Hello
I want to clear (erase) some of my disks and populate them with ‘garbage’.
I want to create several huge files of ‘fake’ data.
I know two commands of creating e.g. 1 GB of data.
1.
dd id=/dev/zero of=file.ext count=1 bs=1G
fallocate -l 1G file.ext
dd takes longer and fallocate is really fast!!
What’s the difference between them? Do I understand them correctly?
dd physically writes data onto the disk
fallocate only ‘reserves’ space for data and only when someone tries to access that file it then ‘creates’ data
So suppose that your disk started out with some secret information.
If you use “dd” as suggested, that secret information is overwritten by zeros.
If you use “fallocate”, the secret information is still mostly on disk. Small amounts may have been overwritten by filee system control information, but most of it will still be there. So, with “fallocate”, you didn’t really erase that secret information.
Instead of /dev/zero, you can also use /dev/random or /dev/urandom as input to dd. It will take some more time (calculating random data is CPU intensive), but you then have your random overwrite. See
man 4 random
You can also look into shred. Maybe you have to install it from the OSS repo, but then you can see it’s possibilities (more overwrite sessions to eradicate remanent magnetism) with
Over-writing should be sufficient to “destroy” a disk short of physical destruction.
Run multiple times to minimize the chance “fragments” will be retained, but YMMV. Be aware over the years things like writing between tracks were developed to enable greater capacity.
This should probably be sufficient in most cases to prevent data theft from using forensic data recovery, but YMMV… The only certain solution is to physically destroy the disk. If you can reasonably trust whoever receives the disk, this more than “keeps honest people honest,” it’s very difficult and problematic(You’d have to be lucky) to recovery enough data to piece something together and that the data is useful.
Of course, this applies only to HDD.
SSD does not require any over-writing, you only have to set all traps to “erase”