There are many reasons why you might need to securely erase your hard drive. If you are selling or recycling your computer or upgrading your hard drive, you don’t want your hard drive data getting into the wrong hands. Chances are that you have personal information on your hard drive that identity thieves and fraudsters would love to see. Here are some suggestions for how to securely erase the data from your hard drive.
SECURELY ERASING A MAC HARD DRIVE
First, boot your Mac from a volume other than the one you intend to erase. One common way to do this is to install a Mac operating system on an external hard drive or thumb drive. Read this article for easy step-by-step instructions on how to do that.
Next, run Apple’s Disk Utility application which comes with every Mac operating system. Select the hard drive you’d like to erase and press the “Erase” button.
From there, you can optionally click the “Security Options…” button to choose from one of several erasure methods:
- Option 1 (Fastest): This option does not securely erase the files on the disk. A disk recovery application may be able to recover the files.
- Option 2: This option writes a pass of random data and then a single pass of zeros over the entire disk. It erases the information used to access your files and writes over the data 2 times.
- Option 3: This option is a DOE-compliant 3-pass secure erase. It writes two passes of random data followed by a single pass of known data over the entire disk. It erases the information used to access your files and writes over the data 3 times.
- Option 4 (Most Secure): This option meets the US Department off Defense (DOD) 5220.22-M standard for securely erasing magnetic media. It erases the information used to access your files and writes over the data 7 times.
The best option for you depends on how critically important it is to wipe your data and how much time you are willing to spend erasing the data. Depending on the speed and capacity of your hard drive, it could take several days to erase your hard drive using the most secure method. There are also other commercial applications that you can purchase, and some of the offer a 35-pass overwrite option.
SECURELY ERASING A WINDOWS HARD DRIVE
Similar to a Mac, you need to boot into a Windows volume other than the one you want to erase. Read this article (https://www.pcmag.com/how-to/how-to-run-windows-10-from-a-usb-drive) for instructions on how to run Windows from a USB drive.
Next, decide which application you’ll use to securely erase your hard drive. I know of two free options: Disk Wipe (https://www.diskwipe.org) and Darik’s Boot and Nuke (DBAN; https://dban.org). DBAN offers several wipe methods:
- Quick Erase: fills the disk with zeros
- RCMP TSSIT OPS-II: 8-pass write of random 0s and 1s
- DoD Short: 1 pass with all 0s, 1 pass with all 1s, and 1 pass with random 0s and 1s (3 passes total)
- DoD 5220.22-M: 7-pass version of DoD Short
- Gutmann Wipe: 35-pass wipe described here
- PRNG Stream: overwrite with a stream from the Pseudo Random Number Generator, with as many passes as you specify
ADDITIONAL CONSIDERATIONS
Do not attempt to wipe a solid state drive (SSD). Not only would it add to the wear and tear of your SSD, it is also not possible to securely erase a SSD because of the way SSDs work. Namely, many SSDs use a technology called wear leveling to prevent any given part of the drive from being overwritten too many times.
One alternative to secure erasure would be to simply encrypt the hard drive. Maybe I’ll discuss this topic in a future post.
Another alternative to secure erasure is to physically destroy the hard drive, making sure to incapacitate the platters inside the drive. While a hammer would probably suffice, I’m sure you can find ways to get creative with other tools, weapons, firearms, artillery, explosives, etc. Just keep it legal, OK?
No comments:
Post a Comment