Erasing disks securely
By Stefan Hinker-Oracle on Jun 08, 2011
Actually, both the question and the answer are old and well known. However, these things tend to be forgotten and pop up as questions from time to time. Hence a little reminder for all of us:
Solaris makes it easy to erase a disk so that all the data can't be restored, even with sophisticated methods. There is a subcommand "analyze/purge" in the command format(1M) that does it all for you. It will overwrite the selected area of your disk (usually s2) a total of four times with different patterns to achieve this. Of course, depending on the size of the disk, this might take a while. But it's secure enough to comply with Department Of Defence(DOD) wipe disk standard 5220.22-M. Note however that as of June 28, 2007, overwriting in general is no longer accepted as a method to securely erase data. Here is a link to the relevant DSS publication.
Some more details are here:
- manpage of format(1M)
- Detailed description of the procedure
- Wikipedia article about theoretical background and limitations
- The link to the original DoD standard doesn't work anymore and has been replaced by a link to Wikipedia.
- Here's an additional link to a more recent NIST publication.
- Note that with modern drives, destroying data with OS or application level tools will not satisfy higher security requirements. The sector management of these drives might make defective sectors with sensitive data unavailable to such tools - but not to more intrusive methods of active data recovery. If you want to protect against those, physical destruction is your only reliable option.
This is my final comment on this matter:
- If you are worried about the data on storage devices you no longer use, physical destruction of those devices is the only truly secure option.
- Encrypt your data right from the start to avoid this issue. Encryption is easily and in many cases freely available. If you don't care enough about your data to encrypt it, you are unlikely to worry about data on decommissioned storage devices.
- If you are worried enough not to trust encryption, no erasing technique will be good enough to satisfy your requirements. And the cost of physically destroying those devices will not matter to you.