Notices

Overclockers Forums > Hardware > Storage
Storage SSDs, HDDs, CD/DVD/Bluray
Forum Jump

One-pass wipe enough? Maybe not...

Post Reply New Thread Subscribe Search this Thread
 
 
Thread Tools
Old 02-15-10, 03:26 PM Thread Starter   #1
JigPu
Inactive Pokémon Moderator

 
JigPu's Avatar 

Join Date: Jun 2001
Location: Vancouver, WA

10 Year Badge
 
One-pass wipe enough? Maybe not...


I reformatted my computer the other day, and it got me wondering if there's been any more information on the hard drive wiping front. A little Googling later provided something I hadn't seen before.

The most well-known resource regarding the wiping of hard drives is likely Peter Gutmann's "Secure Deletion of Data from Magnetic and Solid-State Memory". This paper, first published in 1996, looks at several ways that data could be recovered from a drive. The results of this paper inspired the writers of many wiping programs to even include a Gutmann-style 35-pass wipe. However, that was 1996. This is 2010. In the intervening time, drive densities have marched onward: the 1.5 GB drive of the day was just as much a marvel as a 1.5 TB drive is today. These increasing densities have chiefy come through the shrinking of magnetic domains, making the attacks outlined by Gutmann more difficult.

More recently (January 2009), Craig Wright et al. published "Overwriting Hard Drive Data: The Great Wiping Controversy" which aimed to unseat the notion that multiple erasure passes are required. Using techniques like Magnetic Force Microscopy (an attack vector specifically mentioned by Gutmann) they could only succeed 9 times in a million to recover just 4 bytes of data. Many news organizations wrote short articles about their results, leading many readers to believe that Gutmann's paper is out of date in today's high-density world.

Unfortunatly, few who have heard about the paper have actually read it. While this is in part due to simple lazyness, it's also due to the article being very difficult to get for free. In addition to the online version existing behind a paywall, few public libraries subscribe to the periodical.

Fortunately, Peter Gutmann has read this article and has posted a "Further Epilogue" to his paper (click on the link above and scroll to the very end) dealing specifically with this paper. He's found many glaring errors and talks breifly about each. One of the most glaring is their apparent confusion of magnetic force microscopes and electron microscopes (I don't see how anyone writing a paper on this topic could make that giant an error repeatedly). In short, because of the errors, Gutmann believes the results should be taken with a salt block or two.

