Skip to main content

Dumb but effective: overwrite data (HDD's and some SSD's)

For Spinning disk drives, and SSD's that don't support secure erase/sanitize commands, the only other option is to manually overwrite all the data on the drive.

Why this is the least secure method of erasure:

HDD's and SSD's self-manage bad sectors/blocks. When a bad sector/block is detected, the data is copied to a new location, and the bad memory is left as-is and marked to be skipped. The OS cannot see or write to these sectors/blocks, so sensitive data left in them will remain even after overwrites.

Windows:

Use the built-in format command to erase drives. This takes a while and has NO FEEDBACK, so it's a "let it run until it's done" thing. This only works on drives that are NOT the boot drive. Steps:

  1. Using the disk manager, "quick format" the drive to have one single partition that spans the ENTIRE drive (with no space before or after the partition) and assign a drive letter and name (ex, drive K:)
  2. In a cmd window, run the command format k: /X /P:1 [format drive k:, unmount before formatting, zero all sectors, then 1 pass of pseudorandom data]
Linux
  1. Using gparted or another GUI/CLI partition manager, "quick format" the drive by deleting the partition table and creating a new one with no encryption. This step is optional, but is an additional step to ensure that any encrypted LVM headers are at least zeroed out. note the drive name, eg /dev/sdX or /dev/nvmeX
  2. run the command dd if=\dev\urandom of=\dev\nvmeX bs=4M
Physical Destruction:

Drives that are being recycled or otherwise disposed of should be physically destroyed. After overwriting the data as described in the other sections here, dissassemble the drives and destroy them mechanically:

For HDD's, smash the platters with a hammer.

For SSD's, destroy the memory chips/circuit board, either a hammer or blender (not used for food) is recommended.