Good day, today we'll talk about permanently deleting data.
When you delete a file, even bypassing or emptying the trash, usually it is not deleted in the physical sense: only information about it is "deleted", the space it occupies is considered free, and a new file can be written there at any time. But until this happens (writing new data), the old file can be successfully restored.
Roughly the same happens with "quick format", ie. information about existing files is deleted, but the data itself is not erased or overwritten.
In addition to file recovery programs, there is a technique called magnetic force microscopy (MFM), which allows any moderately funded opponent to recover the last two or three layers of data written to disk (meaning magnetic media).
Therefore, if you want to erase data, for example, before selling a disc, or simply permanently delete files so that they cannot be restored, the usual capabilities provided by the operating system may not be enough - special programs may be required, which will be described here.
shred
The program is preinstalled in Kali Linux. It is part of the coreutils package.
Shred fills with random numbers the space occupied by the file. And already, even after recovering your deleted file, it will be impossible to read it. By default, shred does not delete the file, it uses the --remove (-u) option.
Shred has a 25-fold cycle, that is, the program will overwrite the file with random contents 25 times. To change this value to, for example, 35 times:
If your paranoia has reached an even greater level, then the following tips are for you:
To hide the information that you cleaned the file, use the -z option, which adds zeros to the end of the file - this will make the file look unlike encrypted. If you are interested in watching the rewriting process, the -v (verbose) option is used to display detailed progress information.
If you want to delete several files at once, then specify them in this format:
or you can use a mask:
Shred can also delete the contents of an entire hard drive with the command:
Naturally, the execution time of operations directly depends on the file size and recording speed.
The only downside is that shred cannot delete directories. This is where the wipe utility comes to our rescue.
wipe
Wipe is a multifunctional console utility for permanently deleting individual files and directories, as well as stripping partitions, disks and external media (flash drives) .
Home page - http://lambda-diode.com/software/wipe/
Installation on Kali Linux, Debian, Ubuntu, Linux Mint:
Installation in BlackArch
For a quick erase, you can use it like this:
Note: Wipe only works reliably for magnetic memory, therefore use other methods for solid state drives (memory).
secure-delete (srm, sfill, sswap)
The secure-delete package includes three utilities (srm, sfill, sswap) that safely clean up files, disks, swap, and memory.
srm performs safe overwrite / rename / delete of target file (s).
sfill securely overwrites the free space on the partition containing the specified directory and all free inodes for the specified directory.
sswap makes a secure overwrite of the swap partition.
Launching srm with standard (safe) settings with more verbose output for erasing the / dev / sdX drive:
When you delete a file, even bypassing or emptying the trash, usually it is not deleted in the physical sense: only information about it is "deleted", the space it occupies is considered free, and a new file can be written there at any time. But until this happens (writing new data), the old file can be successfully restored.
Roughly the same happens with "quick format", ie. information about existing files is deleted, but the data itself is not erased or overwritten.
In addition to file recovery programs, there is a technique called magnetic force microscopy (MFM), which allows any moderately funded opponent to recover the last two or three layers of data written to disk (meaning magnetic media).
Therefore, if you want to erase data, for example, before selling a disc, or simply permanently delete files so that they cannot be restored, the usual capabilities provided by the operating system may not be enough - special programs may be required, which will be described here.
shred
The program is preinstalled in Kali Linux. It is part of the coreutils package.
Shred fills with random numbers the space occupied by the file. And already, even after recovering your deleted file, it will be impossible to read it. By default, shred does not delete the file, it uses the --remove (-u) option.
Code:
shred -u /path/to/file
Shred has a 25-fold cycle, that is, the program will overwrite the file with random contents 25 times. To change this value to, for example, 35 times:
Code:
shred -u -n 35 /path/to/file
If your paranoia has reached an even greater level, then the following tips are for you:
To hide the information that you cleaned the file, use the -z option, which adds zeros to the end of the file - this will make the file look unlike encrypted. If you are interested in watching the rewriting process, the -v (verbose) option is used to display detailed progress information.
Code:
shred -u -z /path/to/file
If you want to delete several files at once, then specify them in this format:
Code:
shred -u -z -n 30 /path/to/file1 /path/to/file2 /path/to/file3
or you can use a mask:
Code:
shred -u -z -n *.txt
Shred can also delete the contents of an entire hard drive with the command:
Code:
shred /dev/sda
Naturally, the execution time of operations directly depends on the file size and recording speed.
The only downside is that shred cannot delete directories. This is where the wipe utility comes to our rescue.
wipe
Wipe is a multifunctional console utility for permanently deleting individual files and directories, as well as stripping partitions, disks and external media (flash drives) .
Home page - http://lambda-diode.com/software/wipe/
Installation on Kali Linux, Debian, Ubuntu, Linux Mint:
Code:
sudo apt-get install wipe
Installation in BlackArch
Code:
sudo pacman -S wipe
For a quick erase, you can use it like this:
Code:
wipe -r -q / path / for / wipe
Note: Wipe only works reliably for magnetic memory, therefore use other methods for solid state drives (memory).
secure-delete (srm, sfill, sswap)
The secure-delete package includes three utilities (srm, sfill, sswap) that safely clean up files, disks, swap, and memory.
srm performs safe overwrite / rename / delete of target file (s).
sfill securely overwrites the free space on the partition containing the specified directory and all free inodes for the specified directory.
sswap makes a secure overwrite of the swap partition.
Launching srm with standard (safe) settings with more verbose output for erasing the / dev / sdX drive:
Code:
srm -v /dev/sdX