EDIT: After more googling, I managed to find a "simplified" version of the paper. It doesn't go into as much detail as the actual paper, but provides a little info nonetheless.

~~~~

On an additional (but unrelated) note, Gutmann also has added an "Epilogue" section that you may not have read. This is directed to those who "[treat] the 35-pass overwrite technique . . . more as a kind of voodoo incantation to banish evil spirits"

Quote:
Originally Posted by Secure Deletion of Data from Magnetic and Solid-State Memory
In fact performing the full 35-pass overwrite is pointless for any drive since it targets a blend of scenarios involving all types of (normally-used) encoding technology, which covers everything back to 30+-year-old MFM methods (if you don't understand that statement, re-read the paper). If you're using a drive which uses encoding technology X, you only need to perform the passes specific to X, and you never need to perform all 35 passes. For any modern PRML/EPRML drive, a few passes of random scrubbing is the best you can do.
JigPu

__________________
.... ASRock Z68 Extreme3 Gen3
.... Intel Core i5 2500 ........................ 4 thread ...... 3300 MHz ......... -0.125 V
2x ASUS GTX 560 Ti ............................... 1 GiB ....... 830 MHz ...... 2004 MHz
.... G.SKILL Sniper Low Voltage ............. 8 GiB ..... 1600 MHz ............ 1.25 V
.... OCZ Vertex 3 ................................. 120 GB ............. nilfs2 ..... Arch Linux
.... Kingwin LZP-550 .............................. 550 W ........ 94% Eff. ....... 80+ Plat
.... Nocuta NH-D14 ................................ 20 dB ..... 0.35 C°/W ................ 7 V


"In order to combat power supply concerns, Nvidia has declared that G80 will be the first graphics card in the world to run entirely off of the souls of dead babies. This will make running the G80 much cheaper for the average end user."
"GeForce 8 Series." Wikipedia, The Free Encyclopedia. 7 Aug 2006, 20:59 UTC. Wikimedia Foundation, Inc. 8 Aug 2006.

Last edited by JigPu; 02-20-10 at 01:56 PM.
JigPu is offline   QUOTE Thanks
Old 02-15-10, 06:12 PM   #2
reap3r


 
reap3r's Avatar 

Join Date: Jun 2009
Location: BC, Canada

 
This is really interesting stuff... i've actually wondered just how effective those multiple pass erases are anymore.. Macs have the ability to do a 35-pass erase using their disk utility.. and what makes me amused is the fact that the caption for 7-pass erase reads "This option takes 7 times longer than zero out data, and meets the US Department of Defense (DOD) 5220-22 M standard for securely erasing magnetic media..

Makes you wonder whether that holds true these days or not...
reap3r is offline Benching Profile   QUOTE Thanks
Old 02-15-10, 06:39 PM   #3
mjw21a

 
mjw21a's Avatar 

Join Date: Sep 2004
Location: Australia, Brisbane

 
Apparently the write heads are much more accurate these days so generally a single write should be enough.

Back with the older drives the write heads weren't so accurate so 2-3 writes was a better idea. Depends on how paranoid you are I guess.

__________________
CPU & HSF: AMD FX-8120 & Noctua NH-D14
Mobo: Asus M5A97-EVO
RAM: 16GB (4Gx4) DDR3 2133 G.Skill RipjawZ F3-17000CL11Q-16GBZL
Storage: 1x 120GB OCZ Vertex II SSD, 1x 250GB Samsung 830 SSD, 1x 1.5TB Samsung Silencer Series HDD
GFX: 4GB Gigabyte ATI R9 270X OC Edition + Yamakasi Catleap Q270 SE 27" IPS LED LCD
Audio: Asus Xonar DX, Senheiser CX270 earbuds + UltraDisk 4016 Condenser Lavelier Microphone
Case & Lighting: Silverstone Temjin TJ04-E w/ Side Window + Red CCFL's
PSU: 550W Antec EarthWatts Platinum
My rig piccies & links

"Under democracy one party always devotes its chief energies to trying to prove that the other party is unfit to rule - and both commonly succeed, and are right." H.L. MENCKEN
mjw21a is offline   QUOTE Thanks
Old 02-15-10, 07:45 PM   #4
dorkbert
Registered

 
dorkbert's Avatar 

Join Date: Oct 2009
Location: California, USA

 
For the most part, unless your adversary is someone of substantial financial means (that can afford expensive data recovery services), otherwise a couple erasure passes should be plenty.
dorkbert is offline   QUOTE Thanks
Old 02-17-10, 04:06 AM   #5
larrymoencurly
Member

 
larrymoencurly's Avatar 

Join Date: Jul 2002

10 Year Badge
 
At Fort Huachuca, the US Army still grinds up (or chips up) the old hard drives.
larrymoencurly is offline   QUOTE Thanks
Old 02-17-10, 12:52 PM   #6
Creegz
Member

 
Creegz's Avatar 

Join Date: Jan 2010
Location: British Columbia, Canada

 
One pass with a hammer is about the best solution.

