Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How does a 7- or 35-pass erase work? Why would one use these methods?

Tags:

security

erase

hardware

How and why do 7- and 35-pass erases work? Shouldn't a simple rewrite with all zeroes be enough?

like image 455
stalepretzel Avatar asked Nov 10 '08 01:11

stalepretzel

People also ask

What is a 35 pass erase?

The Gutmann method is an algorithm for securely erasing the contents of computer hard drives, such as files. Devised by Peter Gutmann and Colin Plumb, it does so by writing a series of 35 patterns over the region to be erased.

What is a 7 pass erase?

The only way to fully erase the hard drive is to write over it using the wipe feature. The 1, 3 or 7 option lets you choose how many passes you wish to do. The United States Department of Defense recommends using a 7 pass wipe to clean media.

Which disk erase method is best?

Most experts agree that Secure Erase is the best way to overwrite an entire hard drive in a single pass. The very simple Write Zero method accomplishes essentially the same thing, albeit much slower.

How does Secure Erase work?

Secure erase works by overwriting the data at its location with new data that's random and useless (usually binary 1's and 0's). Once this overwriting has been accomplished, software-based data recovery methods (like file or partition recovery programs) won't be able to recover the data.

2 Answers

A single pass with zeros doesn't completely erase magnetic artifacts from a disk. It's still possible to recover the data from the drive. A 7-pass erasure using random data will do a pretty complete job to prevent reconstruction of the data on the drive.

Wikipedia has a number of different articles relating to this topic.

http://en.wikipedia.org/wiki/Data_remanence

http://en.wikipedia.org/wiki/Computer_forensics

http://en.wikipedia.org/wiki/Data_erasure

like image 85
epochwolf Avatar answered Oct 21 '22 03:10

epochwolf

I'd never heard of the 35-part erase: http://en.wikipedia.org/wiki/Gutmann_method

The Gutmann method is an algorithm for securely erasing the contents of computer hard drives, such as files. Devised by Peter Gutmann and Colin Plumb, it does so by writing a series of 35 patterns over the region to be erased. The selection of patterns assumes that the user doesn't know the encoding mechanism used by the drive, and so includes patterns designed specifically for three different types of drives. A user who knows which type of encoding the drive uses can choose only those patterns intended for their drive. A drive with a different encoding mechanism would need different patterns. Most of the patterns in the Gutmann method were designed for older MFM/RLL encoded disks. Relatively modern drives no longer use the older encoding techniques, making many of the patterns specified by Gutmann superfluous.[1]

Also interesting:

One standard way to recover data that has been overwritten on a hard drive is to capture the analog signal which is read by the drive head prior to being decoded. This analog signal will be close to an ideal digital signal, but the differences are what is important. By calculating the ideal digital signal and then subtracting it from the actual analog signal it is possible to ignore that last information written, amplify the remaining signal and see what was written before.

like image 7
Dustin Getz Avatar answered Oct 21 '22 01:10

Dustin Getz
Sign in to Comment

Related questions

How to secure user data in the database with Rails?
Why does Java tell me my applet contains both signed and unsigned code?
What is CSRF Protection really for?
Android java.security.cert.CertPathValidatorException: Trust anchor for certification path not found
PHP security : retrieving PHP file from server, un-processed
What is best possible way of salting and storing salt?
Are there any differences between SQL Server and MySQL when it comes to preventing SQL injection?
Generating Private, Unique, Secure URLs
In PHP, how does PDO protect from SQL injections? How do prepared statements work?
Simplest way to encrypt a text file in java
How can one make a web-site accessible only when someone has a dongle?
Is there a "safe" subset of Python for use as an embedded scripting language?
In which languages is it a security hole to use user-supplied regular expression?
SSLContext initialization
Is Microsoft's GUID generator cryptographically secure
HTML.Encode() - What/How does it prevent scripting security problems in ASP .NET?
How to prevent NFC tag cloning?
How safe is information contained within iPhone app compiled code?
Moving old passwords to new hashing algorithm?
Is ALLOWED_HOSTS needed on Heroku?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!