this post was submitted on 09 Jun 2024
19 points (91.3% liked)

Linux

8119 readers
24 users here now

Welcome to c/linux!

Welcome to our thriving Linux community! Whether you're a seasoned Linux enthusiast or just starting your journey, we're excited to have you here. Explore, learn, and collaborate with like-minded individuals who share a passion for open-source software and the endless possibilities it offers. Together, let's dive into the world of Linux and embrace the power of freedom, customization, and innovation. Enjoy your stay and feel free to join the vibrant discussions that await you!

Rules:

  1. Stay on topic: Posts and discussions should be related to Linux, open source software, and related technologies.

  2. Be respectful: Treat fellow community members with respect and courtesy.

  3. Quality over quantity: Share informative and thought-provoking content.

  4. No spam or self-promotion: Avoid excessive self-promotion or spamming.

  5. No NSFW adult content

  6. Follow general lemmy guidelines.

founded 1 year ago
MODERATORS
 

hi,

My company gave me a laptop for work and after some time they will give it to another person when I quit the company so I want to make sure I don't leave any of my data behind so which command should I run to delete my home directory to delete all the data?

is it just rm -rf /home/myname

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 16 points 5 months ago (2 children)

Deleting a file does not overwrite the data. It just marks that area of the drive as "free". Using forensic tools (or simply dd) you can read data from "empty" parts of the drive. To be save you have to overwrite each file. You can try tools like shred to scramble the data of a file before deleting it, but as they say themselfes, unfortunately your filesystem might not actually let you do that (scroll to the CAUTION section).

You can use dd to write bytes to arbitrary places of the drive, but again, the filesystem might lie to you where a file is actually located. The ONLY way to be entirely sure is to wipe the whole drive. And if your IT does not do that before handing a system to a new employee, then they are not doing their job correctly.

Not legal advice: just tell them you installed a few viruses (while the system was not connected to the company network of course) and they should nuke the system before handing it to anybody else.

(You can also wipe the drive yourself by booting from a stick and overwriting the entire drive)

[–] [email protected] 3 points 5 months ago (1 children)

On a semi-related note, I've had a few external hdds die with data I'd have liked to recover. In my previous research I have found mostly "use this expensive proprietary software" as a suggestion for data recovery, but seeing you list dd here: is it possible to learn your powers? I'm better about backups now but you never know!

[–] [email protected] 1 points 5 months ago* (last edited 5 months ago)

If the drive is dead, as in, it has a hardware defect that keeps the computer from reading the data, you're out of luck. For a lot of money, someone can take out the disk platter in a clean room, and read it with another read head.
If only the partitions, partition table or file system are corrupt, you can dd it to a different drive and either re-write the metadata if you know what it was or use software to recognize the start- and endpoints of the file types that are stored on it and recreate them with free tools. But you'll lose all file names and the folder structure.

[–] [email protected] 4 points 5 months ago (1 children)

you can fill up the disk a few times after deleting files, so the system has to use up all free space and no matter where your data was it gets overwritten.

[–] [email protected] 2 points 5 months ago (1 children)

Not necessarily true. SSDs can mark sectors that have been written too much as bad, so the data still there to be read forensically, but you can't write to it anymore.

[–] [email protected] 6 points 5 months ago (1 children)

If you're that worried about privacy, then your only option is hammer+fire+spread the remains in multiple places. For the average paranoid I think it's enough to make generic file recovery tools ineffective.

[–] [email protected] 4 points 5 months ago* (last edited 5 months ago)

It's much easier to use full disc encryption, and just change the keys

But every company I've ever worked for, when they retire machines they keep the drives no exceptions.

If it's good enough for corporate security, we know works at least.

For context, a cheap internal SSD is about $20. Not some crazy impossible expense. When we talk about taking the storage device out of the computer, we're talking about investing $20 to not have to worry about data leaking into the future. And at that cost it's basically a no-brainer. It would be crazy not to do it