Warm soapy water and a clean sponge....

But seriously, destroy the disk if you want it to actually be completely safe from being recovered. Many datacenters and large firms use physical disk shredders.

For home use a sledgehammer, magnet, and depositing the pieces into random city rubbish bins is something I have adopted in the past.  Apparently an angle grinder was sufficient to satisfy the GCHQ when they had The Guardian destroy hard drives recently, and thining about it, and angle grinder is a great idea - and fun too.

In regards to dd, I would run a few of passes, and make one of them if=/dev/random. As stated earlier, altering the bs should help with the speed, but if you though zeroing was slow - wait til you see experience the random write ;)

I place a fairly low trust in scrub and shred.  I know shred suffers some issues on journaled and raid configurations, and scrub may have the same problems.

I guess it depends on your threat model, so rewinding a bit - who are you wanting to prevent accessing your data? This greatly informs the conversation.  The methods offered above, and in many of the replies thus far, assume a very sophisticated adversary.

Daniel




On Mon, Sep 2, 2013 at 5:12 PM, Rohan McLeod <rhn@jeack.com.au> wrote:
Christopher M. Bailey wrote:
> On 2013-09-02 15:04, Brett Pemberton wrote:
>
>> On Mon, Sep 2, 2013 at 3:02 PM, David Zuccaro
>> <david.zuccaro@optusnet.com.au> wrote:
>>
>>> What is the best way to wash a disk?
>> http://www.dban.org/ [2]
>>
>> cheers,
>>
>> / Brett
>>
>> _______________________________________________
>> luv-main mailing list
>> luv-main@luv.asn.au
>> http://lists.luv.asn.au/listinfo/luv-main
>>
>> [1]
> Yep dban is what I used to wipe all the branch servers and workstations
> from NAB a few years back, never had any issues with it
Whilst it does state:
  "...DBAN prevents all known techniques of hard disk forensic analysis.
  It does not provide users with a proof of erasure, such as an
audit-ready erasure report."

 From memory the consensus at ComputerBank many years ago was
that if one's life was on the line and NSA wanted the info;
dismantle the drive and dissolve the drive platters carefully in
in a large quantity of  molten aluminium..
Apparently the problem is that the magnetic domains which
represent bits are analogue.
So whilst the heads on the original  drive can detect no magnetic domain;
someone with a souped up head might be able to.
Initially the method we used wrote zero's to all sectors but
eventually to speed things up I think we ether used a generic LLformat
utility
and /or  proprietary utilities from the respective drive manufacturers;
probably via a self booting DOS floppy.

                       apologies to luv-main;
                                                           Rohan McLeod

_______________________________________________
luv-main mailing list
luv-main@luv.asn.au
http://lists.luv.asn.au/listinfo/luv-main