v0.40

New Features and improved performance in V0.40

• Upon initialization, nwipe identifies and sets the most efficient Pseudo-Random Number Generator (PRNG) as the default, based on a real-time hardware performance test. Thanks to @Knogle #698 #699 #700 #706
• AES-256-CTR PRNG that utilizes native AES-NI instructions to significantly boost data-wiping throughput on compatible CPUs. Thanks @Knogle #695 #660 #659
• Implemented a new wipe method, the BMB21-2019 Chinese State Secrets Bureau standard Technical Requirement for Data Sanitization. Thanks @xicaixiaokeke #668
• Implemented Direct I/O with large buffers as the default wipe method, reducing write instructions and boosting throughput. This change cut wipe completion times by 5–10% in tests and significantly lowered CPU load—especially on high-density servers wiping 10+ drives simultaneously. Kernel cached I/O remains available via command-line switches. Thanks @Knogle #683
• Added support for host UUID, serial number, and custom tags in PDF report headers. These options can be configured and toggled in the nwipe config menu ('c'), accessible from the nwipe drive selection screen and are saved to nwipe's config file, /etc/nwipe/nwipe.conf for persistent configuration between restarts." Thanks @PartialVolume #709
• Added a new GUI “device topology” view, opened with the 't' key from the device selection screen. Useful if you want to check which device controller, which HBA, etc. your drive is attached. This improves safety and usability on systems with multiple controllers by clearly showing the physical attachment path of each drive without changing wipe behaviour. Thanks @Knogle #697
• Enhanced the --exclude option to match devices by their underlying block device ID (major/minor), allowing persistent identifiers in /dev/disk/by-id/ and /dev/disk/by-path/ to be used safely. Legacy string-based matching is preserved. Thanks @Knogle #686
• The internal PRNGs are now seeded via getrandom(2) rather than through a long-lived file descriptor to /dev/urandom, to improve reliability. Thanks @Knogle #680

Resolved issues

• fixed: To resolve issues with partition wipes, as opposed to whole disc wipes, nwipe now includes the device name in the PDF report filename. Previously, when wiping specific partitions (e.g., sudo nwipe /dev/sdc3 /dev/sd4 /dev/sd5) via the CLI, the absence of a disk model or serial number caused PDF filenames to conflict and overwrite each other. This update ensures unique filenames and prevents data loss when processing multiple partitions. Thanks @PartialVolume #676
• Add static linking libraries that are required by parted 3.6 @deamen #655
• fixed: some declaration changes to satisfy gcc 15 Thanks @Knogle & @xandris #663 #658
• Optimised that header code that generates the PDF reports. Thanks @PartialVolume #678
• fixed: respect no-blanking methods in --nogui mode. This fixes an issue where a default blanking pass was added to methods which do not support it when in --nogui mode. Existing GUI code overriding the option is never called in --nogui mode, Thanks @desertwitch #682
• fixed: sanitize device serial numbers and fix uninitialized/fallback handling. Thanks @Knogle #690
• fixed: Automatically create PDF report directory if missing and improve permission model Thanks @Knogle #693
• optimise: Validate autonuke and nogui for valid values and harden logic by not using assumptions in if statements for binary values and switching to case statements for value specific checks. Thanks @PartialVolume #701
• fixed: Improve str_truncate to fix memory error detected in valgrind #702
• fixed: Require strict input of long form options, i.e no abbreviations allowed!. Command line option syntax as specifically described in nwipe --help and nwipe man page are only allowed. Corrects a 'feature' in GNU getopt_long(). Thanks @PartialVolume #705

v0.39

What's Changed

• Fix model name Endian for Sandisk-SunDisk drives by @PartialVolume in #643
• Implement Bruce Schneier 7-Pass wiping method by @Knogle in #648
• Some cleanup in options.c, added missing xoroshiro256_prng argument i… by @Knogle in #651
• fix: some declaration changes to satisfy gcc 15 by @Knogle in #663
• Removed EXPERIMENTAL! comments for ALFG and Xoroshiro due to their ma… by @Knogle in #652

Full Changelog: v0.38...v0.39

v0.38

v0.38

includes the following changes:

