free software to write zero to all free space

[cv65user]

i am cloning ext2/3 partition with norton ghost but i ahve to used the clone all raw data mode otherwise norton ghost will only produce a 5mb file wheras in actual fact linux install using 4gb at the moment

how do i write zeros to all parts of the remaining partitions free space - i will need an app for windows also .

 

[DeaconFrost]

You are lucky that this site doesn't charge by the question. At least you are starting to put them in the right subforums though...I'll give you credit for that. Why would you need to zero out a drive that is still in use? Since you mentioned Ghost, you may have a program called gdisk. I run that from a bootable USB flash drive if I need to zero out an entire drive. It should do just partitions, but there'd be no need to do so on a drive that's still in use.

 

[alan2308]

The OP is not asking about zeroing an entire drive/partition, just the unused portions.

For an ext2 partition, take a look at Wipe2fs and for Windows Eraser.

 

[DeaconFrost]

The OP is not asking about zeroing an entire drive/partition, just the unused portions.

Yes, I know. That's why I asked what the point of that would be. The only times I've ever had to zero out a drive is when I was switching from Windows to Linux or vice versa, so I could kill the MBR...and even then, I didn't need to do a zero fill. Gdisk can kill the partitions and the MBR as well, so that's what I asked the question....because there isn't much of a need to do so. My guess is, the OP simply wants to clear a partition, in which case something like GParted or PartedMagic would do it.

 

[alan2308]

The only time I would worry about zeroing a drive or any part of it is in cases where there is some security/privacy issue and I wouldn't want to be cloning that disk anyway. But I've seen this question asked a few times before in a couple other places, so I didn't think the question to be that odd.

 

[DeaconFrost]

And how many times do we see questions asked by an OP who is using the wrong terminology to express what they are actually trying to do? A good help desk support specialist asks questions themselves, instead of just spitting out answers. I asked, because zeroing out the drive is probably not what the OP is trying to achieve, since the disk is still in use.

 

[cv65user]

You are lucky that this site doesn't charge by the question. At least you are starting to put them in the right subforums though...I'll give you credit for that. Why would you need to zero out a drive that is still in use? Since you mentioned Ghost, you may have a program called gdisk. I run that from a bootable USB flash drive if I need to zero out an entire drive. It should do just partitions, but there'd be no need to do so on a drive that's still in use.

erm ok whats with the greif Why would you need to zero out a drive that is still in use? = security purposes

and no i asked to zero out unsed space not whole hdd/partitions

 

[cv65user]

The OP is not asking about zeroing an entire drive/partition, just the unused portions.

For an ext2 partition, take a look at Wipe2fs and for Windows Eraser.

thx for taking time to read my post

 

[cv65user]

The only time I would worry about zeroing a drive or any part of it is in cases where there is some security/privacy issue and I wouldn't want to be cloning that disk anyway. But I've seen this question asked a few times before in a couple other places, so I didn't think the question to be that odd.

cases where there is some security/privacy issue and I wouldn't want to be cloning that disk anyway .

spot on

 

[cv65user]

And how many times do we see questions asked by an OP who is using the wrong terminology to express what they are actually trying to do? A good help desk support specialist asks questions themselves, instead of just spitting out answers. I asked, because zeroing out the drive is probably not what the OP is trying to achieve, since the disk is still in use.

couild you tell me where i lack engilsh please as other people manage to understand what my question was

 

[DeaconFrost]

It isn't me that's not understanding. What's the security purpose in zeroing out a drive that you are going to still keep and use? It doesn't make sense, especially when simply zeroing out a drive isn't doing a whole lot for security. That data can still be recovered with the right software.

You also aren't realizing the point of view others can see. Many people come in here asking a lot of questions, using terms they heard or read in another thread, instead of getting right down to what they need to ask. I'll stand by my comments that I was asking you to clarify what you wanted to do, because there is no purpose to zeroing out a drive (for any reason, especially security), if you are keeping the drive. This goes double for a drive with a valid partition on it that is still in use. You didn't like being askd to clarify, and you didn't like being told that you were wasting your time and efforts....that doesn't make my answers less valid. I completely understood what you were asking. The problem is...I don't think you understood what you were asking. Worry about killing the data on a drive for security purposes when you are going to sell it or pass it on to someone else....not when you are still currently using the drive.

 

[XOR != OR]

Just a quick point that's already been made; zeroing out a drive does nothing for security. I have seen data recovery specialists pull of a recovery after such an operation.

Much better to use a utility like DBAN if you are interested in wiping a drive.

