How to properly erase any hard drive - FREE TOOLS

people that say you can recover data from shredded drives have never seen it done. its powder, the biggest pieces are maybe rock salt. how tf are you going to re-build a drive from powder??? and at my site, we dump them in a bin with 100 other shredded drives. how are you going to distinguish your powder from their powder and put humpty dumpty back together

ericturner

The recovering data from a shredded HD started when someone (FBI?) took a cut up a 5.25 inch floppy drive and pieced it together and read the data off. It was then assumed that you could do the same thing with a HD platter. But you can't.

jimstand

To feel comfortable with the destruction of my data, I toss my old hard drives in a volcano.

karlhungus

hi great video..would AOMEI Partition Assistant work? Also I noticed you clicked on erase disk but there is also a wipe disk option. To completly wipe would you need to use the wipe disk option or will just the erase otion be good enough?

gavinlangford

You sound like you know what you are talking about. Subscribed.

Mark-icij

Very good video. Thank you very much. I have a question about uninstalling software. What are your thoughts on IObit Uninstaller? are there better options out there? Thanks a lot!

aydinj

Dban is "good enough" for most but remember a few things. It does NOT guarantee a complete wipe. Wiping fully 2x is sufficient for total destruction with a few exceptions. Wiping 32 x is a waste of time and this was an idea that came about because older hard drives "MFM" and "RLL" would vary their writing depth based on the frequency of the drive. This could change for several reasons causing the write to go "deeper" in the media and thus more writes could be required to remove the data or not at all in most cases. Guttman is a myth beyond this. The need for this many writes is not true with modern drives, as the way data is stored, and the relation to the depth of the write is no longer dependant on the frequency of the drives write head. However loud noises can cause data to be mis-written due to the vibration of the sound and this is important but I digress. More to the point is that 32x (or whatever) is useless. On MBR disks typically a "quick format" only writes bytes 447 to 512 on the media which destroys the table of "file" pointers to the data and actually leaves the data in tact. When creating a partition the first 0 to 446 bytes *(see note) are written (or overwritten) and this creates/destroys the old data stored there but only there. Both instances of these operations destroy the database(s) stored there but leave bytes 513 to the end of the disk in tact and can be recovered later with a skilled hand. Note this is a little different with the GPT tables but basically the same effect. Only a Full Format will destroy the data and 2 full formats just to be safe. Format with Random data in case you missed anything (*caused by a loud noise hence the 2x formating) which would stand out from the rest of the Zero's you just wrote to the drive. This way any data missed due to _error_ looks like the rest of the noise you wrote randomly.

*Note: This is a "quick" overview of this topic for the purposes of debunking the "Dban" utility as the final solution to data destruction, and is not meant to be exact in the description of other related bytes written to the disk during the formatting of the drive. So don't shoot the messenger.

The exceptions are: Bad sectors "G" list, Bad Sectors "P" list, Wear Leveling:

G list:
Bad sectors can happen at any time from the life of the drive to the death and all drive have 2 tables. This is important because Dban is useless in this case. Dban does not have a function in which it performs any kind of checking to be aware of the bad sector table and does not perform any data recovery and wiping. The Bad sectors are managed by the drives firmware and completely hidden from Dban thus if you have a fragment of a image you shouldn't let's say, and you Dban the drive in which _error_ correction was performed at ANY time by the SMART service on the drive, this sector could have been remapped, marked as bad and left fragments of the image on the sector. Ie. One byte of a 512 byte sector is bad so smart "relocates" or copies this data (or as much as it can read) to a new good sector, but because it can't write, it marks this sector as bad, updates the Bad Sector table, and goes about the day and you never see a thing. Note the rest of the 511 bytes are still there. Dban will skip these sectors. This specific list of Bad Sectors is grown while in use and is specifically known as the "Grown List" or G list.

P list:
There is another set of bad sector tables known as the "Permanent List" and this is the list the drive is mapped with from the factory and can never be changed as it is hard coded to the firmware. This list is created at manufacturer time and because no drive is perfect in manufacturing thus mapping the default bad sectors is necessary to allow the drive to pass testing and be ready to function before it is released to the distributor as a working drive.

Wear Leveling:
On ALL digital media there are limitation as to how many times you can write to the same spot before it burns out. This is because apparently when storing data on an SSD of Flash media of any kind it involves pushing an electron through a "substrate" and lodging it there, which is read later as having or not having a charge (short version). This process leaves a residue behind. The residue will accumulate causing a buildup and eventually be unable to push an electron through and thus a "bad" sector will happen. To prevent this there is e technology called "Wear Leveling". Wear leveling is a small piece of software which will randomly move the disk writes to to another location instead and update the File pointer table or File Allocation Table (FAT). The FAT is a database located at the first 447 to 512 bytes of the storage media which contains the name of the file and where the data associated with the filename is. Magnetic media does not use wear leveling because it can be written to indefinitely as long as there are no defects on the physical media and as explained before is uses the SMART software to update the "G" list if there is a problem. Wear leveling protects the longevity of writes to the drive in this fashion but never actually overwrites any data until all other available sectors are used and it must again (assuming the space is now empty) reuse the same spot. Rinse and repeat.