• Fixes type error, relevant to i686 (32 bit) only. Fixes a compile error on some distros. #588 Thanks @Knogle
• Added feature relevant to ShredOS only, the f key will toggle the font size, standard size to double size, has no action for other xorg/wayland distributions. The f key is available in the drive selection and progress screens only. Note that in earlier commits in this release the d key was programmed however this is now the f key to toggle font size. #589 #635 Thanks @PartialVolume
• Fixes a issue where SAS drives always respond with hidden sectors = ???, i.e warning. This patch fixes the problem so that a SAS drive responds with hidden sectors = not applicable. A SATA drive connected to a SAS interface should still respond with yes or no subject to the interface passing HPA and DCO-identify commands. #605 Thanks @PartialVolume
• On some distros, nwipe may not be able to find hdparm or smartctl even when they are installed. This is due to a symbolic link issue with the distro. The patch fixes this issue by adding a new search location when looking for hdparm and smartctl. The new search location is /usr/sbin/. Previously we searched /sbin/ and /usr/bin/ but /sbin is symbolically linked to /usr/sbin/ so just in case there was some issue with the symbolic link we also now search /usr/sbin/ #606 Thanks @PartialVolume
• The hidden sector check for SAS drives has been disabled as it is believed that SAS drives do not support the SCSI commands to adjust the drives size as reported to the O.S. #607 Thanks @PartialVolume
• Some USB adapters report the model name and serial number with the incorrect endian, so adjacent characters in the model name are swapped with each other. This patch detects and fixes model names for Hitachi, Toshiba, WDC Western Digital Corporation and Seagate/ST drives. Mainly some older adapters and drive interfaces might have this issue. #630 Thanks @PartialVolume
• Fixes the s shift s bug as reported here PartialVolume/shredos.x86_64#301 To summarize, if no drives are selected and then the user presses s (lower case) a warning appears indicating that the user should press S (upper case) to start the wipe. This warning appears for about 3 seconds but during this time if the user presses S (upper case) nwipe would immediately complete, having wiped no drives and requesting the user to press the spacebar to exit. This is incorrect behaviour.
  The bug doesn't appear if the user pressed S after the 3 seconds elapsed and the warning message disappeared. This patch fixes this so that it does not exit but displays the warning for 3 seconds and then waits for input. #636

v0.37

v0.37

includes the following changes:

• Added the XORoshiro-256 pseudo random number generator (PRNG). Thanks to Fabian Druschke @Knogle #555
• Added the Lagged Fibonacci PRNG generator. Thanks again to Fabian Druschke @Knogle #556
• Changed the default method from "DOD Short" to "prng stream", using the XORoshiro-256 prng
• Added missing help for HMG IS5 enhanced. Thanks to @AndCycle #569
• Fixed an issue in configure.ac which was producing an error while running ./configure, mentioning libconfig, however the presence of libconfig had already been checked for, earlier in configure.ac. Although this error did not cause ./configure to abort prematurely and therefore make would build the source correctly, it did cause a issue for inclusion into Debian Sid. Thanks to @Polynomial-C #574
• Minor change to nwipe's man page filename, nwipe.1 to nwipe.8 to fix a Debian warning. #577

v0.36

v0.36

includes the following changes:

• Added the abbreviation MMC for mmcblk devices such as SD and microSD cards and some low budget laptops. #526
• Fixed some serial numbers that were displaying garbage. #527
• Fixed auto power off and nowait when the screen has been blanked by the user. #529
• Fixed nwipe not auto exiting on completion when in non gui mode. #531
• Fixed smart page titles so they have a consistent format with page 1 in the PDF report. #532
• Fixed some of the config help messages that displayed incorrect information. #533
• Inserted a space between temperature and model. #534
• Fixed incorrect footer on return to organisation/customer preview screen. #535
• Made footer completion message more informative. #538
• Fixed hidden sector detection for devices with logical/physical size of 4096/4096. #543 #546
• Fixed some strcpy compiler warnings. #548

v0.35

v0.35

includes the following changes:

