Well, what do you know, since 2001, nearly every HDD under the sun comes with a Secure Erase feature, as it is part of the ATA standard.
The even better news is that
hdparmfully supports it (is there anything hdparm can't do?), thus, if you're on Linux and you need to securely erase all the data from a drive, all you need to do, say, if your disk is /dev/sdb, is:
# hdparm --user-master u --security-set-pass p /dev/sdb security_password="p" /dev/sdb: Issuing SECURITY_SET_PASS command, password="p", user=user, mode=high # hdparm --user-master u --security-erase p /dev/sdb security_password="p" /dev/sdb: Issuing SECURITY_ERASE command, password="p", user=userAfter a while, you should find that your drive has been securely erased. Neat!
VERY IMPORTANT NOTE: If you want to reuse the drive after the secure erase is complete, you MUST issue the following command to remove the lock.
# hdparm --security-disable p /dev/sdb security_password="p" /dev/sdb: Issuing SECURITY_DISABLE command, password="p", user=userThis is because, if you don't disable security, the drive will be kept locked, which will produce ATA/SATA interface errors and prevent any write access!
Note that if you want to find out whether the security erase/enhanced erase feature is supported at all, as well as how long that erasing is going to take, you probably want to issue the following beforehand:
~# hdparm -I /dev/sdb /dev/sdb: ATA device, with non-removable media Model Number: SAMSUNG HD322GJ Serial Number: XXXXXXXXXXXXXX Firmware Revision: XXXXXXXX Transport: Serial, ATA8-AST, SATA 1.0a, SATA II Extensions, SATA Rev 2.5, SATA Rev 2.6 (...) Security: Master password revision code = 65534 supported not enabled not locked not frozen not expired: security count supported: enhanced erase 48min for SECURITY ERASE UNIT. 48min for ENHANCED SECURITY ERASE UNIT.