Comment 2 for bug 1022511

I don't think you want to incorporate 'discard' in this. IMHO, that is a separate logical operation, that you may choose to use /in conjunction with/ one of the data-wiping operations, not instead of.

Whether wiping the start of the device is useful depends somewhat of what the guest OS has used it for. If the guest used it for a plain filesystem, then wiping will scramble much fo the filesystem metadat, but not the real data. So it is at best "Security through obscurity". If, however, the guest had put something like LUKS encryption on the volume, then wiping the start will blow away all the decryption key sots, so this will be as secure as any other method.