Erasing hard drives with BleachBit
- aebrown
- Community Administrator
- Posts: 15153
- Joined: Tue Nov 27, 2007 8:48 pm
- Location: Draper, Utah
Erasing hard drives with BleachBit
The official instructions in the Help Center for scrubbing a hard drive of a decommissioned clerk computer are found here: Erasing a Hard Drive. But I found the results to be entirely unsatisfactory.
The instructions say to use BleachBit to first scrub the free space and then shred all folders on the C drive. However, those instructions tell you to do so when Windows is fully running, which of course makes many files inaccessible for erasure. Even allowing for that issue, I found that it left many files intact -- after following those steps, I could still reboot and found that a file containing membership data was on the desktop (yeah, it never should have been there, but the clerk for that ward was not too careful with data security), and LibreOffice could still open that file. So BleachBit completely failed.
I've never used BleachBit before, but I'm completely unimpressed. I've always used DBAN and had great results. Once upon a time, DBAN was recommended by the Church (you can see references in old discussions here, such as this one). But now that DBAN has been acquired by Blancco, when you visit dban.org, it looks like DBAN is now only licensed for personal use. However, that was not always the case; see, for example, this post from Darik Horn (author of DBAN) himself. I'm inclined to use my old version of DBAN, which I got when DBAN was licensed under the GNU Public License. A new owner can't retroactively change the license terms.
Thoughts?
The instructions say to use BleachBit to first scrub the free space and then shred all folders on the C drive. However, those instructions tell you to do so when Windows is fully running, which of course makes many files inaccessible for erasure. Even allowing for that issue, I found that it left many files intact -- after following those steps, I could still reboot and found that a file containing membership data was on the desktop (yeah, it never should have been there, but the clerk for that ward was not too careful with data security), and LibreOffice could still open that file. So BleachBit completely failed.
I've never used BleachBit before, but I'm completely unimpressed. I've always used DBAN and had great results. Once upon a time, DBAN was recommended by the Church (you can see references in old discussions here, such as this one). But now that DBAN has been acquired by Blancco, when you visit dban.org, it looks like DBAN is now only licensed for personal use. However, that was not always the case; see, for example, this post from Darik Horn (author of DBAN) himself. I'm inclined to use my old version of DBAN, which I got when DBAN was licensed under the GNU Public License. A new owner can't retroactively change the license terms.
Thoughts?
- Biggles
- Senior Member
- Posts: 1608
- Joined: Tue May 27, 2008 5:14 am
- Location: Watford, England
Re: Erasing hard drives with BleachBit
The most effective way of destroying data, on a hard drive, I've found is called a hammer.
Doesn't consume a lot of time energy etc., and is 100% effective!
Doesn't consume a lot of time energy etc., and is 100% effective!
- Mikerowaved
- Community Moderators
- Posts: 4734
- Joined: Sun Dec 23, 2007 12:56 am
- Location: Layton, UT
Re: Erasing hard drives with BleachBit
The ability to wipe a drive you booted from isn't covered in the BleachBit documentation, so we have to assume it was written by the church. I think their assumption was if all the folders that can be shredded are shredded, the only thing left is the OS, which doesn't have any sensitive data. Obviously, this is flawed. The best way to scrub a drive is to mount it as a data drive on another PC (either internally, or via a USB adapter) and wipe it there. Another option would be to boot from a USB device or CD/DVD drive with an OS that can access the file structure of the former C: drive making it available for wiping. I used DBAN in this way and never had any issues. It appears BleachBit can also be run as a portable app.
When equipment goes to the recycler, the company(s) the church contracts with either disposes of it (in the proper manner) or resells it. For the latter, the church gets some undisclosed percentage of the sales. Physically damaging the hard drive reduces the resale value of the PC.Biggles wrote:The most effective way of destroying data, on a hard drive, I've found is called a hammer.
Doesn't consume a lot of time energy etc., and is 100% effective!
So we can better help you, please edit your Profile to include your general location.
- Biggles
- Senior Member
- Posts: 1608
- Joined: Tue May 27, 2008 5:14 am
- Location: Watford, England
Re: Erasing hard drives with BleachBit
That is the ideal solution, if you can wipe the data effectively. We have found it very difficult to find a company that will dispose of redundant equipment and give some some undisclosed percentage of the sales! Perhaps this thread might bring forth some leads for this to happen in the UK.Mikerowaved wrote:When equipment goes to the recycler, the company(s) the church contracts with either disposes of it (in the proper manner) or resells it. For the latter, the church gets some undisclosed percentage of the sales. Physically damaging the hard drive reduces the resale value of the PC.Biggles wrote:The most effective way of destroying data, on a hard drive, I've found is called a hammer.
Doesn't consume a lot of time energy etc., and is 100% effective!
