- 17
- Jul
Need to securely erase any hard drives hooked to your PC automatically when the FBI knocks on the door? Lets hope that isn’t the case, but if so Darik’s Boot and Nuke is the perfect solution. Darik’s Boot and Nuke is a ’self contained floppy disc’ that securely wipes all hard drives detected on the local PC.
From the README:
1.0 About Darik’s Boot and Nuke
——————————–Darik’s Boot and Nuke (”DBAN”) is a self-contained boot floppy that securely
wipes the hard disks of most computers. DBAN will automatically and completely
delete the contents of any hard disk that it can detect, which makes it an
appropriate utility for bulk or emergency data destruction.
Download the exe and write the image to a floppy. Just make sure your kids or little brother don’t accidentally get a hold of the disk a boot from it!
Linux users can also unzip the exe and use dd to transfer the image to a floppy (see the README).
I know a lot of you know longer have floppy drives - there are more convenient DBAN CD images available.
How to automatically wipe all hard drives
WARNING: THIS WILL PERMANENTLY ERASE ALL DATA ON ALL HARD DRIVE HOOKED TO THE PC!!!
- Boot from the DBAN floppy or CD image.
- Enter ‘autonuke’ at the boot prompt.
And it is as simple as that! Hope you enjoyed and if you have any other methods of securely wiping your hard drives on the fly let us know in the comments!
![[del.icio.us]](http://images.del.icio.us/static/img/delicious.small.gif){kind=small}
Related Posts
Tags: Boot and Nuke, DBAN, Download, Emergency Data Destruction, Open source, Security
July 17th, 2008 at 10:53 am
I use this every time I do a clean OS install. I would not call it an ‘emergency’ eraser, as an 80gb drive can end up taking 3-4 hours to nuke. Using this for a new OS install has never failed me.
July 17th, 2008 at 1:29 pm
I wouldn’t get a FBI (or in this country’s case Met Police) person knocking on my door, but I guess this is a very nice quick format solution.
July 17th, 2008 at 4:49 pm
“Download the exe”
every good advice starts with those words, right? ^^
there’s an iso there, too…
July 17th, 2008 at 5:54 pm
Jesus Christ people, you guys actually use dBan to perform a clean OS install?? Seems horrendously redundant and unnecessary. Do you even know what dban does??? It overwrites every single bytes 3 (or 7) times with random bytes. Doing this too much can cause unnecessary wear on the drive. Remember, dban is an -emergency- nuker. NOT a formatting utility. For all-purpose generic formats, I recommend an ubuntu live-CD.
Also, if you’re a spy (or doing anything illegal in your country) a better alternative would be TrueCrypt. Not only can Truecrypt create highly-encrypted pseudo-disks, you can also tell it to encrypt an entire drive, so you’d have to enter a password during boot-up. This would be way better than dban (given you provide a strong password of course)
July 17th, 2008 at 6:22 pm
[...] Free, open-source boot disk utility Darik’s Boot and Nuke (DBAN) automatically and completely deletes the content of every hard disk it can find on your computer when you run it. Sure you can fire up DBAN for emergency system wipes next time the feds come knocking on your door, but it’s also a useful tool for protecting yourself from identity theft when you’re prepping your computer for recycling or sale. The bootable DBAN can run from CDs, DVDs, thumb drives, and floppy disks. If you’re just looking to securely delete single files and folders (as opposed to entire drives), check out previously mentioned Wipe File. Darik’s Boot and Nuke [SourceForge via Hackosis] [...]
July 17th, 2008 at 6:37 pm
It should be noted that any software hard drive wiper is not 100% guaranteed to wipe your drive. I’m sure the FBI pays some very talented data miners very well for their skills in data reconstruction (please note, these people recover data from hard drives recovered from fire). And if Arrgee is correct in that this takes 3-4 hours to wipe an 80 gig drive, this is hardly the tool to promote as a “last second FBI knocking at your door” piece of software.
July 17th, 2008 at 6:41 pm
this seems way to slow for a “real” emergency.
if you really got stuff to hide from people like the FBI, i suggest you just make a little bomb, or some “termite” put it in your computer with an emergency button to it… way faster when they actually fall through the door ;)
ow, and don’t use any kind of termite that can go off from just heat, a computer is HOT when you put it on the hard drive :’)
July 17th, 2008 at 6:42 pm
To the poster above - DBAN does not reformat your hard drive, it destroys your hard drive. Once you use it, you need a new hard drive.
July 17th, 2008 at 8:01 pm
College Kid
You’re at the wrong College. You seriously need to go back to your tutors. They must be telling you lies.
I’ve used it on a test laptop over 20 times. Installed variations of XP and Vista on the laptop (home, pro, corp, MCE). No problems.
You may have had one occurence that lost all your fat-mama porn, but that is not subjective.
