I used dd if=/dev/zero of=/dev/sda bs=4096
For wiping a disk.
Can be the blocksize a security risk or is it just speeding the thing up.
Sorry for my bad english
11 Answer
Assuming you're just using a regular hard drive, the block size doesn't have any impact beyond performance.
If it's an SSD, it might have some security impact, but you can't really securely wipe an SSD using dd anyway, so it doesn't matter much (and if you just want to nuke everything to reuse an SSD, just use blkdiscard on it instead).
However, dd isn't secure, and it's not really high performance either, regardless of the block size. I would suggest looking into DBAN for wiping disks. In addition to having options for securely wiping traditional hard drives, it also includes a quick zero-fill mode that does the same thing you are with dd, but much faster in most cases.
Edit in response to questions about the security of dd for wiping disks
Using dd to wipe a hard drive isn't a secure method of wiping a disk for a couple of reasons:
- It doesn't wipe reallocated sectors. Almost any hard drive will eventually reallocate bad sectors. Once this happens, you can't touch those sectors at all unless you use some special firmware or completely bypass the disk controller (which requires soldering and a lot of somewhat arcane knowledge about the particular disk drive). This means that even if you fill every accessible byte of information with null bytes, any sectors that were bad will still contain what data they did when they got re-allocated (and in most cases, most of that data is recoverable). This actually applies to wiping via other non-physical methods as well, and as such if your disk has reallocated sectors and you need to make sure it's wiped, you need to use non-electronic means to do so.
Overwriting a sector on magnetic media doesn't completely eliminate all traces of the previous data. These traces can't be accessed via the regular disk interface, but a well funded attacker can use an atomic-force microscope to observe these traces.
To make an analogy, imagine using a pencil to write on a thick pad of paper. Once you tear off the top sheet, the impressions from writing on that sheet will still be faintly present on the next few sheets, and can be recovered using any of a number of reasonably simple means.
This is why all major comercial disk wiping products make multiple passes using different patterns. Each subsequent pass weakens the traces of the original data, making it harder and harder to recover.
It's even worse for an SSD, even though they don't have the second issue listed above, because there are all kinds of other things that can get in your way:
- Most modern SSD's use a copy-on-write block mapping. This means that when you write to a given location as seen by the OS, you're not actually overwriting the data already at that location, you're writing to a new physical location in the device's media, and possibly copying some existing data from the old location.
- All modern SSD's, whether they use a copy-on-write block mapping or not, are over provisioned and do some form of wear-leveling. This means that at any given point in time, you can't actually access every single byte of flash memory on the device, and essentially causes the same issues that reallocated bad sectors do with wiping hard drives.
- Some SSD's use in-line compression to improve storage efficiency. This means that the exact data written in each block of flash memory may be different from what you are trying to write.
- Some SSD's use in-line deduplication to improve storage efficiency. THis means that any given block of data you write may not actually translate to writing anything at all to flash memory on the device.
Given all of this, if you actually care about security, don't try to wipe SSD's electronically (If it's a TCG Opal compliant SED however, and you trust the manufacturer, take that route), and don't' try to wipe hard drives electronically if they show any evidence of past bad sectors.
8
