How to Securely Erase Files on a USB Stick or Hard Drive in Ubuntu

There are a handful of situations where securely erasing data can be useful. If you're about to sell-on a computer, or even if you're about to dispose of it, it makes sense to completely wipe the hard disk.

Simply deleting the files isn't good enough because they can still be recovered using specialized software. Instead you must overwrite the entire disk with junk data.

In addition to wiping entire storage devices, you occasionally might want to wipe a file on your existing hard disk that contains personal data so that it can’t be recovered, either deliberately or accidentally.

Ubuntu's shred can help in both situations. It simply overwrites a file (or hard disk/removable storage) over and over again with random data, so that the original data isn't recoverable (even by extremely specialized data recovery agencies, or so it's claimed by shred's creators).

Wiping/Erase storage devices

Let's say you want to securely erase the data on a USB key stick, so that it can't be recovered. You would follow these steps:

1) First you must find how Ubuntu refers to the USB stick on a technical level. To do so, insert it so that its icon appears on the desktop and then make a note of its name. Then open a terminal window and type mount and look for the line in the output what refers to the USB keystick. For example, on my test PC, the keystick's label (name) was KINGSTON, so I picked out the following line (this line has been truncated for brevity):

/dev/sdb1 on /media/KINGSTON type vfat (rw,nosuid,nodev, ...

I then made a note of /dev/sdb (note that the number at the end should be dropped; it refers to the partition on the USB key stick, and we intend to wipe the entire thing, regardless of partitions). It's very important you get this step right because there's no going back if you make a mistake! shred is irreversible.

2) After this, unmount the USB key stick by right-clicking it and selecting Unmount Volume.
3) Then, at the command-prompt, type the following:

$ sudo shred -v /dev/sdb

It's VITAL that you replace /dev/sdb with what you discovered earlier! This is one situation where typos can be disastrous.

Following this, shred will wipe the key stick. It will probably take a long time to complete, but you'll see a progress report on-screen every few seconds.

By default shread overwrites the data 25 times, but you can speed up the process by using the -n command option, which tells shred how many times to overwrite. Unless you're expecting the CIA to come and visit, a value of -n1 should be good enough for most of us (the full command then becoming sudo shred -v -n1 /dev/sdb).

When the USB key stick has been erased, you'll need to reformat it, because the format component of the disk was part of that securely erased.

Wiping/Erasing a Hard Drive

Essentially the same method as described above can be used to wipe a hard disk but this time you must use Ubuntu's live distro mode on the install CD, so that the hard disk isn't mounted.

Boot from your Ubuntu install CD on the computer whose disk you want to erase and select to Try Ubuntu from the boot menu. When the desktop appears, open a terminal window and type the following (this assumes the computer has one hard disk fitted; note that you should remove any type of removable storage device before issuing this command, such as USB key sticks):

$ sudo swapoff
$ sudo shred -v /dev/sda

Any hard disk containing any operating system (including Windows) can be wiped in this way. To wipe a floppy disk, replace /dev/sda with /dev/fd0.

Wiping files

Wiping files rather than entire disks is simply a matter of specifying the file, this time adding the -u command option. For example, let's say you wanted to destroy partypicture.jpg beyond recovery:

$ shred -v -n1 -u partypicture.jpg

Note that there is no need in this case to precede the command with sudo because the file belongs to you.

NOTE:
If you read the shred manual, you'll see a warning that when completely shredding files on journaled file systems - such as the ext3 system used by Ubuntu - some trace of the file might be left behind. However, this is only an issue for ext3 file systems that use the data=journal mode. Ubuntu uses the data=ordered mode, which allows shred to completely destroy files.

Tags: usb,hard drive,erase,wipe,shred

Related Articles