How to Erase Your Hard Drive - Going Nuclear?
How important is it to completely erase ALL personal data from a hard drive before disposing of it? Savvy users understand that deleting a file doesn't really make it go away. And even formatting a hard drive doesn't guarantee that your files are unreadable. So how can you be certain that every bit of your data is gone before selling, donating or disposing of your hard drive? Here's some good news on that front… |
When You Really Need to Wipe a Hard Drive...
Years ago I read a story about a paranoid man who had rigged up a system to destroy his hard drive in the event that the "men with dark sunglasses" came knocking on his door. He had a kill switch that would turn on a powerful magnet, which he hoped would wipe the drive clean. I've wrriten previously about the difficulties of doing the job right. But now securely wiping a hard drive, or even a stubbornly data-persistent Solid State Drive (SSD), is easier than ever.
Did you know that the “delete” command doesn’t really delete the target data? It only deletes the location of that data from the hard drive’s index of files. Think of it as removing an entry from a library card catalog. The book is still there, but the “pointer” to its location on the shelf is gone, making it harder to find.
After a “deletion,” the hard drive will re-use that file’s space as if it was empty. But until data has been overwritten many times, it can still be recovered by a determined person. Military-grade standards call for overwriting each disk sector at least nine times before data stored in it can be considered truly “unrecoverable.” That can take a long time, even on a relatively small 500 GB hard drive!
There is a solution, and you probably already have it. The firmware of nearly every hard drive built since 2001 contains a “Secure Erase” command so effective that NIST (the U.S. National Institute of Standards and Technology) rates it as good as degaussing a hard drive - that is, using a powerful magnet to completely scramble the bits stored on a drive. So why haven’t we been using “Secure Erase” for all these years?
Most BIOS developers disable the “Secure Erase” feature because they think consumers won’t use it wisely. Indeed, “SE,” as it’s called, is a “nuclear option.” It wipes data, and no amount of panicked, tearful phone calls to tech support or data recovery specialists will get it back. It even wipes data stored in bad disk blocks, something other disk-wiping utilities can’t do. When Secure Erase finishes its job, your hard drive will be, as they say in Latin, “tabula rasa.” In English, that means clean slate, squeaky clean, empty of all data, and ready to be used again.
Unlock the Power
A freeware utility called HDDErase 4.0 unlocks the power of the Secure Erase feature in nearly every standard magnetic hard drive built since 2001. You can download it from the UC-San Diego’s Center for Memory and Recording Research, but note that no tech support is available and you use it at your own risk. Because it runs from a bootable disk, HDDErase can erase any operating system, using the drive's own built-in sanitizer. Tim Fisher’s April 2021 review of HDDErase provides a little more insight into this powerful command-line utility.
The documentation for the program does not mention SSDs at all. But I've read in various places that HDDErase will work on SSDs (solid state drives) in addition to traditional spinning magnetic hard drives.
There is one important caveat, though, according to SSD manufacturer Kingston Technology. HDDErase can only be run on hard drives that are directly attached to a SATA or IDE port, and not through a USB bridge or enclosure. Put more simply, HDDErase will ONLY work on internal drive, and WILL NOT work on external hard drives.
Other Hard Disk Wipe Options
I’ve mentioned Darik's Boot and Nuke (DBAN) in the past as one way to erase a hard drive. DBAN does a good job of erasing all accessible data on a drive, but it cannot access data that is no longer accessible through software, such as bad blocks, and It cannot detect or erase SSDs.
Another method of rendering a drive forever unreadable is known as “Encrypt, Reformat, Encrypt Again.” Unlike other options, this WILL work on SSDs or an external drive. First, encrypt your entire hard drive; Users running Windows 10 or 11 Pro can use the built-in Bitlocker utility, if their PCs include a Trusted Platform Module (TPM) chip. Another alternative for encryption is the free VeraCrypt software, which works on Windows, Mac OS X and Linux computers.
Encrypting a working drive that contains lots of data may take many hours, but you’ll be able to work on other things while encryption proceeds in background. Once your drive is encrypted, do a FULL reformat of it. A “quick” format only wipes the index of files mentioned above, leading the drive to treat the whole disk as empty space. A full format overwrites all data.
Next, encrypt the reformatted drive AGAIN before adding any data to it. This won’t take long, because there is very little data to be encrypted. Now what do we have?
The re-encrypted, re-formatted drive has a security key that is required to decrypt data stored on the drive; the key is stored on the drive itself for Bitlocker to access on the fly. The security key of the first encryption has been overwritten during reformatting and encrypted by the second encryption. Even if a hacker recovers the second encryption key, he can’t recover the first one that might give him access to your old data. Now your drive is truly wiped and unrecoverable!
One more thing to consider is that some office photo copiers have a hard drive inside, which stores copies of the documents that pass through the machine. Consider what private or confidential information might be stored there, when disposing of a copier, or returning a leased machine.
Shake and Bake? Or the Total Annihilation Method
I've been told that placing a hard drive in the microwave, or in an oven at 400 degrees for an hour would melt the coating on the disk platters, making the data unreadable. I would not advise that, or using any type of torch, as toxic fumes would likely be released. Muriatic acid can destroy the surface of platters, too, but you run the risk of burning yourself and inhaling damaging fumes. YouTube can provide examples of torches, guns and explosives being used to destroy a hard drive. I've not tried any of these methods, and you shouldn't either.
