MX Linux Forum

I take in old laptops and replace the operating system with Linux. These are given away to kids who need them. I have a machine which is 32 bit and I’ve put MX Linux on it, replacing Windows. How do I go about wiping the free space to protect the privacy of the donor please?

Thanks for your help…..

Bleachbit.

(Also there's a way (dd) to do that manually, if you like).

Thanks, I’ll take a look at that. Is Bleachbit already in the MX Linux distro?

Not ootb but can be installed either with cli or MXPI.

However the one in the repo may be a bit older. You can (as I always do with new releases) right-click on the downloaded deb file: "Install Deb Files".:

https://www.bleachbit.org/download/file ... bian12.deb


( Assuming it's Bookworm. Otherwise for older Debians: https://www.bleachbit.org/download/linux )

If you fire up gparted, with that remove all the partitions, then format the one thing to ext4, and then start setting up for a new install, I wager that is sufficient.

Yes but (re)formatting doesn't really wipe data (still recoverable).. hence such methods to "overwrite" data: either using zeroes or 1/0 randomly.

Thanks everyone. Lots for me to look at. j

Kermit the Frog wrote: Sat Nov 23, 2024 3:11 pm Yes but (re)formatting doesn't really wipe data (still recoverable).. hence such methods to "overwrite" data: either using zeroes or 1/0 randomly.

Nobody is going to pay money or make the effort to recover the data of a laptop that has MX installed on it. Way too much trouble and no payoff.

There was a live cd I used to use for secure wipes.

I think this is it. https://dban.org/

Kermit the Frog wrote: Sat Nov 23, 2024 3:08 pm Not ootb but can be installed either with cli or MXPI.

However the one in the repo may be a bit older. You can (as I always do with new releases) right-click on the downloaded deb file: "Install Deb Files".:

https://www.bleachbit.org/download/file ... bian12.deb


( Assuming it's Bookworm. Otherwise for older Debians: https://www.bleachbit.org/download/linux )

Got that running now. Thank you!

Jeffrey wrote: Sat Nov 23, 2024 3:56 pmGot that running now. Thank you!

You're welcome :)

Eadwine Rose wrote: Sat Nov 23, 2024 3:34 pmNobody is going to ...

But the question is not "would you / would they ..."

dolphin_oracle wrote: Sat Nov 23, 2024 3:42 pm... cd I used to use for secure wipes...

In fact (as you might already know) even no need to any software. With "any" Linux:
Since there's no limit, it goes on infinitely ... Then stops with a message saying "No Space Left on Disk" (or so) ... ( You've just written zeros to all free space ) ... then just delete the anyname.txt either "Shift+Delete" in file manager or sudo rm anyname.txt in terminal.

(Of course one may use random or urandom (preferred over random: "unlimited" /non-blocking random source) instead of zero if they like, that may take a bit longer time.)

@Jeffrey

Kermit the Frog wrote: Sat Nov 23, 2024 4:16 pm But the question is not "would you / would they ..."

The question is not "would they" but "could they".

This has been a recurring question for several decades. A web search for "DOD 5220.22-M" returns a number of dry U. S. Department of Defense links to documents, and then several proprietary software sales pages promoting how well their software can securely delete traces of old data off of old hard disks.

Way back when all reusable storage was spinning platters, someone declared the magic number was 35 and the ritual was to overwrite all content on the disk with some combination of ones, zeroes, a pseudorandom mix of ones and zeroes, and then finally another pass of zeroes.

This devolved into people arguing over how to generate the best pseudorandom numbers to use.

Eventually this got simplified to 7 passes, then 3. Nowadays, mercifully, the National Security Agency unambiguously says: "Physical destruction is the only secure way to ensure your data is gone."

This will devolve into people arguing over what is the best kind of hammer to use.

I happen to still like Darik's Boot and Nuke and avoid the proprietary tools that swear they're more better-er. Somewhere around here I still have an old dban-2.0-something CD-R I burned many years ago, and I accidentally scrounged up no fewer than two old floppy diskettes still labeled "dban-1.0.7".

So your best bets to wipe a disk are:

• safest: wipe drive with Darik's Boot and Nuke, then install MX
• least amount of erasing: install MX on a tiny partition, create new partition containing all remaining free space, dd if=/dev/zero over that new partition, delete the new partition, expand the MX partition to fill the entire disk
• lazy: install MX, use BleachBit to wipe free space
• lazier: dd if=/dev/zero over the entire drive once, then install MX
• laziest: do nothing because few if any people will take interest in reading latent bytes from a refurbished machine running an ext4 partition

All of these options have a pro and a con to them, so it's up to you to decide what kind of security margin you're willing to accept and how much effort you want to put into it. We can safely say that if an interested nation state can obtain any of these drives, they will be able to extract latent data from it no matter what you do[0]. By repurposing the drives, there is some amount of risk in someone snooping around and looking into what used to be on them, no matter how minor. Hopefully you're not reusing drives from people who have nuclear secrets or military contingency plans for if Switzerland invades Uruguay. For sanitizing people's old tax documents and bikini photos though, dd, BleachBit, and DBAN are all adequate countermeasures.

[0] Shy of demolishing the hardware and/or incinerating the drives. NSA recommends a temperature no less than 670°F or 355°C.

Last time I looked DBAN's freeware version only wipes HDs. If you want to use it for SSDs you need to pay a fee.

I would probably use a file encryption utility such as Veracrypt to format the drive/partition, which would result in random data being written from start to finish.

Kermit the Frog wrote: Sat Nov 23, 2024 3:08 pm Not ootb but can be installed either with cli or MXPI.

However the one in the repo may be a bit older. You can (as I always do with new releases) right-click on the downloaded deb file: "Install Deb Files".:

https://www.bleachbit.org/download/file ... bian12.deb


( Assuming it's Bookworm. Otherwise for older Debians: https://www.bleachbit.org/download/linux )

By the way, the version of Bleachbit in the MX 21 and 23 test repos is the current 4.6.2.