Re: Fastest Secure Wipe?

a simple zero fill will confound all but the most determined TLA and they will be spending a lot to get very little data.
if a TLA has that sort of interest in your data you have big problems and physical destruction is the only acceptable wiping method.

Re: Fastest Secure Wipe?

Times change -- the gummit is usually slow to catch up. (I suspect they still propose hiding under your desk in the event of nuclear attack)

The domains on modern drives are so small that its unlikely even the spooks would be able to recover something you've (physically) overwritten -- even if with nonrandom, const data.

Years ago, you could "read" magnetic media with special solutions and a good microscope. (Obviously, a machine could do this better than human.)

Efforts are now moving into recovering data from FLASH devices that have been overwritten -- amusing when you consider the charges involved correspond to a handful of atoms!

If you think you need to spend two extra passes wiping your disk, please don't post, here, as none of us wants to be an accessory to whatever illegal activity in which you're involved! <frown>

https://www.nber.org/sys-admin/overw...a-guttman.html

Re: Fastest Secure Wipe?

I would think 1 pass would be sufficient if it is to just sell the drive. Otherwise wipe it with cloth then use bleachbit and finish with a hammer if you are trying to hide something.

Re: Fastest Secure Wipe?

I don't think you need to be doing illegal activity to want to securely wipe your data from the average joe I have a paper shredder, that doesn't make me a criminal either

Re: Fastest Secure Wipe?

If you think you need three pass DoD-standard to "clean" the drive, you're either overly paranoid or trying to hide something that you're afraid the spooks will come looking for!

Re: Fastest Secure Wipe?

Sure thing buddy

Re: Fastest Secure Wipe?

We recycle (literally) thousands of drives annually. Never anything more than overwriting the entire surface with data -- once. This is adequate in the eyes of our many corporate donors (after all, it's their data we're ensuring is elided).

But, hey, if you've got all that spare time on your hands to:

• write zeroes to every sector
• verify every sector has been written to zeroes
• write ones to every sector
• verify every sector has been written to ones
• write "random" data to every sector
• verify that random data has been written

then, by all means, do it -- keeps you out of the bars (and from doing anything productive with your life )

Of course, we can then argue as to how you define "random" as most machines don't have truly good, replenishable sources of entropy. And, how you capture a copy of all of that random data for use in the verification pass...

Re: Fastest Secure Wipe?

The things you have to be wary of are devices that use solid state memory. They often have more memory onboard than is made directly available to the user (think of it as "spare sectors"). And, the controller on (in) the device is continually reshuffling those sectors so the physical portion of the device that you're accessing as "sector 248" can vary over time -- even if you don't alter the contents of that sector!

[FLASH suffers from write and read "wear" -- electrons leaking out/in. The on-board controller's role is to make that data look like it isn't "wearing"]

As a result, stuff that you stored and thought you'd "erased"/overwritten may not actually have been overwritten/erased.

The same sort of thing is true in other places, as well. E.g., your photocopier probably stores copies of the most recently "copied" pages on an internal storage medium (disk/nonvolatile memory). Ditto for your printer.

And, if you think folks don't go poking around "foreign" media to see what may have been "left behind", you're truly naive!

(Damn near every machine I purchase at auction has a live OS still present on the disk; often tempted to contact some of those folks and spook them into wondering just what else they may have "left behind"...)

Re: Fastest Secure Wipe?

I've worked with some national recyclers, a single write pass is not considered good enough, BYMMV

Different strokes for different folks!

Re: Fastest Secure Wipe?

Challenge them to recover ANY data from ANY of the drives. If it's "not considered good enough", then they should have no problem recovering SOMETHING -- given all of the drives they have at their disposal! You can appeal to their desire for fame and fortune -- as having that ability would make them a sought-after supplier! All the headlines they could garner...

Most of it is folks relying on old information that was pie-in-the-sky, at best.

Consider:
https://www.vidarholen.net/~vidar/ov...drive_data.pdf
whose summary indicates:
Note that this references drives that are almost 10 years behind today's technology (which use smaller magnetic domains). Also, when reading the paper, note that the recovery process doesn't tell you when you've correctly recovered a bit (we aren't even talking about bytes!) so even if you see something that looks like recovered data, there is nothing to guarantee that it's not just a pattern appearing in RANDOM data.

To answer the OP's question, the "fastest secure wipe" is just to write a single pass (of damn near ANYTHING) over the entire medium as anything more than that would obviously be SLOWER!

Re: Fastest Secure Wipe?

The largest recycle place in this country uses Blancco, which is recommend by the National Cyber Security Centre, based on Infosec Standard 5, which is similar to the American DDOD 5220.22-M. They recommend a single random overwrite *with* verification as a baseline and a 3 wipe pass as an enhanced wipe.

They know a lot more about wiping data than you or I, so I'll go with their suggestions. I guess the first option would be the fastest for the OP.

Re: Fastest Secure Wipe?

I repeat, challenge them to recover ANY data and demonstrate the ability to repeatably do so (i.e., not just "get lucky").

Or, did you not understand the reference that I cited? Can you please share with us -- or, have the good folks at "the largest recycle place in the country" -- share with us their justificiation (beyond "marketing hype) for spending three times longer to process a drive than is really necessary?

[Even at 100MB/s write rate, it takes 16 minutes to wipe 100GB (which is a small disk by today's standards). Then, another 16 minutes to verify the written data (has to be done after the entire medium has been written, not piecemeal, along the way). So, 30 minutes per 100GB per pass. Plus the time to log the drive as being processed and physically move it from the "in" stack to the "out" stack. Then, exception handling for the drives that won't spin-up, won't write or won't verify. Wiping disks takes a LOT of time and resources!]

