Posted on 03/11/2009 1:29:17 PM PDT by LibWhacker
The myth that to delete data really securely from a hard disk you have to overwrite it many times, using different patterns, has persisted for decades, despite the fact that even firms specialising in data recovery, openly admit that if a hard disk is overwritten with zeros just once, all of its data is irretrievably lost.
Craig Wright, a forensics expert, claims to have put this legend finally to rest. He and his colleagues ran a scientific study to take a close look at hard disks of various makes and different ages, overwriting their data under controlled conditions and then examining the magnetic surfaces with a magnetic-force microscope. They presented their paper at ICISS 2008 and it has been published by Springer AG in its Lecture Notes in Computer Science series (Craig Wright, Dave Kleiman, Shyaam Sundhar R. S.: Overwriting Hard Drive Data: The Great Wiping Controversy).
They concluded that, after a single overwrite of the data on a drive, whether it be an old 1-gigabyte disk or a current model (at the time of the study), the likelihood of still being able to reconstruct anything is practically zero. Well, OK, not quite: a single bit whose precise location is known can in fact be correctly reconstructed with 56 per cent probability (in one of the quoted examples). To recover a byte, however, correct head positioning would have to be precisely repeated eight times, and the probability of that is only 0.97 per cent. Recovering anything beyond a single byte is even less likely.
Nevertheless, that doesn't stop the vendors of data-wiping programs offering software that overwrites data up to 35 times, based on decades-old security standards that were developed for diskettes. Although this may give a data wiper the psychological satisfaction of having done a thorough job, it's a pure waste of time.
Something much more important, from a security point of view, is actually to overwrite all copies of the data that are to be deleted. If a sensitive document has been edited on a PC, overwriting the file is far from sufficient because, during editing, the data have been saved countless times to temporary files, back-ups, shadow copies, swap files ... and who knows where else? Really, to ensure that nothing more can be recovered from a hard disk, it has to be overwritten completely, sector by sector. Although this takes time, it costs nothing: the dd command in any Linux distribution will do the job perfectly.
Drives can have data preserved in the sectors not overwritten in normal operation, that may be recovered. So special software, that works at device level, doing the erase is required. Norton has a simple overwrite erase package for few dollars.
Most of this is holdover from back from when a hard drive costs thousands not tens of dollars. One of the first drives I designed cost $10000 and stored all of 10 MB. The easy way for most people is just physical destruction, a big hammer. It's only necessary to bust up the HDA, the aluminum object, the electronics is meaningless. You can even open it up and severely bend the discs and have good security. If you plan on selling the drive, or even reusing the drive on another system, then the special erase software is probably sufficient.
Today I just destroy with the hammer all of my old drives. Same with most large IT shops, just smash them up, that's the advice I give to clients.
I have two of these up in the attic, with the CPM operating disks, the Wordstar wordprocessing software, and a few games too. the screen was green teensie weensie type.
G=C800:5
No more problems.
Yeah, me too.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.