Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How does a 7- or 35-pass erase work? Why would one use these methods?

How and why do 7- and 35-pass erases work? Shouldn't a simple rewrite with all zeroes be enough?

like image 455
stalepretzel Avatar asked Nov 10 '08 01:11

stalepretzel


People also ask

What is a 35 pass erase?

The Gutmann method is an algorithm for securely erasing the contents of computer hard drives, such as files. Devised by Peter Gutmann and Colin Plumb, it does so by writing a series of 35 patterns over the region to be erased.

What is a 7 pass erase?

The only way to fully erase the hard drive is to write over it using the wipe feature. The 1, 3 or 7 option lets you choose how many passes you wish to do. The United States Department of Defense recommends using a 7 pass wipe to clean media.

Which disk erase method is best?

Most experts agree that Secure Erase is the best way to overwrite an entire hard drive in a single pass. The very simple Write Zero method accomplishes essentially the same thing, albeit much slower.

How does Secure Erase work?

Secure erase works by overwriting the data at its location with new data that's random and useless (usually binary 1's and 0's). Once this overwriting has been accomplished, software-based data recovery methods (like file or partition recovery programs) won't be able to recover the data.


2 Answers

A single pass with zeros doesn't completely erase magnetic artifacts from a disk. It's still possible to recover the data from the drive. A 7-pass erasure using random data will do a pretty complete job to prevent reconstruction of the data on the drive.

Wikipedia has a number of different articles relating to this topic.

http://en.wikipedia.org/wiki/Data_remanence

http://en.wikipedia.org/wiki/Computer_forensics

http://en.wikipedia.org/wiki/Data_erasure

like image 85
epochwolf Avatar answered Oct 21 '22 03:10

epochwolf


I'd never heard of the 35-part erase: http://en.wikipedia.org/wiki/Gutmann_method

The Gutmann method is an algorithm for securely erasing the contents of computer hard drives, such as files. Devised by Peter Gutmann and Colin Plumb, it does so by writing a series of 35 patterns over the region to be erased. The selection of patterns assumes that the user doesn't know the encoding mechanism used by the drive, and so includes patterns designed specifically for three different types of drives. A user who knows which type of encoding the drive uses can choose only those patterns intended for their drive. A drive with a different encoding mechanism would need different patterns. Most of the patterns in the Gutmann method were designed for older MFM/RLL encoded disks. Relatively modern drives no longer use the older encoding techniques, making many of the patterns specified by Gutmann superfluous.[1]

Also interesting:

One standard way to recover data that has been overwritten on a hard drive is to capture the analog signal which is read by the drive head prior to being decoded. This analog signal will be close to an ideal digital signal, but the differences are what is important. By calculating the ideal digital signal and then subtracting it from the actual analog signal it is possible to ignore that last information written, amplify the remaining signal and see what was written before.

like image 7
Dustin Getz Avatar answered Oct 21 '22 01:10

Dustin Getz