How can I speed up secure erasing of a disk?
Overwriting the superblock or partition table just makes it inconvenient to reconstruct the data, which is obviously still there if you just do a hex dump.
Hard disks have a built-in erasing feature: ATA Secure Erase, which you can activate using
Pick a password (any password):
hdparm --user-master u --security-set-pass hunter1 /dev/sdX
hdparm --user-master u --security-erase hunter1 /dev/sdX
Since this is a built-in feature, it is unlikely that you'll find a faster method that actually offers real erasure. (It's up to you, though, to determine whether it meets your level of paranoia.)
Alternatively, use the disk with full-disk encryption, then just throw away the key when you want to dispose of the data.
Potentially unpopular answer: Put up with the time to completely wipe the disks securely.
You've accepted donation hardware from various sources, and made promises that their data will be securely erased. So you have to do as you promised and securely erase the disks.
If I was a donor and I found that you weren't keeping your promises, I'd not give you any more hardware in the future.
And don't short the DBAN runtime either thinking that clearing the first half or first 10% is sufficient, when it is not.
To make your DBAN runs more convenient, do you generally remove drives from hosts? If so, have a fairly low-power desktop aside with multiple SATA ports. When you have a couple of drives ready for wiping, set them all up on this one machine and wipe them with a bootable DBAN ISO or a netboot DBAN session. Then leave the machine running until the last one is complete.
You could use a SATA-USB disk dock, but these tend to be really slow compared to native SATA connections.
Second, do you have a workflow of storing donations then processing them? Or do you accept the hardware in, test it, wipe it and then store the items for use? I'd suggest you make a pipeline that works for you, and make DBAN a stage in that pipeline. So when you pull a machine from the store, its already wiped as well as known-good.
dd with big blocks could be faster than
dd if=/dev/zero of=/dev/disk bs=16M
Killing a disk in the process is goodness, it was likely marginal anyway.
If you LUKS-encrypt, this can be done after setting-up the encryption (makes it harder to spot used/unused space on the disk).
You can't avoid the I/O, at 50MB/s (which is a good speed for old disks), 250GB takes 5000 seconds (about 1.5 hours) to write. The only question is how close to that you can get.