This is a method to erase data from a hard disk.
The DoD5220.22-M (U.S. Department of Defense) method
This is a method to write 0, 1, and random numbers to the entire HDD. A total of three writes are performed.
This is the initial version of DoD5220.22-M, and a different guideline has been created now.
History
In , the first version was issued. This version specified a procedure to overwrite data on a hard disk drive (HDD) with zero and one patterns three times. This became known as the DoD 5220.22-M sanitization method.
In , the Department of Defense designated the DoD 5220.22-M ECE sanitization method as an extension of DoD 5220.22-M. This method required seven overwrite passes.
In , the latest version of DoD 5220.22-M was issued. In this version, the overwrite pattern was no longer specified as a data erasure method for HDDs. Instead, other sanitization methods such as erasure, degaussing, and physical destruction were recommended.
In , DoD 5220.22-M was revised. In this version, the sanitization method guidelines were updated to accommodate new technologies such as flash-based storage and mobile devices.
In , the Department of Defense stopped referring to DoD 5220.22-M and instead complied with the media sanitization guidelines of the National Institute of Standards and Technology (NIST SP 800-88).
Commands
In Linux, you can use the dd command to delete data.
Write 0
|
1 2 |
dd if=/dev/zero of=/dev/sdb bs=4096 |
ddis a command to copy data¹.if=/dev/zerospecifies/dev/zeroas the input file./dev/zerois a special file that outputs zeros indefinitely.of=/dev/sdbspecifies/dev/sdbas the output file./dev/sdbis a device file for hard disks, USB memory, etc.¹.bs=4096specifies 4096 bytes as the block size. The block size is the unit of data to read and write at a time.
This command copies zeros from /dev/zero to /dev/sdb in 4096-byte increments, overwriting and erasing the data on /dev/sdb.
Confirm
Check the beginning of the disk
|
1 2 |
dd if=/dev/sdb bs=512 count=1 | hexdump -C |
Displays the first 512 bytes of the device such as a hard disk or USB memory in hexadecimal.
ddis a command to copy data.if=/dev/sdbspecifies/dev/sdbas the input file.bs=512specifies 512 bytes as the block size.count=1specifies 1 as the number of blocks to read. This reads only the first 512 bytes.hexdump -Cis a command to display the data received by the pipe in hexadecimal and ASCII code.-Cis an option to display the hexadecimal and ASCII code in columns.
From this result, you can see that the beginning of the hard disk is filled with zeros.
If you specify of=output.bin or something like that as a parameter of the dd command, you can write the first 512 bytes to the output.bin file.
Check the end of the disk
|
1 |
dd if=/dev/sdb bs=512 skip=(((blockdev --getsz /dev/sdb) - 1)) | hexdump -C |
Displays the last 512 bytes of the device such as a hard disk or USB memory in hexadecimal. This command passes the value obtained by subtracting 1 from the total number of sectors of the hard disk to
skip and reads only the last one block.
- As mentioned earlier,
ddis a command to copy data. if=/dev/sdbspecifies/dev/sdbas the input file.bs=512specifies 512 bytes as the block size.-
skip=(((blockdev --getsz /dev/sdb) - 1))specifies the number of blocks to skipblockdev --getsz /dev/sdbis a command to get the total number of sectors of the hard disk.$(())is a notation for arithmetic operations.
Write 1
|
1 |
tr '\0' '\377' < /dev/zero > /dev/sdb |
tris a command that converts characters.-
'0','377'convert the input characters from\0(0 in octal) to\377(255 in octal). This converts 0 bits to 1 bits.- ((3 x 8) + 7) x 8 + 7 = 255
< /dev/zerospecifies/dev/zeroas the standard input source.> /dev/sdbspecifies/dev/sdbas the standard output destination.
This command reads 0 from /dev/zero, converts it to 1 in tr, and converts it to 1 in /dev/sdb By continuing to write , the data in /dev/sdb will be overwritten and erased.
Confirm
I checked it just like when I wrote 0.
Check the beginning of the disc
|
1 |
dd if=/dev/sdb bs=512 count=1 | hexdump -C |
Check the end of the disk
|
1 |
dd if=/dev/sdb bs=512 skip=$(($(blockdev --getsz /dev/sdb) - 1)) | hexdump -C |
Write random numbers
|
1 |
dd if=/dev/urandom of=/dev/sdb bs=4096 |
Reads random data from the device /dev/urandom and writes it to /dev/sdb.
Using /dev/urandom takes longer than using /dev/zero. This is simply because generating random numbers takes time. /dev/urandom generates random numbers from environmental noise (device related
conditions such as mouse, keyboard, etc.).
Confirm
I checked it just like when I wrote 0.
Check the beginning of the disc
|
1 |
dd if=/dev/sdb bs=512 count=1 | hexdump -C |
Check the end of the disk
|
1 |
dd if=/dev/sdb bs=512 skip=$(($(blockdev --getsz /dev/sdb) - 1)) | hexdump -C |
