BCWIPE(1)BCWIPE(1)NAMEbcwipe - securely erase data from magnetic and solid-state memory
(c) 2002-2008 Jetico, Inc. http://www.jetico.com
SYNOPSISbcwipe [-VvsbBdrifhSF] [-m mode] [ -n sec ] FILE...
DESCRIPTIONbcwipe Repeatedly overwrites special patterns to the files to be
destroyed. In normal mode, 35 passes are used (of which 8 are random).
Patterns used were recommended in article by Peter Gutmann
(http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html)
entitled "Secure Deletion of Data from Magnetic and Solid-State Mem‐
ory". In quick mode, U.S. DoD(Department of Defence) 5220.22-M stan‐
dard are used with 7 pass wiping. In custom mode U.S. DoD 5220.22-M
standard are used with user defined number of passes.
OPTIONS-mb German BCI/VSITR 7-pass wiping.
-md U.S. DoD 5220.22M 7-pass extended character rotation wiping with
last pass verification.
-me U.S. DoE 3-pass wiping.
-mf <filename>
Read wiping scheme from file.
-mg 35-pass Peter Gutmann's wiping.
-ms 7-pass Bruce Schneier's wiping.
-mt 1-pass test mode. First 4 bytes of every 512 bytes block will
contain block number.
-mz 1-pass wiping by zeroes.
-m <mode> (custom wipe)
U.S. DoD 5220.22-M n pass extended character rotation wiping with
last pass verification.
-n <delay>
Wait delay seconds between wiping passes. Modern enterprise level
storage systems (NAS, disk arrays etc.) employ powerful caches.
To avoid undesirable caching effects BCWipe allows user to insert
adjustable delay between wiping passes. Please note that when wip‐
ing with delay between passes disk space is freed after the last
pass.
-w (wiping only)
BCWipe version 1.7 (and later) verifies last pass wiping result
according to U.S. DoD 5200.28 standard for all wiping modes above.
Use the option to disable the last pass verification.
-d (do not delete)
Do not delete file(s) after wiping.
-b (block device)
Wipe contents of block devices
-B Disable direct IO mode when wiping block devices
-t <threads>
Wipe and verify block devices in multi-thread mode. BCWipe run
threads worker threads. Useful for wiping multiple disk volumes.
-S (wipe file slack)
Wipe files slack. File slack is the disk space from the end of a
file till the end of the last cluster used by that file. Cluster
is minimal portion of disk space used by file system.
-F (wipe free space)
Wipe free space on specified filesystem.
-s Use ISAAC random number genertor by Bob Jenkins
http://burtleburtle.net/bob Default is SHA-1 (Secure Hash Algo‐
rithm). ISAAC is random faster than SHA-1.
-p Use 64Kb random pattern for random passes instead of full random.
Much faster (especially on slow CPU) but less secure! (not recom‐
mended)
-f (force)
Force wipe files with no write permissions. Also suppress inter‐
active mode.
-r (recurse into subdirectories)
Remove with wiping the contents of directories recursively.
-i (interactive)
Prompt whether to wipe each file.
-I (disable interactive)
Never prompt whether to wipe each file.
-v (verbose)
Explain what is being done.
-l [logfile]
Log actions to file. Log to console if filename is omitted
-h (help)
Display help and exit.
-V (version)
Display version and exit.
Wiping scheme file format
A file specified in -mf option is a text file with wiping scheme.
Scheme passes must be described in following format:
number. {random|complementary|[hex[,hex[,hex[,hex]]]] [, verify]}
random - random pass
complementary - a pass complementary to previous one
hex[,hex[,hex[,hex]]] - wiping pattern, up to four two-digit hexadeci‐
mal numbers
verify - verify wiping pass
EXAMPLESbcwipe-rvf ~/sources # forced wipe of ~/sources directory recursively
with Peter Gutmann's scheme
bcwipe-bvmd /dev/hda # wipe entire /dev/hda disk with 7-pass DoD stan‐
dard
bcwipe-r * # recursive wipe of current directory with Peter Gutmann's
scheme
bcwipe-mfmy_scheme -lwipe.log -b /dev/fd0 # wipe /dev/fd0 floppy with
scheme from my_scheme file; write log to wipe.log file
Contents of my_scheme file from previous example:
1. random, verify
2. complementary
3. AA, A5, 55, verify
AUTHOR
Original version: Jetico, Inc. <support@jetico.com>
SEE ALSObctool(8)Unix Mon Feb 4 2008 BCWIPE(1)