-1

I'm going to securely erase the data on a HDD so that I can donate it.

I use shred which is a specialized the tool for this puprose. So I run shred -vfz /dev/sdd1 and it does its job:

shred: /dev/sdd1: pass 1/4 (random)...
shred: /dev/sdd1: pass 1/4 (random)...652MiB/932GiB 0%
shred: /dev/sdd1: pass 1/4 (random)...1,2GiB/932GiB 0%
shred: /dev/sdd1: pass 1/4 (random)...1,8GiB/932GiB 0%
shred: /dev/sdd1: pass 1/4 (random)...2,5GiB/932GiB 0%

However it is painfully slow. After an hour or so, it still could not finish the first pass on a 1TB HDD. So I'm wondering what is the quicker way to do so without compromizing the security of data removal?

P.S. I know that it also can be done using:

dd if=/dev/urandom of=/dev/sdd1 bs=4k

But I'm wondering what will be the differnce in terms of security and speed.

Improve this question
5
  • 2
    Buy faster hdd or use a big hammer. Commented May 2, 2023 at 18:39
  • @ipor Sicer I'm going to donate the disk so neither is an option. Commented May 2, 2023 at 18:45
  • 2
    It's normal. On my 6TB HDD it would take roughly 790 minutes ( smartctl -a, extended self-test recommended polling time ). if not more since its slower writing than reading (SMR). If you need it faster, use it with encryption from day 1 and only overwrite the encryption header. As long as no one has a backup header / knows the master key, the data will be unaccessible then. Commented May 2, 2023 at 19:25
  • 1
    Also, a single write pass is enough. If you want to make extra sure, add a read/verification pass. But for that you'd have to use cryptsetup+badblocks instead of shred (or some other source of repeatable random data to allow for verification). And of course, it'll take twice as long since verifying is just as slow as writing... but this time should be worth it if you want to be really super extra sure that all data is gone. Commented May 2, 2023 at 19:46
  • 1
    A 1TB disk costs under $30 (US). Is it worth your time to securely erase and donate? Otherwise, just let the shred run overnight. Remove -z since you really do not need to zero out the disk. Commented May 2, 2023 at 20:01

1 Answer 1

Reset to default
2

Your /dev/sdd1 is only one partition on the disk. You should be considering /dev/sdd as the entire disk.

However, to address your requirement, just write zeros to the disk. Quite sufficient with modern high density recording:

pv /dev/zero >/dev/sdd

Use cat if you don't have pv. (Your dd will be way too inefficient with only a 4KB block size - you should be considering one around 32MB, if not more.)

Improve this answer
2
  • Just wondering if writing one set of zeros is secure enough, why shred uses 3 times and writes random bytes? Commented May 9, 2023 at 19:01
  • 1
    Are you looking to protect your data from a State Actor? If so then you might need shred. For the rest of us zeroes are perfectly acceptable Commented May 9, 2023 at 19:31

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.