What Is Data Wiping
Data wiping is the process of overwriting data on the magnetic hard disk, SSD or USB flash by using zeros and ones on the whole disk or a specific zone. As a result, no one can’t recover sensitive data and disk is still usable.
Varieties
- Software-based wiping
this type of wiping can be carried out by software installed on. - Hardware-based wiping
this type of wiping needs some external device that responsible for.
Data wiping is not files deletion, which only removes direct pointers to the data and makes the data recovery possible with common software tools. Unlike degaussing and physical destruction, which render the storage media unusable, data wiping removes all information while leaving the disk operable. Data erasure may not work completely on flash-based media, such as Solid State Drives and USB Flash Drives, as these devices can store remnant data which is inaccessible to the wiping technique, and data can be retrieved from the individual flash memory chips inside the device.
Wiping software uses many techniques to ensure data is not recoverable like: - German BCI/VSITR 7-pass wiping
- U.S. DoD 5220.22M 7-pass extended character rotation wiping with last pass verification
- U.S. DoE 3-pass wiping
- 35-pass Peter Gutmann’s wiping
- 7-pass Bruce Schneier’s wiping
- 1-pass wiping by zeroes
What Is BCWipe
BCWipe securely erases data from magnetic and solid-state memory. BCWipe repeatedly overwrites special patterns to the files or free space to be destroyed. In normal mode, 35 passes are used (of which 8 are random). Patterns used were recommended in an article by Peter Gutmann entitled “Secure Deletion of Data from Magnetic and Solid-State Memory”. In quick mode, U.S. DoD(Department of Defence) 5220.22-M standard is used with 7 pass wiping. In custom mode, U.S. DoD 5220.22-M standard is used with user-defined number of passes.
How To Install BCWipe
BCWipe is available on the FreeBSD ports tree and you can install it easily.
# make -C /usr/ports/security/bcwipe install clean
Or you can install BCWipe with PKG mechanism:
# pkg install bcwipe
How To Install BCWipe With Multithreaded Mode Enabled
BCWipe has no compile option through FreeBSD port mechanism but in instead you can rebuild BCWipe with multithreading mode option:
# cd /usr/ports/security/bcwipe/
# make fetch extract
# cd work/bcwipe-1.9-9/
# ./configure –enable-pthreads
# make install clean
BCWipe Advanced Features
Bcwipe has very useful features that make the wiping process more suitable.
-n
Wait delay seconds between wiping passes. Modern enterprise-level storage systems (NAS, disk arrays etc.) employ powerful caches. To avoid undesirable caching effects BCWipe allows the user to insert an adjustable delay between wiping passes. Please note that when wiping with a delay between passes disk space is freed after the last pass.
-B Disable direct IO mode when wiping block devices
-t
Wipe and verify block devices in multi-thread mode. BCWipe runs threads worker threads. Useful for wiping multiple disk volumes.
-S (wipe file slack)
Wipe files slack. File slack is the disk space from the end of a file till the end of the last cluster used by that file. A cluster is a minimal portion of the disk space used by the file system.
-s Use ISAAC random number generator by Bob Jenkins
The default is SHA-1 (Secure Hash Algorithm). ISAAC is random faster than SHA-1.
-F (wipe free space) Wipe free space on the specified filesystem.
-b (block device) Wipe contents of block devices
BCWipe In Action
In this section, we describe a real scenario with BCWipe.
Issue this command to get more information about BCWipe:
# bcwipe
Tip: in a real-world scenario, people want to wipe out free space on whole mounted disks ( / ) but this command must be issued with caution.
Wipe free space:
# bcwipe -F /mnt/
This command will wipe out free space on /mnt/ path or whole mounted disks on this path.
# bcwipe -Fv -mt /mnt/
wipe out free space on /mnt/ directory with 1-pass in verbose mode.
-mt refer to 1-pass.
Wipe specific file:
# bcwipe -v -mz wipe.me
This command wipe “wipe.me” file with 1-pass wiping by zeroes in verbose mode.
# bcwipe -Fv -mg -t 5 /mnt/
This command wipes free space on /mnt/ directory with 35-pass Peter Gutmann’s scheme by 5 threads in verbose mode.
Wipe specific folder:
# bcwipe -rv /tmp/
This command wipes/tmp/ directory recursively with Peter Gutmann’s scheme in verbose mode.
Wipe block device:
# bcwipe -v -mz -t2 -b /dev/da0
This command wipe /dev/da0 (USB flash) with 2 threads by 1-pass zeroes in verbose mode.
The point is, USB flash is not mounted and all of the data will be destroyed.
You can get full edition at:
https://bsdmag.org/download/military-grade-data-wiping-freebsd-bcwipe/
Or:
https://contents.meetbsd.ir/ebook/wiping_bsdmag.pdf