From: denis.mcmahon at ntlworld.com (Denis McMahon)
Subject: Re: Erasing a hard disk easily

> I know you stated "allegedly" but this subject interests me.

It used to interest me professionally, and I still have an interest in it.

If I wanted to be absolutely 100% sure that my data was not going to be 
recovered, I'd dismantle the disc and remove the recording media from 
the platters using some form of abrasion.

It depends how secure you want your data to be.

I have a program that I wrote to do a mass overwrite, it does walking 
bit, walking null, alternating and reversed bit patterns, all 0s, all 
1's and several other things, but I wouldn't trust it to erase any data 
that serious people with lots of money wanted to recover in a forensic 
environment.

Forensic data recovery relies on the fact that discs have tracking 
error, and if you can read a disc with enough resolution of the tracking 
error you may discover not totally erased bits because the new data 
didn't over-write the old data completely.

This is most likely to happen with data written shortly after power up, 
before the drive's temperature has stabilised.

To reduce the likelihood of such data recovery techniques, you need to 
write a data stream to the disc with as much marnetic flux reversal at 
the disc surface as you can manage. The more flux reversals the better 
your chances of scrambling any ghost image of earlier data.

To maximise the flux reversals when writing to a hard disc, you need to 
take into account the data that is already on the disc and the encoding 
schema for writing to the disc, and feed in a data stream that causes 
maximum flux at the disc surface. Because of the encoding scheme, this 
isn't as simple as writing all 0's and then all 1's, because if you do 
that, some bit sequences in some coding schemas will not actually change.

Denis

Powered by blists - more mailing lists