Most fast formatters will simply erase the executive, not the content. The only way to erase content is by overwriting with zero (not random as JohnnyPandy thinks), and also overwriting the executive.
Yes, this will have an impact on drive wear, but the wear is about the same as 5 defrags.
July 18th, 2008 at 12:32 am
Fork: I agree that this would be way to slow… but if you want anyone to even look at your comments try hitting up “thermite” on google .. not termite =)
July 18th, 2008 at 7:09 am
Thanks for the feedback everyone.
@Zlaus - obviously you did read the README, you can ‘unzip *.exe’ on Linux. And later in the post it mentions the ISOs.
Good day.
July 18th, 2008 at 9:48 am
lurn 2 spehl!!!
July 18th, 2008 at 11:45 am
[...] for this, unless I just want to toss an old drive out and make sure my personal Data was erased. Hackosis claims this to be an “EMERGENCY DATA DETRUCTION”. From the site “Need to securely [...]
July 18th, 2008 at 1:51 pm
Dban can take several hours to complete just a few passes on an average size drive. If you want to guarantee that no one see’s what you once had on your Hard Drive, I believe the DoD standard is 7 or more passes with a similar program, then subjecting the drive to a big magnet, with a final nail drove into the drive.
July 19th, 2008 at 2:45 pm
Normal magnets don’t do a damn thing to hard drives. I’ve covered entire drives with neodymium magnets…nothing happened. It should be noted that they were extremely strong rare earth magnets FROM hard drives.
Best way to completely securely format a drive is to overwrite all the existing data at the very least, 5 times. This takes a LONG time. I did a 7 pass overwrite on one of my small 100GB drives to test, it took over 10 hours IIRC.
If you’re truly paranoid, you’re going to need to do at least 7-8 passes of overwrite, but you had better have a whole 24 hour notice for a large drive, otherwise, you need to absolutely destroy the platters, SMALL PIECES, like confetti and then incinerate the pieces. Problem solved! Something instant would have to have the drive in an explosion resistant enclosure and surrounded by explosives for immediate destruction
I know that the government doesn’t even just format hard drives with multiple passes if the hard drive is leaving a secure zone, such as donation, it is just destroyed. Same with banks.
July 19th, 2008 at 3:07 pm
You would need to physically destroy a harddrive in order to destroy all the data on it. I was reading somewhere that even with like 10+ passes, forensics can still read the “1’s and 0’s” on there with expensive machinery. It’s kind of like writing really hard on a pad of paper and being able to read several layers into the pad. I don’t recall how many passes will make it “safe”, but I’m sure it’s got to be a lot and at that point, it’s a waste of time and strain on the HDD.
July 19th, 2008 at 11:21 pm
I keep a shot gun in my office just in case the FBI comes a knockin’! It hold 3 rounds. I figure 2 will take care of the hard drive and 1 for myself! This method is way better than DBAN.
July 20th, 2008 at 2:44 am
Much better idea for emergency data destruction is a cavity magnetron from your old microwave. A bit of smart hacking to place it in your computer and make it operational, and you have a one-second emergency data destruction plan.
Works even better with cd’s, dvd’s, bluray’s etc.
July 20th, 2008 at 6:57 pm
Haha, possibly, but since you can’t really test it in place….how do you know if you set it up right? And if you think you did, and it didn’t work when you needed it…best have a second plan!
July 21st, 2008 at 12:39 am
Horrible advice being given here. If you read the news you would know that the only true way to protect your info from falling into the FBI’s hands would be to use DRIVECRYPT PLUS PACK (or similar whole drive encryption). You encrypt the entire hard drive and it wont boot unless you type in your passphrases. You can have up to 4 passphrases and they are entered before the drive is unencrypted.
Should the FBI knock at your door you simply pull the power cord out of the wall. The drive would be brute force encrypted again. At that point you could have a boot and nuke memory disk to erase the memory.
You must only use a laptop that is NEVER out of your site for this. You also must type in the passphrase with a towel over your keyboad to protect against cameras. It would not hurt to type in your passphrase inside a faraday cage either.
July 21st, 2008 at 4:00 am
Why should I use this to delete my data when I can thoroughly delete it through the Boot screen without having this utility.
What are the advantage of this compared to normal deletion while reinstalling my Os.
July 21st, 2008 at 4:16 am
[...] data on your pc, you can try having a disk of boot and nuke ready. Here’s a description from Hackosis: Darik’s Boot and Nuke is a ’self contained floppy disc’ that securely wipes all hard drives [...]
July 21st, 2008 at 9:29 pm
Thanks for this information so much! It saved me from the feds many a time
July 22nd, 2008 at 4:30 am
OK, this just in. If the feds had time to recover data than they would need at least 5 eons.
DATA recovery is not as simple as put it in a machene and recover.
