Friday, March 7, 2008

Securely deleting the contents of a USB stick

note: This article is intended for a technical audience -- you should use extreme caution when modifying a production system, as your data will be nearly impossible to recover if you use this command incorrectly -- caveat emptor.

When discarding, selling or lending a USB memory stick to someone -- you probably want to ensure there's no critical or sensitive data on it, so here's another handy one-liner to purge data from a USB memory stick when you don't have access to specific wiping programs such as shred or wipe on your platform.

This uses the 'dd' command, so it can be used on most systems with a random entropy generator and the coreutils/fileutils/base-utils package installed:

dd if=/dev/urandom of=/dev/[X] bs=512 count=1 conv=fsync oflag=direct

Where [X] is the device you wish to wipe (note: this is never usually /dev/hda or /dev/sda -- please make sure you're writing to the correct device before pressing ENTER, type once, look twice!).

This will write blocks using direct I/O, 512 bytes at a time to your USB stick from the entropy buffer -- additionally, the conv=fsync option makes sure that each block is completely written to disk before proceeding on to the next one.

When it is finished, you should see something along the lines of:

dd: writing to `/dev/sdd1': No space left on device
10490446+0 records in
10490445+0 records out
1971107432 bytes (1.9 GB) copied, 2097.36 seconds, 1.0 MB/s

Now you can go off and put a filesystem on your drive, as normal.

No comments: