you are super duber paranoid you could follow that with a dban pass there is no kill like over kill


----------



## FordGT90Concept (Jul 29, 2017)

Pretty sure that doesn't do anything to abandoned data on the platter(s).  It's that data that poses the most threat.


----------



## OneMoar (Jul 29, 2017)

*VeraCrypt Volume Format Specification*
The format of file-hosted volumes is identical to the format of partition/device-hosted volumes (however, the "volume header", or key data, for a system partition/drive is stored in the last 512 bytes of the first logical drive track). VeraCrypt volumes have no "signature" or ID strings. Until decrypted, they appear to consist solely of random data.
Free space on each VeraCrypt volume is filled with random data when the volume is created.* The random data is generated as follows: Right before VeraCrypt volume formatting begins, a temporary encryption key and a temporary secondary key (XTS mode) are generated by the random number generator (see the section Random Number Generator). The encryption algorithm that the user selected is initialized with the temporary keys. The encryption algorithm is then used to encrypt plaintext blocks consisting of random bytes generated by the random number generator. The encryption algorithm operates in XTS mode (see the section Hidden Volume). The resulting ciphertext blocks are used to fill (overwrite) the free space on the volume. The temporary keys are stored in RAM and are erased after formatting finishes.


----------



## FordGT90Concept (Jul 29, 2017)

Sure, some encryption software will do the whole drive but most only do it as new data is created/modified.  Unless you fill the drive completely, there is the potential that old data may be layered on the unused space.

You're far better off just destroying the data (e.g. DoD 5220.22-M).  It's far more effective at changing the magnetism of the platters and also has minimal CPU load and RAM load while doing it.  On top of that, it requires zero header (includes partitions and MBR/GPT) data on the drive.  The entire drive is sanitized--no bit left unmodified at least twice. Software recovery is impossible if the erase is 100% verified.


----------



## satindemon4u (Jul 30, 2017)

Well in any case, I have started wiping it with CCleaner. I am starting with 1 pass to see what that gets me. After it's done I will start up Recuva and see what it finds. As far as time goes, not too bad for 4TB.


----------



## Athlonite (Jul 30, 2017)

FordGT90Concept said:


> Not really.  I drop the drive in a eSATA hot swap dock, load up Kill disk, select the drive and erase it.  I usually do it in my server because it's running 24/7 anyway.  Have to be super-duper careful not to select the wrong drive though. The actual erase takes a lot longer than getting it going.
> 
> I probably have half a dozen drives here (all erased) that out lived their service life (capacity too low).



the platters make nice coasters

I usually just 2048 bit full encrypt the drive drive remove the partition remake partition and full format job done recuvva finds nothing or just gobbledygook and unless you have the resources of the NSA good luck in making head nor tails of it  or I just pull it to bits and turn the platters into coasters


----------



## FordGT90Concept (Jul 30, 2017)

They have really, really sharp edges so unless you grind those smooth, I wouldn't recommend it.  Also, because they're a polished surface, they show *everything*, especially fingerprints.


----------



## Ahhzz (Jul 30, 2017)

FordGT90Concept said:


> They have really, really sharp edges so unless you grind those smooth, I wouldn't recommend it.  Also, because they're a polished surface, they show *everything*, especially fingerprints.


  I have a couple dozen on my desk at work, and have dismantled many times that many... never found one with sharp edges... they're all really polished and smooth...


----------



## FordGT90Concept (Jul 30, 2017)

I have, they're razor sharp.  Probably depends on manufacturer.  Maybe even model.  I think the last one I recall being sharp was a Hitachi, I think about 250 GB.


----------



## Athlonite (Jul 30, 2017)

I have one from 80GB to 2TB HDD's from Hitachi, Seagate, Western Digital and Samsung they all have smooth edges not sharp and yeah they're polished to mirror finish and to keep them that way try a little clear polyurethane works  wonders


----------



## xorbe (Jul 30, 2017)

Fresh platters are fun, they are so smooth and perfectly flat, you can press them together and they stick pretty well.


----------



## therealmeep (Jul 30, 2017)

Athlonite said:


> the platters make nice coasters
> 
> I usually just 2048 bit full encrypt the drive drive remove the partition remake partition and full format job done recuvva finds nothing or just gobbledygook and unless you have the resources of the NSA good luck in making head nor tails of it  or I just pull it to bits and turn the platters into coasters


When my drives outlive usefulness I love a couple of passes with my degaussing coil.
Besides that I like a couple of dban passes. (No real important stuff to nuke)


----------