5 passes is enough 7 if u wana over do it. If you are a illigal trrorist. i am sure a bomb would suffice.
July 22nd, 2008 at 6:36 am
“What are the advantage of this compared to normal deletion while reinstalling my Os.”
There really isn’t one as far as reinstallation goes. That’s why the people saying that they use this to reformat before reinstalling an OS are wasting time.
Secure data deletion is exactly that - secure data deletion. It’s all about covering your tracks and hiding from the spooks. You don’t need to run a secure delete to reinstall an operating system. Just delete your old partitions, repartition the drive, put some file systems on it, and go.
DBAN is a good tool for those who are paranoid or those who are looking to sell an old computer at a garage sale or something. But, like mentioned, it works too slow to be an effective guard against the FBI. I three-pass DoD-spec erased a 320GB drive and it took about 6-8 hours (can’t say for sure - I fell asleep eventually). Not exactly fast enough if the FBI’s knocking on your door with warrant in hand.
July 22nd, 2008 at 7:39 am
Thanks for all the comments peeps. This really is an interesting topic.
Next thing I was thinking:
Pneumatic spikes about one inch in diameter, one below and one above the hard drive. When you hear “FBI! WERE COMIN’ IN” - You hit the secret button that send the spikes through the hard drive while it is still spinning. Surely that will screw it up real good.
July 22nd, 2008 at 8:21 am
Re: the pneumatic spikes, that would probably do it if well designed, but keep in mind that hard drives for desktops typically spin (these days) at 7,200 RPM. Some, like the WD Raptor, spin at 10,000 (some SCSI drives spin at 15,000). Activating the spikes at full angular speed might cause stuff to start shooting around in your case (perhaps pieces of the disk platters), potentially ruining other parts. Maybe that’s an acceptable risk if one is that paranoid.
I heard about somebody once who had a secret electro-magnetic degausser built into the doorway of his computer room. Anybody carrying a hard drive in or out the door while it was activated would find the drive completely nuked (low level format and everything, according to the tale). He had a button on his desk for temporarily disabling it if he needed to carry hardware in and out the door without annihilating the data.
Whether that’s true or not is a different story. I can only imagine how much it would cost in electricity cost to power a degausser of that size almost 24/7, not to mention contracting somebody to build the thing. Even small degaussers for erasing tape media are quite expensive.
July 22nd, 2008 at 8:32 am
(/me makes note to wear helmet if suspecting the FBI to come soon to protect against metal shrapnel)
So a man could put the degausser in his PC case…
Geez, this one is $13,000 dollars:
http://www.fujitsu.com/us/services/computing/storage/degaussers/magerasure-p2v.html
July 22nd, 2008 at 8:31 pm
dd if=/dev/zero of=/dev/hda{hdb,sda) etc plus there are more options to do more too . ugly command line but it just thta wonderfull :)
love DD because 3 drives I’ve had every one I know and with all the smartdrive out it really did look like the drives were toast. But dd to zero it and all those drives I used for a couple more . one I have on the floor is still going 2 yrs latter. I still feel after that that its the corrupt file that fake bad sectors . get rid of them and the there are no bad sectors. anyway dd ddrecue are just as good if not better :)
July 22nd, 2008 at 9:38 pm
Can’t you just send everything you want to be protected to the recycle bin, then run CCleaner on one of the higher security settings? I hear that 3 secure passes is more secure than anything can recover off of on modern HDDs (which are more dense, more dense = less passes needed.) That’s what I use on CCleaner and it just overwrites everything that I have in the Recycle Bin as well as cookies and stuff.
Hell, if you want you could use DBAN on a laptop, then shove the thing under a floorboard or in an attic somewhere.
Or you could just stop downloading DVD rips, screens, and all that CP ;)
July 23rd, 2008 at 8:40 am
“Or you could just stop downloading DVD rips, screens, and all that CP ;)”
Certainly there are other things people might want to hide, like confidential financial information, password files (though I don’t know why you’d store passwords in a plain text file), etc.
Or all that radical literature you’ve been reading. ;)
Pirated content isn’t the only stuff you might want to hide.
July 23rd, 2008 at 8:45 am
Thanks for clearing this up Tom. ;)
July 23rd, 2008 at 8:59 am
Oh, really? Usually I obfuscate things. :)
Great blog, by the way. Subscribed in my reader.
July 26th, 2008 at 5:12 am
Even if this was fast enough to erase the disk before the FBI came in it would only fool them once. Next time they’d just cut the power to an apt before entering.. or would that just be me
July 29th, 2008 at 1:55 am
ArrGee:
Although I’ve never used dBan before, I don’t think a secure wiper would use 0000s to wipe a drive. It should overwrite each byte with AA, then the opposite (FF?). Afterwards, it should wipe the drive with either pseudo-random or pseudo-encrypted data for safemeasures.