Saturday, May 04, 2013

Securely Erasing Your Drive Before You Dispose It


http://cmrr.ucsd.edu/people/Hughes/Secure-Erase.html#

Much to my surprise through a couple of articles I recently posted to this blog, I discovered that writing over data on a drive many times does not add any additional security, despite what I learned earlier in my career. Apparently the rumor started when a professor Gutman discovered that the edges of an old kind of a hard drive were still magnified with data remnants even after being overwritten with random data. 

Daniel Feenberg, an economist at the private National Bureau of Economic Research, reported that the truth was that he had used an electron microscope to discover this data, and he could never recover more than a very small amount of it. So in fact for all practical purposes overwriting data once, especially in newer drives, does appear to erase beyond the ability of anybody but 1 or 2 scientists in the world to recover and even then they might be able to recover only a little. Furthermore these data remnants are not available in an SSD when it has been overwritten. 

A legitimate argument against these claims is the issue of sector both conventional hard drives and SSDs automatically set aside during every day use as no longer reliable. When you overwrite your disk, these disk sectors are not overwritten so they conceivably might retain data that is recoverable.

To deal with the latter data remnants is a small utility called Secure Erase which is built into all drives larger than 15 GB for the last 12 years. That applet is set off by a command from the operating system but then works independently of it and even overwrites or erases data found in the set aside disk sectors. From the link above you can download a piece of freeware which will command the hard drive to go through its secure erase routine. 

Also of use is the Wikipedia article on the subject of data remnants:

http://en.wikipedia.org/wiki/Data_remanence

Here are some quotes from that article:
"As of November 2007, the United States Department of Defense considers overwriting acceptable for clearing magnetic media within the same security area/zone, but not as a sanitization method. Only degaussing or physical destruction is acceptable for the latter.[4]
On the other hand, according to the 2006 NIST Special Publication 800-88 (p. 7): "Studies have shown that most of today’s media can be effectively cleared by one overwrite" and "for ATA disk drives manufactured after 2001 (over 15 GB) the terms clearing and purging have converged."[1] An analysis by Wright et al. of recovery techniques, including magnetic force microscopy, also concludes that a single wipe is all that is required for modern drives. They point out that the long time required for multiple wipes "has created a situation where many organisations ignore the issue all together – resulting in data leaks and loss. "[5]
For the truly paranoid using secure erase,  followed by magnetic degaussing, and then physical destruction should kill the data beyond anybody's ability to recover for a long time into the future of forensics...Apparently the best in physical destruction methods destroy disks into particles 1/125 inch in size but this is still bigger than the size on a platter of a single 512-byte record block in size, however securely erasing and degaussing said disk should be acceptable "data sanitization" to all governmental legal requirements.

Some very recent disks encrypt the data within the disk's own operating system and before writing it to the disk. Apparently changing a disk of this sort's encryption key renders the data beyond recoverability at an even higher level than the previous methods mentioned. Health and other other organizations requiring extreme levels of data security may benefit the most from storing the data on these types of drives to begin with.

Since these issues regard government standards and criminal penalties, please do not take my word for it but read the articles and their provided  references.

No comments:

Removing a Bios - CMOS Password - Free Article

http://www.dewassoc.com/support/bios/bios_password.htm "Unfortunately, access to computers can, at times, be blocked for all of t...