 

[cv65user]

It isn't me that's not understanding. What's the security purpose in zeroing out a drive that you are going to still keep and use? It doesn't make sense, especially when simply zeroing out a drive isn't doing a whole lot for security. That data can still be recovered with the right software.

i wont bother typing another essay , ill just queitly qoute another user and jog on

The only time I would worry about zeroing a drive or any part of it is in cases where there is some security/privacy issue and I wouldn't want to be cloning that disk anyway. But I've seen this question asked a few times before in a couple other places, so I didn't think the question to be that odd.

 

[TechieSooner]

i wont bother typing another essay , ill just queitly qoute another user and jog on

I'll be the third one to tell you this. Maybe you'll listen this time.

Zeroing out a driver does nothing for the security of a drive.

But for informational purposes: Even if you did zero out the drive, if you are still actively putting sensitive data on it, what the heck does it matter? Just a waste of time.

The only time you should nuke the data on a hard drive is really if you are giving it away to someone else. And simply "zeroing" it out isn't enough. You need to write random data all over it: several times. DBAN is great for that, and it can take DAYS to accomplish.
If you want 100% security, physically destroying the drive and burning it in a fire is really the only way to go about it.

 

[cv65user]

look i am the one who asked the fllping question , so if you have ideas . give it . if u dont and want to cause greif do it with your daughter

i asked the question to write zero to free space on existing partition in use . so dont question me why this and that , and then conclude a low level format when thats is not what i was looking to acheive

 

[eeyrjmr]

There is actually an advantage to zero'ing free space and since the OP is mentioning cloning a partition THIS is the case

Depending on how good the cloning software is it either examines the filesystem AND only copies those areas of the disk that have been allocated OR it does a byte-by-byte copy

If it is a byte-by-byte copy and the image is then compressed it can be orders of magnitude greater then if the disk free-space was filled with repetitive data (compression algo like repeated data)

dd if=/dev/urandom of=/dev/sdc1 && dd if=dev/sdc1 | gzip > /mnt/backup/backup.gz
dd if=/dev/zero of=/dev/sdc1 && dd if=dev/sdc1 | gzip > /mnt/backup/backup.gz

the 2nd line WILL produce a small file by orders of magintude


There is an app out there for linux that will zero free space iirc, I just can't remember it atm

 

[Shadow2531]

The OP is not asking about zeroing an entire drive/partition, just the unused portions.

For an ext2 partition, take a look at Wipe2fs and for Windows Eraser.

I've used eraser a few times. After it securely wipes the free space though, things will look scary till you restart. Before you restart, some apps will fail to start, text from dialogs will be missing etc. When you restart though, all will be well.

Using Eraser or a similar program should highly reduce data recovery concerns (assuming you deleted everything that needed to be deleted before-hand).

And, I'm not sure if it's true, but I've heard some say that if you have a perpendicular drive, even recovery labs will have a hell of a time trying to get the wiped data. If so, one is probably safe enough.

However, one should know what to do if they want to eliminate all chances of recovery. The op seems to want something that's just good enough.

 

[MrWizard6600]

Why so cranky?

In comparison to some of the people on these boards, I'm no drive expert...

But how could anyone make the argument that zeroing something serves no security purpose? You create a file, you delete it in the OS, the OS removes its listing in the file system and it takes software less sophisticated than a word processor to pull it back. You create a file, and then you ask some aftermarket program to zero the bits in the sectors containing the data for that file. Yeah, you can pull that data back off because the physical vertical cells on the hard drive will hold a residual charge, by subtracting (on a logarithmic scale) a known instruction (ie you know how many times he'd zero'd it) from a bit you can find its previous charge, theoretically. In actuality the CIA and perhalps some well funded private organizations might* have the hardware to do this. You wouldn't be able to do that from a standard hdd setup. Once a bit has been written to you'd have a helluva time finding out what its state was before you wrote to it.

But anyways, I dont understand exactly what the OP is trying to do so I guess I'll shut up.

 

[Joe Average]

While I've seen this thread roll on over the past few days, I honestly haven't got a clue what the OP really wants done. I think people are making assumptions based on the OPs's lackluster and very vague statement(s) made in that first post, and although I pride myself on being able to weed through such stuff more often than not, I'm at a complete loss.

What I will say is that people are most certainly making assumptions that this "write zeros" crap is for a security reason - the OP has not made any such statements and only alluded to it in that one post above by quoting someone else. That's not helping his case at all... if he wants advice on how to securely wipe his drive or the free space on it, he needs to - or at the bare minimum he should have - come right out and say as much and stop beating around the bush while posters toss out their ideas and opinions as they're being tossed out.

