As far as I know, one pass is all you need, any more is simply overkill, but feel free to tell me I'm wrong :)

10 years ago*

Comment has been collapsed.

If you want to be sure, why rely on some random information someone gives you rather than figuring it out yourself?

Do one pass, try to retrieve data, if successful, do another pass.

10 years ago
Permalink

Comment has been collapsed.

Just like to hear the opinions of others, hear both sides of the argument.

I do intend to try my best to recover the data myself after wiping it :)

10 years ago
Permalink

Comment has been collapsed.

3 because Half Life.

10 years ago
Permalink

Comment has been collapsed.

Depends on how much Taco Bell I had that day.

10 years ago
Permalink

Comment has been collapsed.

7 passes then burn some thermite on it just to be extra sure it's all gone and nobody can see what was on it.

10 years ago
Permalink

Comment has been collapsed.

To all people that CLAIM they're able to recover data from a single-pass erase - damn, you lost quite a chance to get some cash with the Great Zero Challenge :P

10 years ago
Permalink

Comment has been collapsed.

That drive was specifically "wiped" using dd to overwrite with zeroes, first. So, if you're going to cite that as a proof of drives not being recoverable after one pass of some sort, you can't properly cite that case without specifically mentioning the method that was used to write zeroes.

But that's besides the point. As is mentioned here in a comment by the user "Bob", the challenge proved precisely nothing, nada. If there are methods to securely recover any significant amount of contiguous data (so more than random bits of un-indexed files, rather full files with headers intact) from a drive after it's had an all-zero pass using dd, you can bet your ass that whoever is able to do so wouldn't reveal their methods, let alone the very fact that they're able to do so, for $40. The prize was raised to $500 later - still not worth it. Heck, even if they offered many millions, the chances are that companies that are big / profitable enough to own the equipment and have the expertise required on their payroll to perform the feat still wouldn't turn their head at such a prize. The only other entities with access to anything that would theoretically be required to recover the data (including the high paid engineers required) would be government agencies. And tell me, why would they ever reveal this ability / the existence of such knowledge / equipment, for any price? Hell you could even theorise (quite realistically, too) that there might be some data recovery protocols formed in joint projects between big forensic analysis companies and governmental agencies that are protected by law as being secret and illegal to divulge to the public.

In the end, the only thing that matters is a proper and logical cost / risk assessment. Do you have sensitive / personal data that you never want anyone seeing? Sure, if you wipe it with one pass of zeroes (through dd) and re-sell it in a PC you're selling to some PC store or a private individual, the chance that you'll ever have to worry about anyone recovering anything at all is infinitesimal; so ridiculously small that you could consider it a bit of overkill. I get that. What I don't get is why people don't understand the direct relation between this fact of there being a basically negligible risk, and the low cost (in time, electricity bills, and effort) of doing a random pass or 5/6 with DBAN, then a run with dd to zero the disk (so, not partition) fully. It's so simple to do these passes, and the biggest cost is time. You turn one operation on, go out, go about your day, come back home and see step 1 is done, move on to the dd step, let that run while you're sleeping. In other words, the risk might be so small as to be negligible, but the cost of doing stuff to ensure security more so - there is no real cost, other than the basic effort required to get the needed software, then run it. When you're done, MFM or even a scanning electron microscope wouldn't be enough to recover any data off the drive, not even using pattern analysis and some funky algorithms and math wizardry, and you've got fairly comprehensive peace of mind about the whole deal - even if through some fluke / cosmic joke your HDD / PC gets bought by someone aiding your local Al Qaeda clubhouse (or some other imaginary terrorist agency) whose PC is then seized by some government agency that is willing to spend the hard cash needed for any form of forensic analysis / recovery that might promise successful recovery of some degree, including hypothetical unknown / secret recovery methods.

10 years ago
Permalink

Comment has been collapsed.

ಠ_ಠ

10 years ago
Permalink

Comment has been collapsed.

What?

10 years ago
Permalink

Comment has been collapsed.

Thanks, i was going to post something similar, but i couldn't say it any better.

Do you have any good reference about security wipes and recoverable data?

10 years ago
Permalink

Comment has been collapsed.

Google, white papers on MFM and other forensic analysis / recovery methods, and years on the 'net ;)

Seriously though, no, nothing comes to mind right now, as most of the stuff I know about this comes from stuff I read about many, many years ago, from all kinds of sources.

10 years ago
Permalink

Comment has been collapsed.

look on the gruqg website, he should have any paper published on the subject either hosted or linked or referenced.

10 years ago
Permalink

Comment has been collapsed.

Thank you both.

10 years ago
Permalink

Comment has been collapsed.

All of them.

10 years ago
Permalink

Comment has been collapsed.

Use a magnet ;) huehuehue

10 years ago
Permalink

Comment has been collapsed.

The best way.

10 years ago
Permalink

Comment has been collapsed.

Yep, sure, find a strong enough magnet to do this properly (an issue in and of itself) and degauss it and destroy the drive so it can never be used again, great idea! -_-

10 years ago
Permalink

Comment has been collapsed.

I used HDDerase when I sanitized my two drives on my older computer. It uses a feature built in to all hard drives to wipe themselves securely. The best part about it is that it only took a few minutes to an hour at most to sanitize an 80GB and a 350GB and not hours/days like other programs. It's a tiny DOS only program that you put on a thumb drive/CD/etc, go through a few menus and let it do it's thing.

10 years ago
Permalink

Comment has been collapsed.

I always only do a quick format. That means, no "passes" at all, it just writes out the new contents. If I want to check the drive for bad sectors, I'll just run chkdsk.

Also, I do not see the point of physically zeroing out previous data. What's the point? I'm not a spy nor a corrupt politician.

10 years ago
Permalink

Comment has been collapsed.

As far as I remember when my friend was working at my country public use facility he was required to do 25-pass format.

10 years ago
Permalink

Comment has been collapsed.

Closed 10 years ago by ArmadX.