Ever sell a used computer, or perhaps a used hard drive? Did you think about what kind of sensitive information was left behind? Think that quick format really deletes everything on the drive? Given a dedicated enough miscreant, it’s possible to recover all sorts of potentially harmful information from the platters, even after a format.

There are a lot of companies trying to foist “secure delete” and “secure format” utilities on the unsuspecting public. Sure, they probably work… but why pay? Here’s where a Knoppix live CD/DVD can be put to great use. How? It includes the wipe utility, used for securely erasing files from magnetic media.

Recovery of supposedly erased data from magnetic media is easier than what many people would like to believe. A technique called Magnetic Force Microscopy (MFM) allows any moderately funded opponent to recover the last two or three layers of data written to disk; wipe repeatedly overwrites special patterns to the files to be destroyed, using the fsync() call and/or the O_SYNC bit to force disk access. In normal mode, 34 patterns are used (of which 8 are random). These patterns were recommended in “Secure Deletion of Data from Magnetic and Solid-State Memory” by Peter Gutmann. A quick mode allows you to use only 4 passes with random patterns, which is of course much less secure, but is (relatively) fast.

Boot from the live CD – text mode runlevel 2 is fine, and will be faster – and use the included wipe utility to clean up those partitions:

wipe –kq /dev/hda1

As always, be absolutely certain the partition you specify is indeed the one you intent to completely wipe. Then, find something to do for the day. Seriously, this takes a while.

If you could care less about wiping a single partition or drive, and want to just securely erase everything on every drive in the machine, just download Darik’s Boot and Nuke (DBAN) – it’s a boot disk that automatically wipes everything on your system.