• Nwipe will now optionally create a multi-page PDF certificate that shows details of a specific discs erasure. The first page forms the certificate of erasure and subsequent pages show the drives smart data. Two related options have been added to nwipe's command line options -P, --PDFreportpath=PATH Path to write PDF reports to. Default is "." If set to "noPDF" no PDF reports are written. From the drive selection screen you can now press 'c' for config. This takes you to the configuration screen where you can select various PDF certificate related options such as enabling PDF, entering customer or company data for entry onto the certificate and enabling a preview of customer/company info prior to the drive selection screen starting.
• Nwipe now supports HPA/DCO detection, aka hidden sector detection. This is where the drive has been configured to report a smaller size to the operating system (O.S.) than it actually is. The HPA/DCO status is reported on the main drive selection screen as [HS? N/A] for drive that does not support HPA/DCO such as NvMe. [HS? YES] for a drive that is reporting a size smaller than it actually is, i.e has hidden sectors and [HS? NO] where the drive is reporting it's actual size correctly to the O.S. And finally [HS? ???] where nwipe cannot determine the HPA/DCO status as the drive is not responding to the ATA commands used to detect HPA/DCO. This might be because the drive does not support HPA/DCO or the interface adapter does not support ATA passthrough as is the case with a lot of the USB adapters on the market, but not all USB adapters. Nwipe does not currently allow removal of the HPA/DCO so you will still need to use hdparm to reset the drive so it reports its correct size before using nwipe to wipe the drive. HPA/DCO reset may be added in the next version. Thanks to @mdcato for the help testing the code and HPA/DCO results as displayed in the report.
• This bug only applies to ones wipe and one or zero's verification. A very rare occurrence of a incorrect percentage on completion. The actual wipe was completed correctly it was just that the percentage calculation was wrong. #459
• Nwipe now supports a configuration file /etc/nwipe/nwipe.conf. Currently it supports settings related to the PDF certificate but more options will be added in the future.
• If you are running nwipe within the KDE konsole terminal and you resize the window by pulling on the corners, occasionally nwipe will exit with the error message: "GUI.c,nwipe_gui_select(), loop runaway, did you close the terminal without exiting nwipe? Initiating shutdown now" The loop runaway detection has been made less sensitive, i.e 32 iterations per second of the GUI update can now be completed before a loop runaway is detected. previously it was 8. In practise when sizing the konsole window, anywhere between 1 and 17 iterations will occur.#467
• Nwipe now provides better temperature support for SAS drives. Thanks to @ggruber for all the code and testing he contributed.
• Disc sizes are now shown differently to provide more information about their size. For instance a 1.2TB drive was shown as 1TB, now it is shown as 1200GB. Thanks to @ggruber for his code contribution.
• Interface/bustype type was reported as UNK fo SAS drives, now reported correctly as SAS. Thanks to @ggruber for his code contribution.
• Interface/bustype type has been enhanced to show SAS-SSD when a SSD drive is present. Thanks to @ggruber for his code contribution.
• Nwipe's temperature retrieval code has been placed in it's own thread. This was done because it was found that any delays in obtaining the temperature resulted in a momentary freeze in the GUI wipe screen updating it's stats. This wasn't noticable if you were erasing a small number of drives but become apparent when wiping ten or twenty drives simultaneously.
  -Nwipe now automatically sorts drives alphabetically by device name that are the same length. i.e /dev/sda - /dev/sdz will be in order, followed by drives /dev/sdaa - /dev/sdaz in order followed by nvme or loop being at the end of the list.

v0.34

v0.34

• Fix a compiler warning -Wformat-zero-length string
• update to README.md regarding a warning to run a hidden data area (HDA) prior to running nwipe, until such time that automated HDA checking is added to nwipe.

V0.33

v0.33

includes the following changes:

