News Feed
  • DrugHub has agreed to fully refund all users who lost money in the SuperMarket exit scam.  
  • Retro Market has gone offline. Circumstances of the closure unknown.  
  • SuperMarket has closed following an exit scam by one of the admins.  
  • The admin of Incognito Market, Pharoah, has been arrested by the FBI several months after exit scamming.  
  • Silk RoadTorhoo mini logo
  • darknet markets list
  • Popular P2P exchange LocalMonero has announced it is closing.  

How to Wipe an HDD : antiforensics | Torhoo darknet markets

To properly wipe a hard drive you should boot into a live linux USB or live cd. Once you have booted into a linux distribution, you can use the fdisk command to find your hard drive name and dd to wipe your drive with random data and zeros. In addition to this we will also cover how to use ATA secure erase which is an extra way to wipe your drive that you should use in addition to manually overwriting data.

When you boot into your linux OS you should open up a command line interface such as the terminal application. You will type the following command.

sudo fdisk -l


This command will list your hard drives and external media. You will locate your drive by the size of the volume. The average hard drive will likely be named /dev/sda. in this case the commands to wipe would be

sudo dd if=/dev/urandom of=/dev/sda status=progress

sudo dd if=/dev/zero of=/dev/sda status=progress

I would do two passes even though technically it has not been proven that you can recover reliablyc even after 1 pass. I would not take a gamble and use two passes in addition to secure Erase tbh just in case. I feel the same way about things like Qubes combined with Whonix.

If you are going to use Tor Browser, you might as well combine it with Qubes and a whonix virtual machine because that little bit of extra effort will help you out a lot by not allowing you to make as many mistakes. Everyone makes mistakes but one thing Qubes will do is help you compartmentalize things automatically so that you do not have as much of a chance of human error. :)

I have secure erased and manually wiped my hard drive dozens and dozens of times over 10 years. It is still functioning to this day. This is just my anecdotal experience though and you should just be aware this will wear out your drive faster and possibly cause heat build up. If you are wiping your drive just make sure it has proper cooling because you will be continuously writing to it for a long time. To use the secure erase command you can read the documentation below

https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase

Edit : Please avoid the use of SSDs or solid state drives. There is no reliable way to wipe them as far as I am aware, they must be destroyed and in some cases the ATA secure erase command has failed on solid state drives as well. I would wipe these drives from an airgapped system with dd and secure erase and destroy them after.
/u/MrBlogical
3 points
6 years ago
This is solid advice. Good post mate
/u/ILoveBigDongs3000
3 points
6 years ago
Protip: Use full disk encryption by default and after you are done destroy the keys instead, a.k.a. crypto-shredding. With this method you can also use SSDs which are generally problematic like OP said.
/u/wekhiu48 📢 Qubes OS + Whonix + USBkill
1 points
6 years ago
Yeah that way you can overwrite the LUKS header for example. If you guys use Qubes os it will have full disk encryption enabled by default. :)
/u/AZERTY
1 points
6 years ago
does this apply to proprietary stuff (eg filevault)
/u/ILoveBigDongs3000
1 points
6 years ago
I wouldn't bet my life on it. You never know how proprietary software handles stuff in the background. They might be suitable for enterprise environment, but I wouldn't trust them in a threat scenario that involves DNMs. Consider Veracrypt instead.
/u/AZERTY
1 points
6 years ago
Uh... but if the VC volume is bigger than your ram doesn't it write to the HD? (swap)

So same issue crops up? :/
/u/ILoveBigDongs3000
1 points
6 years ago
This is not an issue specific to Veracrypt. This is about operating system design. If you are concerned about swap area, then make sure the swap is also encrypted as well. In Windows you can change the location of the page files, I am not sure about OS X but I am sure similar options should exist there as well.
/u/dpen
1 points
5 years ago
What do you mean destroy the keys? What's crypto-shredding?
/u/0b1sh1n0b1
2 points
6 years ago
You can even use provide GNU shred utility. scrub also works for this purpose as well, although you'd have to install it.

