How to securely delete (UN)USED drive space & other system areas

With modern filesystems securely deleting files isn’t always easy, but one approach which stands a good chance of working is to write random patterns over all unused areas of a disk – thus erasing the contents of files you’ve previously deleted.

We all know that when you simply delete a file, it’s possible to recover it later. Sometimes this is useful, if you accidentally delete something important, but usually this is a problem, and you really want that file gone forever. I will explain here how to delete a file in linux securely and permanently, so it can never be recovered. In addition, I will show how to completely wipe previously-used (available) space which will often have complete files or file-remnants which can otherwise be recovered. This applies to hard drives, external USB drives, thumb drives, etc.

To wipe your available (free) disk space, you’ll want to install the secure-delete application. Not only will this application suite offer applications that will wipe files and free space, but it will also wipe your SWAP partition and your system memory (RAM). Wiping RAM is important for privacy as well, since many files are stored in RAM and can be retrieved even after the computer is shut down, right off the chip!

First, install the secure-delete suite of applications:

sudo apt-get install secure-delete

Then, to wipe your /home partition’s free space, for example:

sudo sfill /home

The sfill the program will fill up all free space on the designated mount point by creating a huge single file. The the contents of this file are written in a number of special steps – ensuring that all areas of the disk which were previously free have had their contents erased. Once completed, the large file is removed, restoring your free space. You can sfill any mount point. Type man sfill for more info and options.

The command to erase existing files is “srm”, short for “secure rm”. Simply type

srm filename

Where filename is the name of the file you want to securely wipe/delete. You can also use wildcards (e.g. srm filenam*)

To wipe your system’s memory (RAM) use this command:

sdmem

SDmem is short for secure delete memory. You can run the command by itself, or with options. Type man sdmem for more info.

Similarly, sswap will securely wipe your swap partition. You must unmount your swap partition before using this command otherwise your system will likely crash. Once the wipe is completed, you can remount your swap partition. Type man sswap for more info. To wipe your swap space simply type:

sswap /dev/sda8

/dev/sda8 is an example. To find your specific swap device, simply type sudo fdisk -l, or cat /proc/swaps which will list your partitions and their device labels. Also to unmount your swap space, simply type sudo swapoff /dev/sda8 and to remount it type, sudo swapon /dev/sda8.