• Fixes a slight screen corruption on 80 column display. When highlighting the verify ones option the first two digits of DoD 5220.20-M disappear. This patch fixes that issue.@PartialVolume #348
• For some controllers/drivers the readlink method of obtaining the bus type for GUI display does not work. If we haven't already resolved the bus type, we then also check smartctl for the transport protocol for SAS. @PartialVolume #350
• Check smartctl for unresolved bus types SATA @PartialVolume #358
• Changed message from (No ATA pass-thru) to (S/N: unknown) as the reason the serial number is unknown is because there is no ATA pass through for the chipset being used by the USB to SATA adapter, basically we are making the message more meaningful for the end user rather than for the engineer/programmer that may understand the previous terminology used. @PartialVolume @Firminator #356
• Add drive temperature monitoring and display temperature in degrees Celsius in the GUI. Requires the kernel drivetemp module and makes use of the hwmon sub system in the kernel to extract drive temperatures. Nwipe will automatically load the drivetemp module if it's available. @PartialVolume #360 #361 #364
• Remove /dev/ from gui for long device names. This fixes column alignment issues in the gui with nvme drives i.e. nvme0n1 etc. If the drive name including path exceeds 8 characters the /dev/ is removed and prefixed with spaces to a total max length of 8 characters. @PartialVolume #365
• Add -q --quiet option - anonymize serial numbers and SMBIOS-DMI data. This anonymizes serial numbers and related identifiable information for drives and hardware but does not remove model information in both the GUI and the log displayed by stdout at the end of a wipe and also in the log file if enabled in options. This feature is useful for uploading logs when submitting bug reports. @PartialVolume #366 #367 #371 #379 #383
• Fixes a intermittent FAILED message that is displayed in the summary table when the message should have been UABORTED. The incorrect FAILED message only occurred when using control-C to abort a wipe. @PartialVolume #373
• When many verification or pass errors are detected the status line can wrap on a 80 column display. This patch makes the error message more succinct which will free up about 10 characters & prevents the line wrapping. @PartialVolume #374
• Fixes a problem that occurs with a unresponsive drive that causes the ETA to grow to an enormous value. We now do not calculate an individual drives ETA when the throughput of the drive is zero so avoiding the overall ETA being incorrect for drives that are working correctly when multiple drives are being simultaneously wiped. While a individual drives ETA is calculated it is not displayed but only used to determine the overall ETA when all drives have completed. @PartialVolume #375
• Add temperature monitoring and display with NVMe drives. @PartialVolume #377 #380 #381
• When one of the two verify only methods are selected change the drive selected text from WIPE to VRFY to indicate the drive is not being wiped, but is only being verified. @PartialVolume #378
• Fixes a incorrect sector, block and device sizes in 32 bit builds only as displayed in the nwipe log. This problem had no affect on the wipe as the issue was caused by a incorrect format specifier that affected the log text only. @PartialVolume #387 #388
• Fixes a issue where temperatures may not have been available on Debian systems due to the location of modprobe. Particularly relevant to Debian which when logged in as root doesn't put /sbin in the $PATH environment setting. This issue was not necessarily relevant for Linux distros based on Debian, for instance, Ubuntu where nwipe would have found the modprobe command. @PartialVolume #390 #391
• Improve wipe thread cancellation error checking. @PartialVolume #392
• Improve GUI thread messaging if a pthread_join fails. @PartialVolume #393
• Fixed a missing serial number on SAS drive.@PartialVolume #394
• Added ISAAC-64 for 64 bit systems. Thanks @chkboom #398 #401
• Fixes a problem with the Gutmann wipe where the random passes at the beginning and end were being re-arranged when only the inner passes should be rearranged. Thanks @chkboom #399
• Fixes a obscure incorrect summary table status, while the log text correctly reports the failure. If the drive becomes non responsive during the wipe, the MB/s throughput will slowly drop towards 0MB/s and will display a FAILURE -1 error. The logs will correctly display errors and nwipe's return status will be non zero, however the summary table may display erased rather than FAILURE, this is because
  the wipe thread exited prematurely without setting the pass error. This fixes the error by checking the context's result status, i.e non zero on failure and if pass equals zero it makes pass equal to one. This is then picked up by the summary table log code which then marks the status
  correctly as FAILURE in the summary table. @PartialVolume #400
• Fixes a spurious message on abort before wipe.This patch fixes a minor display issue that occurs when a user aborts a wipe before a wipe has started. It only occurs if the user had selected one or more drives for wipe and then aborted before starting the wipe. The spurious message only occurs in a virtual terminal, i.e. /dev/tty1, /dev/tty2, /dev/console It does not occur in terminal applications such as konsole, xterm, terminator etc. The spurious message that appears in the main window, states that "/dev/sdxyz 100% complete" along with garbage values in the statistics window. The message appears for a fraction of a second before being replaced with the textual log information that correctly states that the user aborted and no wipe was started. Basically the gui status information update function tries to update the data when the wipe hasn't even started. The fix is to only update the statistics information only if a wipe has started by checking the 'global_wipe_status' value which indicates whether any wipe started. '1' indicates that a wipe has started, else '0' if no wipe has started. @PartialVolume #406
• Fixes temperature update in drive selection window. This fixes a problem where the drive temperature is not updated
  automatically in only the drive selection window. The temperature is however updated correctly every 60 seconds during a wipe in the wipe status window. This bug would probably never be noticed by most people as usually the drive temperature changes slowly and only rises once a wipe has started. The only time I imagine it would have been noticed would have been if the drive temperature was already high and you were trying to reduce the temperature by cooling before starting a wipe. This has now been corrected so that the temperature in the drive
  selection window is updated every 60 seconds. @PartialVolume #407
• Fixes a zombie nwipe process running at 100% CPU on one core but only on a Konsole based terminal. This only occurred when the Konsole terminal is exited while nwipe is sitting at the drive selection screen but nwipe did not exit when the konsole terminal was closed. If nwipe is exited normally on completion of a wipe or aborted by using control C then this problem would not be seen. Also occurs during a wipe if the konsole terminal is closed without exiting nwipe first, again only on Konsole based terminals. @PartialVolume #408 #409
• Fixes a obscure segfault when --logfile option used with a non writable directory. @PartialVolume #410