I would note how easy it is to recover conventionally deleted files. I practice forensics all the time with drives bought of online marketplaces and other used botiques that people sell cheap drives that look like they were used in desktops. With a external USB drive reader, its trivial to pop your drive in and scrape it with a forensic utility like autopsy, and then recover your shit.

As far as wiping in layers, most of that was voodoo that was based on a theoretical, never done attack described by Peter Guttman on a hard disk manufacturing technique that hasn't been in use since the late 1990s.

As far as solid state drives? There is also no reliable way to recover data off them. ATA Secure Erase over an encrypted drive should be fine.
/u/wekhiu48 📢 Qubes OS + Whonix + USBkill
1 points
6 years ago
I would still wipe with urandom and a secure erase at the same time just in case, especially because not every firmware is trustworthy. :)
/u/0b1sh1n0b1
1 points
5 years ago
So here is the skinny on random overwrites. If you are deleting individual files, overwrite with random, or better yet, garbage data like lorem ipsum, so you don't have a "hole" in the disk.

If you are wiping an entire drive? No matter what voodoo snakeoil you do before hand, leave the last pass all zeros, so it looks empty. Then re-format with whatever blank disk format would be appropriate for the size.

That said, from a forensic standpoint, a FAT volume formatted with windows looks a lot different than windows if viewed with cat
/u/wekhiu48 📢 Qubes OS + Whonix + USBkill
1 points
6 years ago
I have seen cases where data can still be carved out using Scalpel or autopsy. I have also seen cases where the secure erase feature fails to work and you end up being able to carve out data after as well. It is dependant on the solid state drive itself.

There is such a wide variation in solid state drives and their firmware that I would just not take the risk. See below :)

https://www.forensicmag.com/article/2014/10/recovering-evidence-ssd-drives-understanding-trim-garbage-collection-and-exclusions
/u/0b1sh1n0b1
1 points
5 years ago
you can always verify with cat /dev/sdX.

edit: It doesn't hurt to do a doublepass with SSDs
/u/0b1sh1n0b1
1 points
4 years ago
Forgot to add:

look up blkdiscard, its part of GNU core-utils. it uses the sata TRIM command, so it actually clears the data at the cell level on SSDs. There is the -s switch, which is for secure, which ensures the data is wiped from a securit standpoint
/u/Happy2B
2 points
6 years ago
Darik's boot and nuke lol
/u/Global_Originalist
1 points
6 years ago*
Best way to wipe a harddrive is to smash it with a hammer till the pieces are starting to look like sand.
/u/RoofShip
1 points
6 years ago
regarding the SSD point:
in my limited understanding functions like garbage collection and TRIM are making securely deleting stuff even more simple.
The OS can trigger the garbage collection (final deletion of deleted files) by a TRIM command, whenever it suits. There are programs which can trigger TRIM right away.
I know there are certain difficulties and bugs in garbage collection but afaik even smartphones use this.

Sure, we can't target the files directly we want to delete securely but not all hope is lost.

Or am I missing something?
/u/wekhiu48 📢 Qubes OS + Whonix + USBkill
2 points
6 years ago
I have seen cases where data can still be carved out using Scalpel or autopsy. I have also seen cases where the secure erase feature fails to work and you end up being able to carve out data after as well. It is dependant on the solid state drive itself.

There is such a wide variation in solid state drives and their firmware that I would just not take the risk. See below :)

https://www.forensicmag.com/article/2014/10/recovering-evidence-ssd-drives-understanding-trim-garbage-collection-and-exclusions
/u/lordredvampire
1 points
5 years ago
Or just encrypt your HDD with Veracrypt using long password if you can remember it. "I don't remember my password..." :purposefully types random wrong password: - you're good to go.
/u/assortmentking
1 points
5 years ago
Dariks boot N nuke is the way to go.
  • Sponsors
VigorSwap Instant Crypto Exchange
FraudGPT

  • Explore Torhoo!

© Torhoo! 2025

All links are for educational and research purposes only. Torhoo! does not vouch for any site.

Advertise on Torhoo