Menu
How and why do 7- and 35-pass erases work? Shouldn't a simple rewrite with all zeroes be enough?
455
The Gutmann method is an algorithm for securely erasing the contents of computer hard drives, such as files. Devised by Peter Gutmann and Colin Plumb, it does so by writing a series of 35 patterns over the region to be erased.
The only way to fully erase the hard drive is to write over it using the wipe feature. The 1, 3 or 7 option lets you choose how many passes you wish to do. The United States Department of Defense recommends using a 7 pass wipe to clean media.
Most experts agree that Secure Erase is the best way to overwrite an entire hard drive in a single pass. The very simple Write Zero method accomplishes essentially the same thing, albeit much slower.
Secure erase works by overwriting the data at its location with new data that's random and useless (usually binary 1's and 0's). Once this overwriting has been accomplished, software-based data recovery methods (like file or partition recovery programs) won't be able to recover the data.
A single pass with zeros doesn't completely erase magnetic artifacts from a disk. It's still possible to recover the data from the drive. A 7-pass erasure using random data will do a pretty complete job to prevent reconstruction of the data on the drive.
Wikipedia has a number of different articles relating to this topic.
http://en.wikipedia.org/wiki/Data_remanence
http://en.wikipedia.org/wiki/Computer_forensics
http://en.wikipedia.org/wiki/Data_erasure
85
I'd never heard of the 35-part erase: http://en.wikipedia.org/wiki/Gutmann_method
The Gutmann method is an algorithm for securely erasing the contents of computer hard drives, such as files. Devised by Peter Gutmann and Colin Plumb, it does so by writing a series of 35 patterns over the region to be erased. The selection of patterns assumes that the user doesn't know the encoding mechanism used by the drive, and so includes patterns designed specifically for three different types of drives. A user who knows which type of encoding the drive uses can choose only those patterns intended for their drive. A drive with a different encoding mechanism would need different patterns. Most of the patterns in the Gutmann method were designed for older MFM/RLL encoded disks. Relatively modern drives no longer use the older encoding techniques, making many of the patterns specified by Gutmann superfluous.[1]
Also interesting:
One standard way to recover data that has been overwritten on a hard drive is to capture the analog signal which is read by the drive head prior to being decoded. This analog signal will be close to an ideal digital signal, but the differences are what is important. By calculating the ideal digital signal and then subtracting it from the actual analog signal it is possible to ignore that last information written, amplify the remaining signal and see what was written before.
7
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
