Date: 25 Jan, 2012
Posted by: admin
In: hints & tips|linux, open source & software|recycle
How to securely delete data from a hard-drive (or USB pendrive) so that the information is virtually unrecoverable even to someone with unlimited funds.
Over-write it and then smash it with a hammer?!?
“If you are bloody minded, hard-drive data can still be read off the platters since the smashing will not completely destroy the magnetic domain information.”
(Friend-of-a-friend on Facebook)
Sorry but this just isn’t true. The success rate of restoring data from a full zero-pass (setting all bits to zero) is so low and the cost so prohibitive that no-one would attempt it without expecting a multi-million dollar return. This used to be almost feasible but on a modern drive the magnetic domains are so tiny …
“The fallacy that data can be forensically recovered using an electron microscope or related means needs to be put to rest.”
(Wright, et al., “Overwriting Hard Drive Data: The Great Wiping Controversy” [online viewer])
Of course if you’re an active secret agent harbouring data that can bring down a super-power then you’d use a hidden encrypted partition (on a USB pendrive) and then just thermite the drives for speed and certainty.
Once you’re done then you can donate the drive on Freecycle/Craigslist or somewhere.
The above quoted Wright, et al., source includes an example of attempting a recovery using a Magnetic Force Microscopy device to look at overwritten magnetic domains on a recently produced hard-disk drive. Here’s their results:
Secure deletion of data - Peter Gutmann - 1996 Abstract With the use of increasingly sophisticated encryption systems, an attacker wishing to gain access to sensitive data is forced to look elsewhere for in- formation. One avenue of attack is the recovery of supposedly erased data from magnetic media or random-access memory.
¡ÄuÜtÞdM@ª""îFnFã:à•ÅÒÌ¾‘¨L‘¿ôPÙ!#¯ -×LˆÙÆ!mC 2´³„‡·}NŽýñêZØ^›l©þì®·äÖŒv¿^œº0TÏ[ªHÝBš¸ð 7zô|»òëÖ/""º[ýÀ†,kR¿xt¸÷\Í2$Iå""•ÑU%TóÁ’ØoxÈ$i Wï^™oËS²Œ,Ê%ñ ÖeS» eüB®Èk‹|YrÍÈ¶=ÏÌSÃ¡öp¥D ôÈŽ"|ûÚA6¸œ÷U•$µM¢;Òæe•ÏÏMÀùœç]#•Q Á¹Ù""—OX“h ÍýïÉûË Ã""W$5Ä=rB+5•ö–GßÜä9ïõNë-ß¨Ya“–ì%×Ó¿Ô[Mãü ·†Î‚ƒ‚…[Ä‚KDnFJˆ·×ÅŒ¿êäd¬sPÖí8'v0æ#!)YÐúÆ© k-‹HÃˆø$°•Ø°Ïm/Wîc@Û»Ì"„zbíþ00000000000000000
To be fair they do have an example using a brand-new drive where the data was the only thing to be written to the drive after manufacture. In that optimal example there were a couple of partial words that it was possible to recover.
One last quote from Wright, et al., on attempting to recover an MS Word document.
The bit-by-bit chance of recovery lies between 0.92 (+/- 0.15)10 and 0.54 (+/-0.16)11. We have used the higher probability in the calculations to add an additional level of confidence in our conclusions. This demonstrates that the chances of recovering a single 8-bit character on the pristine drive are 51.32%. The recovery rate of a 32-bit word is 0.06937619 (just under 7%). As such, the chances of finding a single 4 letter word correctly from a Microsoft Word document file is 2.3166E-05 (0.00002317%).
If you’re still not convinced there’s always thermite!
Sorry, comments are closed.