Security Corner

Jan 18 2009   1:34AM GMT

The Great Drive Wiping Controversy Settled at Last

Ken Harthun Ken Harthun Profile: Ken Harthun

How many times do you have to overwrite a hard drive in order to securely wipe it? This question has been at the center of an ongoing controversy for a long time. On the one hand, we’ve had Peter Gutmann saying it takes 35 passes (Gutmann, P.  (1996) “Secure Deletion of Data from Magnetic and Solid-State Memory”); on the other hand, we’ve had the NIST saying one pass is enough ( So, which is it, one, 35, or something in between?

NIST gets the prize: One pass is enough to delete data such that it can not be recovered.  A paper published in December last year; “Overwriting Hard Drive Data: The Great Wiping Controversy” by Craig Wright, Dave Kleiman and Shyaam Sundhar R.S. as presented at ICISS2008 and published in the Springer Verlag Lecture Notes in Computer Science (LNCS) series, proves beyond doubt that data can’t be recovered from a wiped drive even if one uses an electron microscope. As Craig Wright puts it in a post on the SANS Computer Forensics blog:

Although there is a good chance of recovery for any individual bit from a drive, the chances of recovery of any amount of data from a drive using an electron microscope are negligible. Even speculating on the possible recovery of an old drive, there is no likelihood that any data would be recoverable from the drive. The forensic recovery of data using electron microscopy is infeasible… The fallacy that data can be forensically recovered using an electron microscope or related means needs to be put to rest.

That sure makes life easier for those of us who have to deal with secure deletion of sensitive data. I’ll use my copy of Darik’s Boot and Nuke (DBan) with one pass from now on and get those retired hard drives wiped in no time.

1  Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.
  • Bigitgeek
    The data on your personal PC would likely only be hunted for by a black hat that purchases it on ebay.. or a dumpster diver who finds it in the trash. Since these type folks don' t have a huge amount of resources necessary to undo most forms of disk wiping a disk wipe with a simple "fast pass" with DBAN works just fine. Kilroy
    30 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: