Shug7272 Posted January 17, 2009 CID Share Posted January 17, 2009 The myth that to delete data really securely from a hard disk you have to overwrite it many times, using different patterns, has persisted for decades, despite the fact that even firms specialising in data recovery, openly admit that if a hard disk is overwritten with zeros just once, all of its data is irretrievably lost. Advertisement Craig Wright, a forensics expert, claims to have put this legend finally to rest. He and his colleagues ran a scientific study to take a close look at hard disks of various makes and different ages, overwriting their data under controlled conditions and then examining the magnetic surfaces with a magnetic-force microscope. They presented their paper at ICISS 2008 and it has been published by Springer AG in its Lecture Notes in Computer Science series (Craig Wright, Dave Kleiman, Shyaam Sundhar R. S.: Overwriting Hard Drive Data: The Great Wiping Controversy). They concluded that, after a single overwrite of the data on a drive, whether it be an old 1-gigabyte disk or a current model (at the time of the study), the likelihood of still being able to reconstruct anything is practically zero. Well, OK, not quite: a single bit whose precise location is known can in fact be correctly reconstructed with 56 per cent probability (in one of the quoted examples). To recover a byte, however, correct head positioning would have to be precisely repeated eight times, and the probability of that is only 0.97 per cent. Recovering anything beyond a single byte is even less likely. Nevertheless, that doesn't stop the vendors of data-wiping programs offering software that overwrites data up to 35 times, based on decades-old security standards that were developed for diskettes. Although this may give a data wiper the psychological satisfaction of having done a thorough job, it's a pure waste of time. Something much more important, from a security point of view, is actually to overwrite all copies of the data that are to be deleted. If a sensitive document has been edited on a PC, overwriting the file is far from sufficient because, during editing, the data have been saved countless times to temporary files, back-ups, shadow copies, swap files ... and who knows where else? Really, to ensure that nothing more can be recovered from a hard disk, it has to be overwritten completely, sector by sector. Although this takes time, it costs nothing: the dd command in any Linux distribution will do the job perfectly. Link Quote Link to comment Share on other sites More sharing options...
tommie gorman Posted January 17, 2009 CID Share Posted January 17, 2009 So Linux is easier to over write then? Good read shug, thanks. Quote Link to comment Share on other sites More sharing options...
Shug7272 Posted January 17, 2009 Author CID Share Posted January 17, 2009 So Linux is easier to over write then? Good read shug, thanks. I was surprised by this read. Quote Link to comment Share on other sites More sharing options...
Sequoia Posted January 18, 2009 CID Share Posted January 18, 2009 I use a Linux program TRK to delete files Vista won't let me.I don't know a lot of Linux but I use the shred command. I wll have to look up th dd command & see what it does. I use an overwritting program to delete the temporay files listed .I don't use Windows backup or Shadow copies. I usually only do the page file once a week.Mostly because the program makes a setting to delete the page file on shutdown the change stays in the registry.That's fine for one shutdown but really slows the shutdown.So I disable it after the overwrite on next boot. The overwrite program I use is Total Privacy. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.