LifeHacker: How Do I Securely Wipe a Computer?
By Alan Henry
www.lifehacker.com (Circulation 814,333)
I have a few old computers I’m planning to donate to charity, but I want to make sure that all of my data is off of them before I give them away. I’d rather not pull out the hard drives since they’re so old. How can I make sure they’re clean before giving them away?
Dear Partially Paranoid,
First of all, good on you for donating those old computers to charity, and good on you again for making sure they’re clean and ready for use when your recipient gets them. Thankfully, getting them ship-shape for donation is quick and easy, and it won’t take much work to ensure all of your data is off of them before you drop them off. Best of all, this advice is applicable regardless of your reasons for disposing of a computer. Here’s what to do:
Step Zero: Back Up Everything
It goes without saying, but before going through with anything else here, make sure all of your personal data is backed up from all of the computers you’re planning to donate. You don’t want to get halfway through the rest of this only to realize that one of those drives may have something important on them. If you haven’t already, back up all of the computers you’re going to donate. If you’re not sure how, check out our guide to backing up your computer.
Step One: Assemble Your Tools
Once you’re sure all of your data is backed up, you’ll need the tools to help you completely and securely wipe the hard drives in the systems you want to donate. Since you didn’t mention whether the systems were Mac, Windows PCs, or a combination of both, we’ll cover all the bases here:
Windows/Linux PCs: If you’re using Windows, you could just boot up to a Windows DVD and format the drive, but while that’ll clear out the drive for a reinstall, it won’t make sure your data is securely wiped.
We recommend downloading a tool like Darik’s Boot and Nuke (DBAN,) a tried-and-tested utility that lets you create a bootable CD or DVD with the specific purpose of securely wiping the hard drives in the PCs you’re going to donate. Simply download DBAN, drop it onto a blank CD or DVD, and use it to boot your PC.
Mac OS: If any of the systems you want to give away are Macs, you’ll need a boot disk other than the drive you want to wipe, whether it’s an OS X DVD or another Mac you can boot normally with the Mac you want to donate connected to it.
If you’re using a Mac OS DVD, just insert the DVD and hold down the C key on startup to boot to the DVD instead of the hard drive. If you’re connecting your Mac to another computer over Firewire, connect the two Macs, boot the one you’re keeping normally, and then boot the other while holding down the T key to start it in Target Disk mode. It’ll appear as an external drive on your other Mac’s desktop.
If you’re donating a more recent Mac or a Mac running Lion or a Macbook Air without an optical drive or Firewire ports, you can download the newly released Lion Recovery Assistant to create a bootable USB drive or thumb drive.
Step Two: Wipe The Drive
Once you the right tools in place, it’s time to wipe the drives in the systems you want to donate. You’ll want to pay attention to the way you do this and the number of writes or passes you perform, to minimize the potential your data may be restored. Here’s how:
Windows/Linux PCs: You may need to go into the BIOS to enable booting to a CD or DVD on your PC. Most BIOSes will either allow you to press a key to boot to the CD or DVD drive when it’s starting up, or you’ll have to specifically enter the BIOS (usually by pressing F2, F12, or Delete while the system is booting) and select the CD/DVD drive as a boot device.
As long as your newly created DBAN CD or DVD is in the drive, the system will boot and in a few minutes DBAN will load. If you just press enter at the startup screen, it’ll allow you to select the drive you want to wipe and go right to work. By default, DBAN does a three-way pass writing zeroes to the hard drive, but you can press M on the drive select screen to choose the number of passes DBAN performs. If you prefer the 7-way pass that Mac users perform, select thre DOD5520-22 M method, which does the same thing. The Gutmann Method performs a similar 35-way wipe. As on the Mac, the more wipes you do, the longer the process will take. We recommend sticking to the 3 or 7-way wipe-it offers a good balance between security and speed, and will help you get those systems out of your house and to your local charity sooner.
Mac OS: If you’ve connected the Mac you want to wipe to a Mac you want to keep via Firewire, open Disk Utility on the Mac you want to keep. If you’ve booted the Mac you’d like to donate to a DVD or a Lion Recovery USB drive, you should still have access to Disk Utility, usually under the Applications menu at the top of the screen.
Once open, select the drive you want to wipe and click the “Erase” tab on the right to set your wipe options. Click “Security Options” to select between “Zero Out Data,” “7-Pass Erase” and “35-Pass Erase.” The default is “Don’t Erase Data,” which essentially makes the space writeable without explicitly erasing any of the information on it.
Zero Out Data is one secure method, and will write over all of the data on your drive with zeroes on a single pass. It’s the least secure of the three options, but it’s also the fastest. The 7-way pass does the same thing, but repeats the process seven times. This is probably the best balance between speed and security, as it makes it fairly difficult to retrieve any of the information you previously had on the drive. We recommend going this route, especially if you have the time to let each system do the 7-way pass. The 35-pass erase takes a very long time to complete, but it’s definitely the most secure method. If you’re donating the systems to charity, you probably don’t need to go to this extent.
Step Three: Donate!
If you’re confident you have backups of all of your data, and you’ve performed three or seven-way writes on all of the drives in all of the computers you want to donate, you should be all set now to load up the car and carry them all to their future home.
By doing a multi-pass wipe on the drives in the PCs you’re donating and then donating them intact to your local charity, you’re giving them computers they won’t have to sink any money into in order to re-use for a good cause. They can install their own operating system on them and put them to good use, or use them for their own operations, and you can rest knowing that the computers are in good hands, but your data is with you.
A Word About Security
It’s important to note that none of these methods, even the 35-way write, will likely be enough to keep your data out of the hands of someone with the right equipment, time, and training (a company like DriveSavers, for example) or someone with the budget to hire them. Since you said you don’t want to remove the drives first and you expect to donate these systems in usable condition, we’re assuming that you don’t have any enemies who desperately want your data, or that the FBI or NSA aren’t waiting for you to dispose of those computers so they can try to figure out what you had on them. In either case, nothing we can suggest here will help you.
Large companies often use commercial degaussers to render their old hard drives data-free, and will then drop them into metal shredders to make sure they’re chopped up into fine enough pieces that the drives could never be reassembled. Most consumers don’t have those kinds of resources at hand.
If you’re that worried about the data on your drives getting into someone else’s hands, you may be better off just keeping the drives, donating the chassis, and destroying the drives yourself, either by taking them apart and shattering the platters, putting a drill through them, or hammering them until the platters break. If you do decide to remove the drives and destroy them yourself, make sure to put safety first, wear eye protection, and dispose of the remains properly, preferably at your local e-cycling center or drop-off.
Hope that helps!
PS – We know that DBAN and Disk Utility aren’t the only ways to securely wipe a drive. What utilities would you use in this case, and how would you go about it? Share your thoughts in the comments below.