-
- Senior Member
- Posts: 2637
- Joined: Sun May 09, 2010 9:16 pm
- Location: Washington, USA
Re: Erasing hard drives with BleachBit
In the USA, some tech stores will accept tech for recycling. They don't give you any credit for them, but I assume they dispose of it properly (at least they claim they do). In my experience, they won't accept Hard Disk Drives (I think they don't want any liability for anything that may be on them). I simply remove the drive and take the rest of the components to their drop-off point rather than put them out with the trash. I'm speaking of personal items that I personally own.Biggles wrote:That is the ideal solution, if you can wipe the data effectively. We have found it very difficult to find a company that will dispose of redundant equipment and give some some undisclosed percentage of the sales! Perhaps this thread might bring forth some leads for this to happen in the UK.Mikerowaved wrote:When equipment goes to the recycler, the company(s) the church contracts with either disposes of it (in the proper manner) or resells it. For the latter, the church gets some undisclosed percentage of the sales. Physically damaging the hard drive reduces the resale value of the PC.Biggles wrote:The most effective way of destroying data, on a hard drive, I've found is called a hammer.
Doesn't consume a lot of time energy etc., and is 100% effective!
It is possible that the church has some system set up for recycling old equipment - I would expect the FM group would know if anyone does as they are the ones who change out unit computers.
- Mikerowaved
- Community Moderators
- Posts: 4734
- Joined: Sun Dec 23, 2007 12:56 am
- Location: Layton, UT
Re: Erasing hard drives with BleachBit
Yes, I'm referring to the recyclers the FM Groups are contracted with.davesudweeks wrote:It is possible that the church has some system set up for recycling old equipment - I would expect the FM group would know if anyone does as they are the ones who change out unit computers.
The fact is, the hard drive isn't ours to remove or destroy. It belongs to the church and we need to follow their guidelines for scrubbing it, which aebrown pointed out are currently flawed.
So we can better help you, please edit your Profile to include your general location.
-
- New Member
- Posts: 5
- Joined: Wed Jun 08, 2011 11:39 am
Re: Erasing hard drives with BleachBit
I agree with aebrown above. The instructions using Bleachbit on the churches website didn't work for me on 4 computers (I lost hours of my life last night ). I'm thinking that if I had uninstalled Sophos first, maybe it would have worked. At the end (the next morning) I had 4 computers in an inconsistent state where Bleachbit would no longer run, even after reinstalling it and the data files were all still there (Shredding folders had failed... "access denied").
SOLUTION: I used DBAN. I created a bootable media using DBAN and quickly ran the default 3 pass scrub option on each computer. It took about 10-15 min to create a bootable DVD and boot to each computer, but then I walked away and 5hrs later all computers were scrubbed completely. No data files or even any system files to boot to. NICE!
I Vote for DBAN, but I did notice that it might not be FREE for organizations... I wonder if this is why we don't use it anymore.
SOLUTION: I used DBAN. I created a bootable media using DBAN and quickly ran the default 3 pass scrub option on each computer. It took about 10-15 min to create a bootable DVD and boot to each computer, but then I walked away and 5hrs later all computers were scrubbed completely. No data files or even any system files to boot to. NICE!
I Vote for DBAN, but I did notice that it might not be FREE for organizations... I wonder if this is why we don't use it anymore.
-
- Member
- Posts: 213
- Joined: Thu Oct 11, 2007 9:36 am
- Location: Utah
Re: Erasing hard drives with BleachBit
For issues with the process outlined on the webpage, please send detailed feedback via the link at the bottom of the page. That is how those over this process can know about the issues being experienced.
-
- Member
- Posts: 64
- Joined: Sun Jan 09, 2011 8:53 pm
- Location: Utah, USA
Re: Erasing hard drives with BleachBit
Hi! I found that BleachBit was too archaic. I've open sourced my solution. You're more than welcome to use it. You can burn it to CD/DVD or image a USB. I provide instructions. This will shred (random write first pass, second pass zeros) across any disk attached to the computer at boot time. After the wipe, the system powers off, so for the large slow disks, you can just let it go and it will power off when complete.
Enjoy!
https://github.com/bretep/debian-custom ... tag/v0.0.1
Pull requests are welcome. The branch I built this on is called shred-disk. If you have docker installed you can clone that branch and increase the passes shred makes. It takes only a few seconds to make a new custom image.
Enjoy!
https://github.com/bretep/debian-custom ... tag/v0.0.1
Pull requests are welcome. The branch I built this on is called shred-disk. If you have docker installed you can clone that branch and increase the passes shred makes. It takes only a few seconds to make a new custom image.
-
- New Member
- Posts: 2
- Joined: Fri Jan 31, 2020 7:56 am
Re: Erasing hard drives with BleachBit
After running bleachbit for hours, I don't think it deleted anything. Thank you Bretep for this solution. It was super easy. Just plug in the USB, boot, and walk away. The next morning the disk was completely wiped. A huge time-saving solution!bretep wrote:Hi! I found that BleachBit was too archaic. I've open sourced my solution. You're more than welcome to use it. You can burn it to CD/DVD or image a USB. I provide instructions. This will shred (random write first pass, second pass zeros) across any disk attached to the computer at boot time. After the wipe, the system powers off, so for the large slow disks, you can just let it go and it will power off when complete.
Enjoy!
https://github.com/bretep/debian-custom ... tag/v0.0.1
Pull requests are welcome. The branch I built this on is called shred-disk. If you have docker installed you can clone that branch and increase the passes shred makes. It takes only a few seconds to make a new custom image.