Hard drive: Do I really need 7 passes to securely wipe it?

[JEDI]

Department of Defense requires seven discrete passes of the hard disk zeroed. (Writing '0' in each sector.)

http://www.dtic.mil/whs/directives/corres/html/522022m.htm

Is 1 pass good enuf for the avg user who just has his passwords and tax forms on the hard drive? (Friend is going to donate some old hardware to Goodwill.)

 

[TheStu]

Depending on the size of the drive, 7 pass doesn't take that long. I think it was something like 3GB/minute/pass on my old MacBook.

1 pass will erase the data effectively enough such that 90%+ of people wouldn't ever be able to get at it again (probably more than that actually). 7 pass means that 99% of all people cannot access it.

35 pass means ain't nobody but the NSA is getting at that information.

 

[Mide]

For the time needed, I think it is worth it to make sure nobody gets your data.

 

[RebateMonger]

If you do a search, you'll find nobody has ever actually recovered data from a disk that's been wiped even one time. While it MAY have been possible to recover data from a disk 20 years ago (when imprecise stepper motors were used to move heads across low-data-density disks), modern disks with servo motors and high-data-density are extremely unlikely candidates for data recovery from a one-pass-wiped disk.

http://en.wikipedia.org/wiki/Data_erasure

"According to the 2006 NIST Special Publication 800-88 Section 2.3 (p. 6): "Basically the change in track density and the related changes in the storage medium have created a situation where the acts of clearing and purging the media have converged. That is, for ATA disk drives manufactured after 2001 (over 15GB) clearing by overwriting the media once is adequate to protect the media from both keyboard and laboratory attack."[6]

According to the 2006 CMRR Tutorial on Disk Drive Data Sanitization Document (p.8): "Secure erase does a single on-track erasure of the data on the disk drive. The U.S. National Security Agency published an Information Assurance Approval of single pass overwrite, after technical testing at CMRR showed that multiple on-track overwrite passes gave no additional erasure."[7] "Secure erase" is a utility built into modern ATA hard drives that overwrites all data on a disk, including remapped (error) sectors.

Further analysis by Wright et al. seems to also indicate that one overwrite is all that is generally required.[8]"

 

[aigomorla]

what would happen if u just took a high powered neodymium magnet and did that way?

Can you wipe the drive without killing it with a high powered magnet?

I always wondered about that... but never tried.

 

[VirtualLarry]

what would happen if u just took a high powered neodymium magnet and did that way?

Can you wipe the drive without killing it with a high powered magnet?

I always wondered about that... but never tried.

If you use a magnet to wipe, you will never be able to re-use the drive, because it wipes out the factory-written servo info, which can only be written in the factory because it uses a laser or something.

 

[aigomorla]

If you use a magnet to wipe, you will never be able to re-use the drive, because it wipes out the factory-written servo info, which can only be written in the factory because it uses a laser or something.

ahh i see... but what if u just wanted to junk the drive?

Is it safe and secure to do it that way?

Or do you need to wipe it and then junk it?

I have a friend named cyberdruid on XS.. he pulls his shot gun out which has solid slug shell and he pokes hole though it.

Was mad funny when he showed us it.

 

[JEDI]

ahh i see... but what if u just wanted to junk the drive?

Is it safe and secure to do it that way?

Or do you need to wipe it and then junk it?

I have a friend named cyberdruid on XS.. he pulls his shot gun out which has solid slug shell and he pokes hole though it.

Was mad funny when he showed us it.

if u want to destroy it, use gas and set it on fire?

 

[Special K]

You could just use an automated tool like DBAN:

http://www.dban.org/

It will perform the required number of passes for the DoD spec and you can just let it run.

 

[JEDI]

You could just use an automated tool like DBAN:

http://www.dban.org/

It will perform the required number of passes for the DoD spec and you can just let it run.

the download is in iso form. need to burn to cd.

but what if u have a netbook, and no external cd reader?
i didnt see an .exe file on the cd when i burned the iso thus cant run off usb flash drive?

 

[RebateMonger]

Install DBAN to a USB Flash Drive using Windows:

http://www.pendrivelinux.com/install-dban-to-a-usb-flash-drive-using-windows/

 

[Mark R]

You should use a 'secure erase' utility (e.g. HDDErase. This is more secure than using an overwrite program, e.g. DBAN.

There are several advantages to using a secure erase utility:
1. An overwrite program cannot clear 'spare', 'bad', 'pending' or 'reallocated' sectors. These sectors could remain accessible to data recovery tools.
2. On an SSD, you waste flash cycle life - whereas on an SSD secure erase, pre-erases all the flash restoring factory performance.
3. It's faster to run a secure erase - with a host based overwrite tool, the PC has constantly dump data to the drive (on low end PCs, e.g. atoms, this can be a bottleneck, as the drive can be faster than the system bus) With a secure erase tool, no data is sent to the drive, the erase is performed by the drive's internal CPU.
4. A secure erase utility can guarantee that the drive is securely wiped. An overwrite tool can't unless you verify the whole drive. HDDerase 'locks' the drive, before erasing, and only 'unlocks' the drive when erasure is complete. A 'locked' drive will not respond to normal commands, until it is unlocked. So, if there is a power failure, or spontaneous reboot - the drive will not be usable if the erasure didn't complete (just re-run the erasure and let it finish to 'unlock' the drive). Note: there is a potential pitfall here - some BIOSs have a bug, where if they detect a 'locked' hard drive, will refuse to boot. If you have such a defective BIOS and the erase is interrupted part-way, your comp may not reboot, and you'll have to transfer the drive to a PC with a working BIOS, to unlock it.

