wipe
Securely erase files from storage devices
SYNOPSIS
wipe [options] file...
PARAMETERS
-r, --recursive
Recursively wipe directories and their contents. Required for directory wiping.
-f, --force
Force wiping without confirmation prompts. Use with caution.
-q, --quiet
Suppress most output, only showing errors.
-i, --info
Show progress of wiping during operation.
-k, --keep-going
Continue wiping other files even if an error occurs on one file.
-s
Specify the number of wiping passes. Default is 4.
-S
Use a specific standard wiping pattern. Patterns include 'dod' (DoD 5220.22-M), 'gutmann', 'random', 'zero', etc.
-p, --paranoid
Use the Gutmann method (35 passes) for maximum security. Implies `-s 35`.
-x, --exit-on-error
Exit immediately if any error occurs during wiping.
-v, --verbose
Increase verbosity, showing more detailed output.
-Z, --zero
Wipe with a single pass of zeros. Faster but less secure.
-c, --clean-names
Also attempts to clear the file name from the directory entries (inode zeroing for ext2/3/4). Not always effective on all filesystems.
-o, --only-name
Only attempt to clear the file name, without wiping the file content.
-D, --delete-dir
Also destroy the directory entries of wiped files after they are gone. Use with `-r`.
-h, --help
Display help message and exit.
-V, --version
Display version information and exit.
DESCRIPTION
The wipe command is a utility designed for securely erasing data from files, directories, or entire storage devices. Unlike standard deletion methods (like `rm`), which only remove the pointer to the data, leaving the actual data on the disk, `wipe` overwrites the data multiple times with various patterns (e.g., random data, zeros, or specific algorithms like DoD 5220.22-M or Gutmann). This process makes the original data virtually impossible to recover, even with advanced data recovery techniques. It's crucial for protecting sensitive information before disposing of storage media or sharing computers. `wipe` supports recursive deletion for directories, can force operations without confirmation, and offers various levels of wiping intensity.
CAVEATS
Using wipe on Solid State Drives (SSDs) can be problematic. SSDs use wear-leveling and block remapping, meaning data might be moved to different physical locations, and overwriting a 'logical' block might not overwrite the 'physical' block. Repeated wiping can also reduce the lifespan of an SSD.
Be extremely careful when wiping entire partitions or disks (e.g., `/dev/sda`). Ensure you have selected the correct device, as data loss is irreversible. It is recommended to use `wipe` as a non-root user when possible, and only as root when absolutely necessary for devices or system files.
The effectiveness of secure deletion methods depends on the underlying filesystem and hardware. Some sophisticated recovery methods might still retrieve fragments of data under specific circumstances.
WIPING METHODS
wipe implements several data sanitization methods. The default method involves multiple passes of different data patterns (e.g., pseudo-random data, specific bit patterns) followed by a final pass of zeros. More secure methods like the Gutmann method (35 passes) or the DoD 5220.22-M standard (7 passes) are available via options, each providing increasing levels of data unrecoverability at the cost of longer execution times.
DEVICE WIPING
Beyond individual files, wipe can be used to securely erase entire disk partitions or physical drives. When wiping a device (e.g., `/dev/sdX`), wipe writes directly to the raw device, ensuring all accessible sectors are overwritten. This is particularly useful for decommissioning old hard drives or USB sticks. Always ensure the device is unmounted before attempting to wipe it to prevent data corruption or errors.
HISTORY
The `wipe` command has been around for many years, offering a robust solution for secure data deletion. Its development aimed to provide a more thorough alternative to the simple `rm` command, adhering to various government and industry standards for secure data sanitization (like DoD 5220.22-M). While other tools like `shred` exist, `wipe` often provides a broader range of options for secure wiping methods and handling different types of storage devices and filesystems, making it a valuable utility in data security contexts.