• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

One-pass wipe enough? Maybe not...

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.

JigPu

Inactive Pokémon Moderator
Joined
Jun 20, 2001
Location
Vancouver, WA
I reformatted my computer the other day, and it got me wondering if there's been any more information on the hard drive wiping front. A little Googling later provided something I hadn't seen before.

The most well-known resource regarding the wiping of hard drives is likely Peter Gutmann's "Secure Deletion of Data from Magnetic and Solid-State Memory". This paper, first published in 1996, looks at several ways that data could be recovered from a drive. The results of this paper inspired the writers of many wiping programs to even include a Gutmann-style 35-pass wipe. However, that was 1996. This is 2010. In the intervening time, drive densities have marched onward: the 1.5 GB drive of the day was just as much a marvel as a 1.5 TB drive is today. These increasing densities have chiefy come through the shrinking of magnetic domains, making the attacks outlined by Gutmann more difficult.

More recently (January 2009), Craig Wright et al. published "Overwriting Hard Drive Data: The Great Wiping Controversy" which aimed to unseat the notion that multiple erasure passes are required. Using techniques like Magnetic Force Microscopy (an attack vector specifically mentioned by Gutmann) they could only succeed 9 times in a million to recover just 4 bytes of data. Many news organizations wrote short articles about their results, leading many readers to believe that Gutmann's paper is out of date in today's high-density world.

Unfortunatly, few who have heard about the paper have actually read it. While this is in part due to simple lazyness, it's also due to the article being very difficult to get for free. In addition to the online version existing behind a paywall, few public libraries subscribe to the periodical.

Fortunately, Peter Gutmann has read this article and has posted a "Further Epilogue" to his paper (click on the link above and scroll to the very end) dealing specifically with this paper. He's found many glaring errors and talks breifly about each. One of the most glaring is their apparent confusion of magnetic force microscopes and electron microscopes (I don't see how anyone writing a paper on this topic could make that giant an error repeatedly). In short, because of the errors, Gutmann believes the results should be taken with a salt block or two.

EDIT: After more googling, I managed to find a "simplified" version of the paper. It doesn't go into as much detail as the actual paper, but provides a little info nonetheless.

~~~~

On an additional (but unrelated) note, Gutmann also has added an "Epilogue" section that you may not have read. This is directed to those who "[treat] the 35-pass overwrite technique . . . more as a kind of voodoo incantation to banish evil spirits" :chair:

Secure Deletion of Data from Magnetic and Solid-State Memory said:
In fact performing the full 35-pass overwrite is pointless for any drive since it targets a blend of scenarios involving all types of (normally-used) encoding technology, which covers everything back to 30+-year-old MFM methods (if you don't understand that statement, re-read the paper). If you're using a drive which uses encoding technology X, you only need to perform the passes specific to X, and you never need to perform all 35 passes. For any modern PRML/EPRML drive, a few passes of random scrubbing is the best you can do.

JigPu
 
Last edited:

reap3r

Member
Joined
Jun 18, 2009
Location
BC, Canada
This is really interesting stuff... i've actually wondered just how effective those multiple pass erases are anymore.. Macs have the ability to do a 35-pass erase using their disk utility.. and what makes me amused is the fact that the caption for 7-pass erase reads "This option takes 7 times longer than zero out data, and meets the US Department of Defense (DOD) 5220-22 M standard for securely erasing magnetic media..

Makes you wonder whether that holds true these days or not...
 

mjw21a

Member
Joined
Sep 29, 2004
Apparently the write heads are much more accurate these days so generally a single write should be enough.

Back with the older drives the write heads weren't so accurate so 2-3 writes was a better idea. Depends on how paranoid you are I guess.
 

dorkbert

Registered
Joined
Oct 28, 2009
Location
California, USA
For the most part, unless your adversary is someone of substantial financial means (that can afford expensive data recovery services), otherwise a couple erasure passes should be plenty.
 

Mr.Guvernment

Member
Joined
Feb 26, 2003
i recall reading that the FBI or some agency can recover data off broken disks, even if they are in pieces they can pull the data from that section and piece it together if needed?

giant magnet FTW
 

c627627

c(n*199780) Senior Member
Joined
Feb 18, 2002
Just to be clear. JigPu, after 1 pass of rewriting with zeroes, it is not possible to recover more than 1 byte of data, right?
 
OP
JigPu

JigPu

Inactive Pokémon Moderator
Joined
Jun 20, 2001
Location
Vancouver, WA
Just to be clear. JigPu, after 1 pass of rewriting with zeroes, it is not possible to recover more than 1 byte of data, right?
The point of my post was that this still isn't clear.

Craig Wright et al. were able to successfully recover a single byte of data between 30% and 3% of the time depending on how heavily the drive was used beforehand. However, Gutmann believes their study was flawed. Clearly the study by Craig Wright et al. sets a lower bound, but how close that bound is to the average case is still up for debate.

Leaving the world of theory though, I'd say that there's no practical chance of recovery after a single pass. No software will recover it, I've never heard of a data recovery firm doing it, and have also never heard of law enforcement doing it. Also, there is the XKCD factor:

security.png

JigPu
 

c627627

c(n*199780) Senior Member
Joined
Feb 18, 2002
↑ Yh-eah. :)


In absence of proof that more than 1 byte can be recovered after a single pass, why the controversy?