__________________
Intel Core i7 940 OC to 3.7GHZ
Corsair H70
EVGA X58 FTW3
6GB Mushkin Ridgeback 1600
ASUS Radeon 6970 2GB
500GB Caviar Black, 3TB Seagate Barracuda
Silverstone Strider 850W
Fractal Designs Define R3
Creegz is offline   QUOTE Thanks
Old 02-19-10, 12:53 PM   #7
hansen
Member



Join Date: Oct 2007

 
Quote:
Originally Posted by Anti-Hero View Post
One pass with a hammer is about the best solution.
No, it really isn't. A single overwrite is much more secure.
hansen is offline   QUOTE Thanks
Old 02-19-10, 01:53 PM   #8
Mr.Guvernment

 
Mr.Guvernment's Avatar 

Join Date: Feb 2003
Location: Costa Rica - and toronto sometimes

10 Year Badge
 
i recall reading that the FBI or some agency can recover data off broken disks, even if they are in pieces they can pull the data from that section and piece it together if needed?

giant magnet FTW

__________________

¸,ř¤°`°¤ř,¸© Poor Planning On Your Part Does Not Constitute An Emergency On My Part ©¸,ř¤°`°¤ř,¸
¸,ř¤°`°¤ř,¸© The trouble with life is there’s no background music ©¸,ř¤°`°¤ř,¸
¸,ř¤°`°¤ř,¸© Life isnt short, you're just dead for too long©¸,ř¤°`°¤ř,¸


Mr.Guvernment is offline Folding Profile   QUOTE Thanks
Old 02-19-10, 03:06 PM   #9
c627627

c(π*199780) Senior Member

 
c627627's Avatar 

Join Date: Feb 2002
Location: Kansas

10 Year Badge
 
Just to be clear. JigPu, after 1 pass of rewriting with zeroes, it is not possible to recover more than 1 byte of data, right?
c627627 is online now Author Profile   QUOTE Thanks
Old 02-20-10, 01:53 PM Thread Starter   #10
JigPu
Inactive Pokémon Moderator

 
JigPu's Avatar 

Join Date: Jun 2001
Location: Vancouver, WA

10 Year Badge
 
Quote:
Originally Posted by c627627 View Post
Just to be clear. JigPu, after 1 pass of rewriting with zeroes, it is not possible to recover more than 1 byte of data, right?
The point of my post was that this still isn't clear.

Craig Wright et al. were able to successfully recover a single byte of data between 30% and 3% of the time depending on how heavily the drive was used beforehand. However, Gutmann believes their study was flawed. Clearly the study by Craig Wright et al. sets a lower bound, but how close that bound is to the average case is still up for debate.

Leaving the world of theory though, I'd say that there's no practical chance of recovery after a single pass. No software will recover it, I've never heard of a data recovery firm doing it, and have also never heard of law enforcement doing it. Also, there is the XKCD factor:



JigPu

__________________
.... ASRock Z68 Extreme3 Gen3
.... Intel Core i5 2500 ........................ 4 thread ...... 3300 MHz ......... -0.125 V
2x ASUS GTX 560 Ti ............................... 1 GiB ....... 830 MHz ...... 2004 MHz
.... G.SKILL Sniper Low Voltage ............. 8 GiB ..... 1600 MHz ............ 1.25 V
.... OCZ Vertex 3 ................................. 120 GB ............. nilfs2 ..... Arch Linux
.... Kingwin LZP-550 .............................. 550 W ........ 94% Eff. ....... 80+ Plat
.... Nocuta NH-D14 ................................ 20 dB ..... 0.35 C°/W ................ 7 V


"In order to combat power supply concerns, Nvidia has declared that G80 will be the first graphics card in the world to run entirely off of the souls of dead babies. This will make running the G80 much cheaper for the average end user."
"GeForce 8 Series." Wikipedia, The Free Encyclopedia. 7 Aug 2006, 20:59 UTC. Wikimedia Foundation, Inc. 8 Aug 2006.
JigPu is offline   QUOTE Thanks
Old 02-20-10, 04:14 PM   #11
c627627

c(π*199780) Senior Member

 
c627627's Avatar 

Join Date: Feb 2002
Location: Kansas

10 Year Badge
 
↑ Yh-eah.


In absence of proof that more than 1 byte can be recovered after a single pass, why the controversy?
c627627 is online now Author Profile   QUOTE Thanks

Post Reply New Thread Subscribe


Overclockers Forums > Hardware > Storage
Storage SSDs, HDDs, CD/DVD/Bluray
Forum Jump

Thread Tools Search this Thread
Search this Thread:

Advanced Search


Mobile Skin
All times are GMT -5. The time now is 06:37 AM.
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
You can add these icons by updating your profile information to include your Heatware ID, Benching Profile ID or your Folding/SETI profile ID. Edit your profile!
X

Welcome to Overclockers.com

Create your username to jump into the discussion!

New members like you have made this the best community on the Internet since 1998!


(4 digit year)

Why Join Us?

  • Share experience
  • Max out your hardware
  • Best forum members anywhere
  • Customized forum experience

Already a member?