I would argue simply from the standpoint of this:

If it's for a security based reason, use DBAN or Eraser or something that can wipe free unused space on a drive/partition.

If it's not for a security reason, I can't see any logical reason for putting the drive through such a procedure since it's effectively useless and absolutely unnecessary just for installing another OS or application. If he wants to wipe the free space just for shits and giggles, he's got his answer.

"That's how I see it..."

 

[DeaconFrost]

I'm at a complete loss.

Thank you. How many times in the "support" world, do you see someone asking for something other than what they actually need.

 

[TechieSooner]

What I will say is that people are most certainly making assumptions that this "write zeros" crap is for a security reason - the OP has not made any such statements and only alluded to it in that one post above by quoting someone else.

I beg to differ.

Why would you need to zero out a drive that is still in use? = security purposes

The OP was the one who cited security reasons for doing this, and writing zeros across the hard disk is no way of "protecting" your confidential files.



If it's any different than that, the OP seriously needs to take a communications course.

 

[Shadow2531]

This is what I got out of the op:

Op wants to use norton ghost but needs to use the method that clones all raw data (which I assume includes free space then) because the other mode won't work properly.

With that said, it seems desired that if you're going to have to clone the free space too, you might as well have it zeroed out so that the img produced from the clone process doesn't contain deleted files in the raw data.

That way, you get a cleaner img, which doesn't have any old deleted data hiding around in it.

So, zeroing free space on the drive to prep it for a raw data clone process might be desired.

I don't use norton ghost, so I'm not sure of its capabilities and if it provides its own way of dealing with this.

 

[Whatsisname]

we'll question you all we want, this board is not your personal question-answering service.

look i am the one who asked the fllping question , so if you have ideas . give it . if u dont and want to cause greif do it with your daughter

i asked the question to write zero to free space on existing partition in use . so dont question me why this and that , and then conclude a low level format when thats is not what i was looking to acheive

 

[eeyrjmr]

This is what I got out of the op:

Op wants to use norton ghost but needs to use the method that clones all raw data (which I assume includes free space then) because the other mode won't work properly.

With that said, it seems desired that if you're going to have to clone the free space too, you might as well have it zeroed out so that the img produced from the clone process doesn't contain deleted files in the raw data.

That way, you get a cleaner img, which doesn't have any old deleted data hiding around in it.

So, zeroing free space on the drive to prep it for a raw data clone process might be desired.

I don't use norton ghost, so I'm not sure of its capabilities and if it provides its own way of dealing with this.

I see someone else is able to read as well.
Thats what I said. THAT is the only time zero'ing or one'ing free space is viable

jrb@FluidMotion ~ $ dd if=/dev/urandom count=10000 | gzip > /tmp/test.1 && du -h /tmp/test.1 
10000+0 records in
10000+0 records out
5120000 bytes (5.1 MB) copied, 1.31835 s, 3.9 MB/s
5.0M    /tmp/test.1
jrb@FluidMotion ~ $ dd if=/dev/zero count=10000 | gzip > /tmp/test.2 && du -h /tmp/test.2
10000+0 records in
10000+0 records out
5120000 bytes (5.1 MB) copied, 0.0730637 s, 70.1 MB/s
8.0K    /tmp/test.2

just look at the difference


And if ppl want to go along the security lines, zero'ing free space would be good from an IMAGE point of view not just from a compression point of view

 

[cv65user]

This is what I got out of the op:

Op wants to use norton ghost but needs to use the method that clones all raw data (which I assume includes free space then) because the other mode won't work properly.

With that said, it seems desired that if you're going to have to clone the free space too, you might as well have it zeroed out so that the img produced from the clone process doesn't contain deleted files in the raw data.

That way, you get a cleaner img, which doesn't have any old deleted data hiding around in it.

So, zeroing free space on the drive to prep it for a raw data clone process might be desired.