A recycler has no knowledge of how well the drive was or was not performing prior to receiving it. (Ask yourself how they handle drives that fail to verify?) The OP knows whether or not he was having problems with the drive and whether it may contain "grown defects" that represent buried data that his wipe WON'T erase. He also knows what is likely to have been stored on the medium over its life time (is he a porn-a-holic? does he do ecommerce? electronic tax filing?)

A recycler also receives drives from a variety of sources (individuals and corporations and government agencies) and a variety of vintages (18 months old to 10 years old, or older). The 45MB (that's MEGA not GIGA) drive I pulled from my Compaq 386 portable (30 years old) is far more susceptible to digital forensics than the 4G drives I bought last year. (you don't expect a recycler to have in place two different processing options and intimate knowledge of every device that he may be called on to process).

I speak from 15+ years working in recycling and listening to the requirements donors place on us for their systems to be recycled. Some folks won't even have considered the fact that their is still "live data" residing on their equipment. Some won't be aware that their equipment (e.g., copiers, printers) actually CAN contain residual data. Some will have wiped the drives themselves (whatever they think is adequate). Some will pull the drives and dispose of them elsewhere (drop it overboard on a Caribbean cruise). Some drill holes through the platter stack. Some cut the platter stack with a radial arm saw. Some shoot the drives with a .38 or .45.

Note that we make no guarantees for drives that the donor has rendered inoperable by such actions. They are processed AS-IS as scrap metal. Drives that we discover to be inoperable are disassembled and the platters shattered.

I trust our process for my personal data -- and that's a pretty strong endorsement (do I know, for sure, that some other recycler isn't just giving lip service to their stated process?)

Re: Fastest Secure Wipe?

I saw your references, that doesn't change my mind on the matter. I speak from 20+ years experience, but I dunno, your button might be bigger than mine, right?

I've worked with the largest recycle outfit in the country and plenty of organizations with sensitive data in my time. The recyclers uses multi bay volume eraser hardware for wiping, and FYI, if the drive fails wipe verification it's shredded, into lots of tiny bits and melted down for scrap.

If the National Cyber Security Centre, a Government body, suggest to the common man in the street that a 3 wipe pass is your very best bet, I suspect they are in a better position than you or I understand the matter and give advice on it.

Re: Fastest Secure Wipe?

Of course it is!

Do you understand how marketing works? It is uniquely different from SCIENCE. Science deals with the real and the possible. Marketing deals with perceptions. Why else would MS spend so much effort on FUD to discredit the FOSS world? Esp when THEIR products clearly suffer from the problems they insinuate plague the FOSS products!

Ans: marketing. perceptions.

"No one ever got fired for buying IBM" -- and, if its not YOUR (personal) money thats being spent, why not go top shelf? Esp if that reduces the risk to you, personally, for having made a bad (though economical) decision?

If you tell the contractor who's building your home that you want screws used instead of nails -- and won't accept bids from folks that don't use screws -- he'll gladly bill you for the extra cost of the hardware AND the labor to install it. despite the fact that it won't make a significant difference to the quality of your house!

Tell me I have to run 17 passes (Gutmann's original paper) over the data and I'll bill you for those 17 passes. And, being ethical, I'll actually do them -- and laugh at how foolish you are with your monies and time!

Meanwhile, I'll quote your competitors a rate that is considerably cheaper for a single pass wipe and you'll wonder why their operating expenses are so much lower than yours!

And, we all know the government's documented procedures are current with technology, right? I toured NORAD in the 80's. They were having new computers installed -- that had been ordered a decade earlier. But, admittedly, that's for nothing as important (national defense) as data wiping. No need to be "current", there!

You do note that the government doesn't even use the standards that THEY created regarding encryption, etc.? Clearly, someone realizes that the paperwork and standards process is way behind reality... Maybe they'll get around to updating the standards to reflect current technology? And, then updating them, again, as the technology would have progressed in the time it takes the committees to approve the previous updates?

"Standards are great. EVERYBODY should have one!"

But, hey, I'm sure they decided that they should update the disk wiping policy before any of these other written procedures!

Re: Fastest Secure Wipe?

Clintons recommend and always use bleachbit.

Re: Fastest Secure Wipe?


one or more should do it

Re: Fastest Secure Wipe?

I was thinking more along the lines of one of these myself, but i know the UK doesn't use natural gas much anymore, so you may be SOL on this account.

Re: Fastest Secure Wipe?

plenty of lpg stocks .

Re: Fastest Secure Wipe?

Thermite would be much more interesting!

The problem with destructive techniques is that they tend to render the dives "valueless" for resale...

Re: Fastest Secure Wipe?

I'll show you mine if you show me yours, but no touching, K?

I do understand science and marketing, thanks for asking. The Gov doesn't need to appeal to FUD and marketing with it's recommendations, although I appreciate the manufactures do. Regardless, I'm still going with the gov's recommendations, they know more about it than you, despite your ability to read and use google, they are likely in an authoritative position on the matter, you are not.

IIRC, the guidance was updated about 2 years ago, which is fairly recent in the grand scheme of things. The security services of the UK refresh equipment very frequently (weeks and months, not years), so I don't think your cute NORAD anecdote is relevant in this instance.

I used the quote function there, I hope you liked it.