[Cialug] Semi-OT: wiping a hard drive once is enough?

Daniel A. Ramaley daniel.ramaley at drake.edu
Wed Mar 11 16:53:55 CDT 2009 

What i've read on the subject over the last couple years is that if 
you've an old MFM drive from the 1980s, one pass is insufficient. A 
well-financed attacker would be able to either instruct the drive to 
reposition its heads to read the faint left-over signal at the edge of 
the tracks, or disassemble the drive and use an electron microscope to 
read the residual magnetic fields. In the latter case, the attacker 
would have to be very well financed indeed, as time on such a 
microscope is not cheap. In the former case, perhaps all it would take 
is some specialized data recovery software; i don't really know.

If you have a drive made in the 1990s or 2000s, don't worry about it. 
One pass with all zeros is adequate. The residual magnetic fields are 
so small that they cannot be differentiated from the background noise 
on the drive, even with expensive equipment. If you're really paranoid, 
writing a pass or two of random data won't cost anything but your time 
and some electricity. It might be possible in a few decades for 
technology to have improved enough that someone could take a 2009-era 
drive and pull wiped data off of it, but given that magnetic fields on 
drives slowly degrade anyway, it isn't something i'm personally worried 
about. If i have a drive that is either dying or no longer necessary, i 
do a one-pass wipe to zeroes, and then either discard it, give it away, 
or put it in storage (depending on the scenario).

On 2009-03-11 at 13:12:39, Nathan Stien wrote:
>In the above link, the author says that multi-pass hard drive wiping
>programs are silly, because overwriting data once with zeroes is
> enough to make it unrecoverable to forensics experts.  This is
> definitely counter to what I have been taught, and I'm curious what
> y'all think about it.

------------------------------------------------------------------------
Dan Ramaley                            Dial Center 118, Drake University
Network Programmer/Analyst             2407 Carpenter Ave
+1 515 271-4540                        Des Moines IA 50311 USA

More information about the Cialug mailing list