I don't use norton ghost, so I'm not sure of its capabilities and if it provides its own way of dealing with this.

that is exactly my reason . ,

1. cloning zero'd out space allows norton to do its job slightly faster as experienced
2. norton can then compress all that zero'd out space at a much higher compression ratio as there is no random redundant bit to cause a gap

 

[cv65user]

I see someone else is able to read as well.
Thats what I said. THAT is the only time zero'ing or one'ing free space is viable

jrb@FluidMotion ~ $ dd if=/dev/urandom count=10000 | gzip > /tmp/test.1 && du -h /tmp/test.1 
10000+0 records in
10000+0 records out
5120000 bytes (5.1 MB) copied, 1.31835 s, 3.9 MB/s
5.0M    /tmp/test.1
jrb@FluidMotion ~ $ dd if=/dev/zero count=10000 | gzip > /tmp/test.2 && du -h /tmp/test.2
10000+0 records in
10000+0 records out
5120000 bytes (5.1 MB) copied, 0.0730637 s, 70.1 MB/s
8.0K    /tmp/test.2

just look at the difference


And if ppl want to go along the security lines, zero'ing free space would be good from an IMAGE point of view not just from a compression point of view

that is exactly my reason . ,

1. cloning zero'd out space allows norton to do its job slightly faster as experienced
2. norton can then compress all that zero'd out space at a much higher compression ratio as there is no random redundant bit to cause a gap

thanks for the proof , dont know where i would be standing with these amateurs without you

 

[cv65user]

we'll question you all we want, this board is not your personal question-answering service.

ok fine , no where in post did i mention its for secutrity purposes so can everyone stop querying it from a security view . its for a fastest method efficient cloning purposes

 

[Joe Average]

If you'd simply stop using sector-by-sector imaging you wouldn't have to deal with any of this bullshit. There is absolutely no reason to do sector-by-sector imaging, there never has been as the imaging software will look at the directory structure and see every bit of data that actually exists on the drive/partition and then put that in the image - the stuff that doesn't "register" as active data isn't put into the image - hence, the process takes the same amount of time (ok, I'll admit, theoretically the same) if you were to do either of the following:

- image only the actual data on the drive only (free space is marked as such)
- wipe the free space where there is no data and then image (with markers to where that free space is)

This is ridiculous, plain and simple. Why this thread is still going is beyond me (and yes I felt it necessary to make this final post but that's that), and again I go back to my other post in another thread about a communication issue. If you want the fastest imaging method, get Acronis True Image, tell it to image your drive, done - the default settings with TI will leave Ghost in the dust.

"What we have here... is a failure... to communicate..."

 

[TechieSooner]

ok fine , no where in post did i mention its for secutrity purposes

Why would you need to zero out a drive that is still in use? = security purposes

 

[DeaconFrost]

that is exactly my reason . ,

1. cloning zero'd out space allows norton to do its job slightly faster as experienced
2. norton can then compress all that zero'd out space at a much higher compression ratio as there is no random redundant bit to cause a gap

Based on these comments, I have to wonder if you've ever used Ghost before. First off, Ghost's speed doesn't increase when writing to a zero'd out drive. It simply overwrites whatever is there. I've ghosted the same images to hundreds of drives in all states, and the formatting or lack there of, of the destination disk doesn't have any affect on speed. Secondly, when you are creating an image, Ghost only compresses the data that's there....it ignores free space. If you Ghosted an 80 GB drive with 10 GB of data, versus a 250 GB drive with the same 10 GB of data on it, your resulting images would be the same size. Which all goes back to why I asked, in the very first place, why you would even bother zeroing out a drive you were currently using, and would continue using. There's no reason to, but that's been very well established already. My original assumptions were correct about your line of questioning, and it's a damn shame it took this long to get down to it. If you had just properly communicated what you were trying to do in the first place, we could have gotten right down to the answers. Looks like Joe Average was right again. If you are experiencing those issues with Ghost that i quoted, then post that, so we can make sure you are running through the Ghost process properly.

 

[jb_hafo]

bootit next generation, at least, decreases from say 7 CD's to 5 CD's
(not cd's but the image files' sizes), partition.img, partition.001, partition.002 etc
if
a certain BSD partition is "dd- 'd" previously (which I think zeroes it).
........
all approximate.

 

[ZzBloopzZ]

Make sure to use the latest DBAN v2.0 beta. The stable release does not work too well on newer systems with SATA. I personally use this and love it.

 

[nessus]

Uh. A reason to zero out free space in a partition.

Variable size virtual hard disks and VMs. Zero free space before compacting to remove unused space. Some VM hosting software doesn't come with a zero'ing utility (Virtual PC 2003, Virtual Server 2005) to run before using the compacting tool.

On windows 2000 or later (non-home editions, the OS being used has to support EFS), just use "cipher /w". Cancel execution after the first pass or as soon as the progress dots start showing up in a hurry and you are past the end of used space in the VHD file.

If it is for security reasons, let all three passes complete. It writes 0's, F's, then random data to all the free space.