v0.32

v0.32

includes the following changes:

• Add ones (0xFF) wipe to the methods. Renamed Zero Fill to Fill with Zeros and the new ones wipe, is called Fill with Ones.
• Add ones verication to the methods. Renamed Verify Blank to Verify Zeros (0x00) and the new verification is called Verify Ones (0xFF).
• Move method information from below the list of methods to the right of the method list. This allows better use of the screen space by allowing more methods to be added to the list, especially relevant to nwipe running as a standalone application on small distros such as shredos 2020 in frame buffer mode.
• Removed the old DBAN syslinux.cfg configuration hints as not relevant to nwipe. See nwipe --help or man nwipe for command line options.
• Add fdatasync errors to the error summary table.
• During a wipe, you can now toggle between dark screen, blank screen and default blue screen by repeatedly pressing the b key. Dark screen, which is grey text on black background has been introduced to prevent TFT/LCD image persistence on monitors that are sensitive to that issue. However, according to this article grey text on a white background may be preferable. I will probably add that option in the next release along with possibly powering off the display as an additional option.

v0.31

v0.31

IMPORTANT ! #322 Non functional Isaac prng is a security update. Of specific importance for anybody that might use --prng=isaac as one of nwipe's command line options. Significantly less important if you select Isaac from the GUI although still relevant, as mersenne is used not issac, despite what the GUI says. Putting --prng=isaac on the command line causes at best zeros to be written instead of a random stream, at worst the contents of a uninitialized buffer. See my comments in #322. Note, this bug existed in all previous versions of nwipe and also still exists in DBAN 2.3.0 within dwipe. Now fixed in nwipe, but as DBAN is no longer actively maintained, another reason to upgrade from DBAN to nwipe 0.31.

includes the following changes:

• Blanking disabled in GUI for OPS2 (mandatory requirement of standard). #326
• Total bytes written/read for ALL passes or verifications are now logged. #326
• Final blanking being enabled is no longer required for verification passes. GUI Fix. #326
• Add a summary table to the log that shows totals for pass & verification errors. #325
• Fix the missing 'Verifying' message on final blanking. #324
• Fix prng selection always using mersenne irrespective of whatever prng the user selected. #323
• Fix a non functional Isaac prng. (May have never worked even in DBAN/dwipe 2.3.0). #322
• Log whether the prng produces a stream, if not log failure message. #321
• Log the specific prng that is initialised. #320
• Log selection details to the log. #319
• Improve log messaging. #317
• Fix auto shutdown option for some distros. #315
• Fix build for musl. #301
• Fixes to summary table & fix final status message. 311
• Updates to --help options #309
• Updates to manpage. #300