Conclusion:
To get around ALL of the problem associated with bad sector tables the only solution for total data destruction is not Dban, it is Full Disk Encryption deployed before you ever do ANYTHING else on the media. Full disk encryption is the ONLY way to secure your data from the life to the death of the device. Be careful that you select a sufficiently long password as you don't want a brute force attack to uncover your precious cat videos, and remember that if your disk is decrypted the record you have of "deleted" or "trashcan" files would then be recoverable. Wiping your "recycle bin" on an already Full Disk Encrypted device is a waste of time unless you are expecting to have you password breached, and don't want your deleted file recovered and that's just crazy talk. Don't be careless, use a good password when full disk encrypting and I recommend combining a security token such as RSA or a Yubikey that has no API for recovering the key once it has been written to the device with you current password to secure your data. DBan-ing your data at that point won't matter.

Note: 256 bit encryption at rest has: 115, 792, 089, 237, 316, 195, 423, 570, 985, 008, 687, 907, 853, 269, 984, 665, 640, 564, 039, 457, 584, 007, 913, 129, 639, 936 possibilities.. Think of it a a key to a door with 2^256 cuts along the blade or 1.1x10^77 combinations. That's 78 digits! If someone were to hack at a good password, with every single computer on earth, all at the same time, for 4 billion years, no computer or combination of computers on earth can break it.

ahears

The free version of CCleaner has a wipe disk tool among other useful features.

KurentEweser

Does windows powerhsell clear-disk do the same as dd command you demonstrated?
how about dispart clean all ?
in other words, is there a build in tool (commandline) that does secure erase a hdd and ssd?

mr_don_key

Funny that you mentined about getting data from shredded HDs; one of my current DF professors repeated the same myth that you can. I had a previous forensics professor in my undergrad degree that created a lab for debunking this belief. First, she gave everyone in the class an HD that would get shreds to create an image. Then, she had a private company come to class to show their tech on shredding HDs. Then we got our shredded HDs back and told us whoever can get a single 0/1 recover will have an A in the class. Many people in the class did not even try; those who did receive a 100pts bonus to add to the final grade. She always did labs that taught us more than the one the course required us to do.

honeybadger

this is absolutely the best tutorial! the program Active KillDisk is also free. thank you.

Suzuki_Speed

Grampa gamer here: D- BAN, and white canyon and other ones don't work on ssd's. Only on sata hard drives. I use two different devices i have had for 3 years and wiped over 30 ssd's. One is called destruct pro. It is a large black usb device shaped like a big key. It wipes the ssd's in blocks. And does a D.O.D. short wipe. Another one i used is red key pro usb from england, but red key pro only lets you erase 3 ssd's and you have to buy it again for about $89. So i still have it, but it is locked. Amazon has destruct pro for apx. $49. But only use the pro version !!. Destruct has a standard version that is like d-ban. and will not wipe ssd's.

grampagamer-vl

These are all the disk wipe tools that I heard are fantastic:

1. KIllDisk (in the video)
2. Dban
3. DiskPart (Available command installed in Window's command prompt)
4. WipeDrive

From all of these tools, which one is the best? Are they ALL considered great, especially by doing just one wipe on the hard drive? Would I need to run each of these tools one by one to ensure no data can be retrieved even through forensics (in case I would like to sell my drive)? Or is either tool and one swipe enough?

Thank you!

andycruz

is Win11's "Reset this PC" enough on a newer SSD based laptop?

MrIgormf

What can be the problem if i copy files to my new ssd is slow down speed then freeze or stop is their a fix

manISnoGOD

Could filling the hard drive fully with a bunch of files copied over and over till its full be another way to "overwrite" the deleted files? Like a bunch of video files copied over and over. that seems like it would be faster than doing the software that just writes random zeros and 1s

mrshemminger

Thanks for your video. Do you have any post about how to scrub hard drive in Huawei? I tried factory reset but I heard that doing that alone does not remove spyware from the phone. Any advice will be greatly helpful. Thank you in advance.

VioletOrchid

Very true, when I worked in the good ol' data center life we only did one pass to wipe the data. That argument of 3pass did come up and was shot down due to reseach papers showing that one pass is good enough. Don't ask we about the reseach papers, that was done by VP Ops.

K_Chris

Are these tools for wiping a phone good enough ? Or is there special software needed to erase a phone ?

Lukas-tpws

This does not address most use cases today, Laptops have modules baked in, or are difficult to take apart to access the SSD (Surface Laptop 1 for example).

The easiest way, but certainly time consuming is to write and delete data onto the drive(s) multiple times, of course this new data needs to be benign, perhaps a 4k video or something.

notloki