It's good clean fun to use a drill press or 16-pound sledge hammer on an unwanted hard drive (with the appropriate safety equipment). But if you lack those tools, a commercial hard drive shredding service will do the job. Ameri-Shred is one company that offers the service, and you can see their machinery in action in the video above. You may even be lucky enough to have a free hard drive shredding event in your area.
Your thoughts on this topic are welcome. Post your comment or question below…
This article was posted by Bob Rankin on 30 May 2023
For Fun: Buy Bob a Snickers. |
Prev Article: Rubber Bands, Duct Tape, and Hives - Your Guide to the Windows Registry |
The Top Twenty |
Next Article: Forgot Your Windows 10 or 11 Password? Here's the Solution |
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin Subscribe to AskBobRankin Updates: Free Newsletter Copyright © 2005 - Bob Rankin - All Rights Reserved About Us Privacy Policy RSS/XML |
Article information: AskBobRankin -- How to Erase Your Hard Drive - Going Nuclear? (Posted: 30 May 2023)
Source: https://askbobrankin.com/how_to_erase_your_hard_drive_going_nuclear.html
Copyright © 2005 - Bob Rankin - All Rights Reserved
Most recent comments on "How to Erase Your Hard Drive - Going Nuclear?"
Posted by:
hifi5000
30 May 2023
Yes, do not just format a hard drive as that procedure does not erase files.I use Darik's Boot N Nuke (DBAN) to great success on the old-style hard drives.This includes all 2.5 and 3,5 inch drives.Good luck!
Posted by:
Renaud OLGIATI
30 May 2023
Some years back I was put in charge of a number of PCs left behind when the French Embassy closed, and given to the Alliance Française educational body.
All but one of the hard disks had been wiped clean of possibly sensitive information by French security specialists sent by our Ministry of Foreign Insults.
I dealt with the one they missed as follows:
1 - 25 passes of "shred" (from the GNU Core Utilities) called by "shred -fvzn 25 /dev/sda" which overwrote the whole disk, 25 times, with random data, followed by a las over-writing with zeros.
2 - 35 passes of the Gutmann algotithm (PRNG: Mersenne Twister).
3 - 12 passes of the DoD 5220.22-M algorithm of the US National Industrial Security Program.
This was done, over three consecutive nights, with the progs running all night.
The method used was reported to our masters in Paris, who replied it was sufficient, no need to degauss the HD, or physically destroy it; which is good as we were planning to re-use it...
Posted by:
Eric
30 May 2023
Disassemble drive, remove disks, scratch disks surfaces radially several times. Will that work? It only takes a few minutes per drive.
Posted by:
Steve
30 May 2023
But what to do when you want to sell the PC but don’t wish to delete the Windows OS ? Is there a secure way to delete the personal data as on an iPad to just reset the system ?
Posted by:
Ernest N. Wilcox Jr.
30 May 2023
Steve,
Use Bob's method of encrypt - reformat (full format) - encrypt, then re-format (quick-format's O.K. this time) the drive again and install Windows. You will need the product key that came with the computer and a copy of the Windows installer for the Windows version you will install. If the computer had Windows 10 home, you will have to install Windows 10 home. If it's the pro version, install pro, etc.
I hope this helps,
Ernie
Posted by:
Bill Ferguson
30 May 2023
Forget all the fancy programs.
Simply remove the HDD or SSD from your computer, put on a pair of safety glasses, go out to the back yard and place your drive on a large rock.
Now take that LARGE hammer you brought with you and flush your system of all those years of pent up Windows' frustrations by pounding the drive into oblivion.
Feels good and job done - securely!
Posted by:
Frank
31 May 2023
I have always done as Bob suggested in the last section.. I have disassembled the drive and taken each platter and drilled a few holes in them.
They make great wind chimes and are good for scaring birds out of your garden!
Posted by:
BillP
01 Jun 2023
To Steve and Ernie: After the drive is wiped, download Windows from Microsoft, and install it. It will automatically activate, once the computer is connected to the internet. I've done that many times with donated computers at a shelter.
HDDErase was good in the past, but I've had several drives recently where it worked for hours and reported success but *all* the data was still there, pristine and untouched. My erase method after that was to delete all partitions, format the drive, and install windows fresh since I don't need military-grade security. But now, I'm going to try Bob's method.
Posted by:
BAW30s
28 Jun 2023
Agreed that deleting files or formatting a drive may leave the underlying data intact and recoverable, but I fail to see any reason for doing any more to remove sensitive data than use a utility to overwrite the relevant files, or a full (not quick) format to clear a drive. In the early days of hard drives, forensic experts with suitable technology could recover some data from traces left behind at the sides of written tracks. In more recent times drives have been so densely packed with data that this is well-nigh impossible - and who would even try with a drive from a domestic computer?
There is no need to destroy the drive physically: what a barbarous thing to do to such a delicate device!
Posted by:
Howard
07 Jul 2023
On the contrary Bob. As a big fan of guns and binary explosives, I can tell you from personal experience that blasting a hard drive to smithereens with a 12 gauge shotgun or vaporizing it with a 2 pound can of Tannerite is great fun!! Try it some time....