I'm pretty sure SSDs can't be securely erased the same way as traditional drives. This is mainly due to the inherit characteristics of flash memory and the way that the firmware writes data to the NAND (wear-leveling, TRIM etc. is unpredictable).

ATA secure erase is the recommended method last I checked.

No offense to Damian, but be very careful about accepting the assertion that something is secure. I'm not a security expert, but I am part of the way through the Matasano cyrpto challenges, and my #1 take-away has been that what you think is a secure design rarely is when held to a high level of scrutiny.

The approach the author has taken here would appear to suffer from similar weaknesses present in block ciphers (e.g., AES ECB). The context here is not specifically encryption, but recovering data from "wiped" drives shares some aspects with encryption. Specifically, statistical analysis of the drive state.

Repetition of a block of data will allow an attacker to exploit that pattern in developing statistics about the data that was there before.

In other words, writing a repeating string of random bits is no more secure than writing all zeros.

I thought most disks nowadays support Secure Erase, so there's no need to futz around with dd.

https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase

>As you probably read in advanced security blogs, 7 passes on a disk is a strong erasing option

Is there a single confirmed case of anyone, anywhere recovering any data from a disk that has been overwritten with 0s with dd?

Darik's Boot & Nuke is my usual goto.

http://www.dban.org/

I should make a REST API providing a secure erase service. Simply send your bytes in the POST body and a set of bytes to erase them with is returned!

If you really want to erase your drive quickly encrypt it with an external key... Erase the key, erase the drive.