Saturday, May 12, 2007

Secure File Deletion

During the recent Windows unpleasantness I borrowed a couple of old disk drives to backup data on the “broken” disk — it was only broken under Windows, I could read it quite easily in Linux, but never mind. Now that everything's fixed, I want to give the drives back. The problem is that they have personal data on them, so I want to delete it all before I give it back.

This isn't as easy as it seems, since files leave traces all over. Fortunately, the folks at the Stanford Linear Accelerator Center (SLAC) have put together a guide to Secure Erase in UNIX, which also works in Linux.

I'm not going to repeat all the article. Just note that you need:

  • shred, which does secure file erasure by repeated rewrites followed by deletion, and comes by default in Ubuntu
  • scrub, which erases the free space in your file system by filling it up with a large, random file, which you then delete (with shred, if necessary). This isn't a standard file, you have to download and compile it.

Ideally, one would delete everything on the disk in question in the following way:

$ cd /media/disk # or wherever the thing is
$ sudo rm -fr * # delete all files and directories recursively
$ scrub -X junk # Fill up the whole disk with junk
$ shred --remove junk # rewrite several times, then delete

The difficulty is that the disk I used has a VFAT file system, so the biggest file that can be written is 4 GB. I just wrote

$ scrub -X junk
$ scrub -X junk1
$ scrub -X junk2

etc., until the disk was filled up, then ran

$ shred --remove junk*

If you are using a journaling file system other than ext3, there are some other issues involved, but for VFAT or ext3 this is a good way to go.

26 July 2009: Replaced the old link to scrub, which generates a 404 error, by the link, as noted by the first commenter. You can also download scrub directly from sourceforge at


Anonymous said...

The scrub link is now:

What does scrub do that shred doesn't also do? Shred was installed as part of my CentOS 5.3 installation.

rcjhawk said...

As far as I can tell, the difference is that while shred securely deletes an individual file, scrub first writes files, filling up your disk, and then securely deletes them. This makes sure that traces of old files are deleted. Remember, unless you use something like shred, when you delete a file all that is really removed is a marker to its inode. The contents stay on the disk until they're overwritten. Scrub gets rid of those files, too.