 

[Modelworks]

1 pass is enough. All the talk of NSA and DOD levels of erasing are from years ago when drives were thousands of dollars and reused often, the government doesn't even use software to erase drives like that any more. They shred the drives and place the shreds into an induction furnace which is hotter than the sun which produces a liquid metal slurry.

I like killdisk for windows.
http://www.killdisk.com/

 

[zerogear]

May I recommend a sledgehammer?

 

[Blain]

if u want to destroy it, use gas and set it on fire?

Data has been recovered from HD's that have been through fires.

 

[Swivelguy2]

Next time, encrypt your personal data from day 1. You're worried about an identity thief recovering your info from your hard disk after you throw it away AND zero the drive, when they could just break into your house/apartment and take your computer?

 

[0roo0roo]

the 7 pass is based on myth...and an old paper on the subject which refereed to old drives which have no relevance to todays tech. as far as i know no ones proved they can recover data from modern drives even after 1 pass. never mind with an electron microscope or whatever they need.
7 pass is a good way for it folks to charge extra for doing nothing, or simply log "work" while playing halo

 

[corkyg]

It is actually not based on myth, but on laboratory work involving very expensive equipment and processes which can read edges of erased data and reconstruct it. But, unless you are trafficking in highly sensitive areas, no one is going to spend that kind of time and money to find out your bank balance. 7 passes is a completely CYA standard a little betond what current lab technology can do. For average run of the mill info, of unclassified data, 1 pass will work just fine.

 

[0roo0roo]

It is actually not based on myth, but on laboratory work involving very expensive equipment and processes which can read edges of erased data and reconstruct it. But, unless you are trafficking in highly sensitive areas, no one is going to spend that kind of time and money to find out your bank balance. 7 passes is a completely CYA standard a little betond what current lab technology can do. For average urun of the mill info, of unclassified data, 1 pass will work just fine.

http://www.nber.org/sys-admin/overwritten-data-guttman.html
when something gets twisted into falsehood its become a myth. the idea that for much much older drives based on older encoding techniques it was theoretically possible with electron microscopes or whatever. But the security folks apply that info to today to justify their "work" which turned it into a myth. i'm sure there were plenty of folks who had incentive to believe, it covered their asses, made them look good to their boss, gave them extra coffee break time etc as said, no ones proven that they can recover sh*t from one pass these days. not even sure they proved it on the old drives.

 

[coolVariable]

http://www.nber.org/sys-admin/overwritten-data-guttman.html
when something gets twisted into falsehood its become a myth. the idea that for much much older drives based on older encoding techniques it was theoretically possible with electron microscopes or whatever. But the security folks apply that info to today to justify their "work" which turned it into a myth. i'm sure there were plenty of folks who had incentive to believe, it covered their asses, made them look good to their boss, gave them extra coffee break time etc as said, no ones proven that they can recover sh*t from one pass these days. not even sure they proved it on the old drives.

This myth is also based on the premise of a new drive, having data written to it ONCE and then erased ONCE. Theoretically, it might be possible to guess the 0/1 state before the overwrite but in reality each part of the HDD has likely been written to hundreds of times ... so it is pretty much impossible to guess the state 'before the overwrite' because you might also guess the state 'before 10 overwrites ago'.

 

[Russwinters]

There is CURRENTLY, and i doubt anywhere in the foreseeable future, ANY possible way to recovery ANY data from a drive wiped with even 1 Pass.


Actionfront developed signal trace, but it only worked on a very specific set of WD drives that where made in the early 90s.

The "Lab technique" you are referring to is "Spin Stand Microscopy".

It's a pretty cool idea, but it just simply won't work effectively for recovery purposes on any drives made past the year 2000 or so, drives before then "may" be able to work, but even 1 pass is going to destroy enough for that to be 99.999% impossible.

 

[hanspeter]

People loves to quote Gutmann when the talk is about recovery of overwritten data. They are just forgetting that he never proposed a way to recover such data (not even on old drives). What his theory is about is *erasing* of data in a *theoretical* more secure way.

 

[Modelworks]

There is CURRENTLY, and i doubt anywhere in the foreseeable future, ANY possible way to recovery ANY data from a drive wiped with even 1 Pass.

I like to remind people that are worried about it that the whole purpose of a hard drive is to store information. Drives would be pretty useless if you can write a 0 then a 1 and if you read it enough the last bit you wrote will suddenly make itself known. Imagine a drive that flips bits depending on how many times you read or wrote the bit, ugh, data would be garbage.

 

[uOpt]

Writing the same bits (zeros) 7 times is very unlikely to be much better than just wiping it once.

If anything you want a random or opposite pattern a couple of times. Basically memtest86+ on a harddrive

 

[RedCOMET]

May I recommend a sledgehammer?

Pish.. what are we pussies... if he wants to destroy the hard drive all nice and proper like, he needs to Thermite it.