tglogo.gif (4260 bytes)
Search
Forum
FaqHome
Feedback
Credits
About Raj

Download:
Eraser 5.7

 

Erasing Information From Hard Disk Drive

by Dr. Raj Mehta

Erasing Information From Hard Disk Drive:

Erasing Data from Hard Disk Drive, once written, is almost near impossible! It is almost like writing in stone. You have to practically destroy the HDD to make the data inaccessible to someone who is determined read it.

Let us dispense with some of the common myths about erasing the data:

Myth 1: Delete the data using say windows explorer and it is gone! Wrong! Wrong!
Myth 2: Format the HDD and the data is not retrievable! Wrong! Wrong!
Myth 3: Write 1's and 0's in random fashion over the data! Wrong!
Myth 4: Physically drill a hole through the platter! Wrong!

If you have sensitive data on the HDD, and you are discarding the computer HDD best to destroy the HDD physically.

Let me at the outset state that if you use of the suggested procedures below, then the information can only be accessible by agencies e.g. Research Analysis Wing (RAW) (India) or National Security Agency (NSA) (US) or Intelligence agencies.

I would suggest if you are concerned about Data Privacy, please read some of the articles given in the references below and then decide on the procedure you need to adopt to feel safe.

If you have determined that you need for privacy of your data is not "extremely" critical, then there are procedures you can adopt to make the data invisible to eyes of "average"(?) hacker.

Simplest and quickest approach will be to use some utility e.g.Eraser, a Open Source software which can write multiple times random patterns of 1's and 0's. For most people, whose data is not very sensitive this should do.

Beyond that please read comments/advice from Security Expert Mr. Bruce Gingery below.

Download Eraser 5.7 (please read the help files)

References:

  1. http://www.geek.com/news/geeknews/2003Jan/gee20030116018198.htm
  2. An article by Simson l Garfinkel and Abhi Shelat of MIT
    " Remembrance of data past"

    http://www.computer.org/security/v1n1/garfinkel.htm
    download it from:
    http://www.computer.org/security/garfinkel.pdf
    or
    http://www.computer.org/security/garfinkel_print.html
  3. Suggestions for disposal of Hard Drives: download it
    http://security.arizona.edu/docs/DisposalofHardDrives.pdf

Comments by Mr. Bruce Gingery:

I hadn't seen it (article by Garfinkel et.al.). Thanks. Do see my note at end.

> The most common techniques for properly sanitizing hard drives include
> * Physically destroying the drive, rendering it unusable

This is NOT just "drilling a hole" through the drive with an electric drill, as is often ignorantly recommended. Destruction means, literally, destruction of the platters. Drilling a hole is sufficient for TRIVIAL data protection, only, where no interest
is expected in anyone recovering the data. It is questionably more effective than overwriting the entire drive ONCE with binary zeros or ones (the LEAST effective method blanking of the drive other than relying on a "format" or "delete" process).

> * Degaussing the drive to randomize the magnetic do-mains-most likely rendering the drive unusable in the > process

Recent reports indicate that a shipyard or junkyard magnet MAY sufficiently de-gauss the platters to the point that no attempts at recovery will be successful. Traditional "commercial bulk erasers" _can_ be effective against other than massive-resource recovery attempts.

> * Overwriting the drive's data so that it cannot be recovered

On a recently new drive, a dozen or so overwrites with encrypted data MAY be enough for all but governmental+essential-recovery efforts will erase it. On an old drive - seeks from various places between track writes will be necessary to handle the overwidth bits recorded in domains to prevent recovery.

...
> Many individuals maintain that information can be recovered from a hard drive even after it is overwritten. We reserve Level 5 for such
> information.

Only because it's true. Laboratory recovery techniques can do phenominal un-layering of overwrites, recovering significant amounts of several layers of overwrites.

Five years ago - sanitizing a laptop, (while leaving it usable) for example, required reducing the OS to two copies of PGP and MSDOS.sys+IO.sys+two copies of command.com -- filling the disk several times with PGP overwrites. Sanitizing ONE of the PGPs and ONE of the command.com's with overwrites. Copying from the in-use command.com and pgp.exe to another place on the disk. Overwriting the ones used first. Then re-installing a new system from CD.

Most people who rent or use a "trial offer" on a laptop don't do any of this.

Today, more reasonable, would be to use (and boot from) your OWN hard drive in place of the one provided with a lent or rented laptop.

On a *N?X system, a combination of dd and pgp from another drive should be quite effective for overwriting ALL of another drive. This may require weakening that copy of PGP through source modifications, as the file-overwrite code normally does some direct mapping checks.

On a FreeBSD system (or other system with the "vnode filesystem" driver capacity), a pseudo-disk volume can be created in a file even on an active drive, which is easily managed (when unmounted) for erasure, with PGP's normal file-oblitteration process. While used, it's a mounted subdirectory, confined to that file. After use, for oblitteration, it is merely a file. Note that the data analysis of drives in the reported "experiment" also used dd

On a variety of systems, an encrypted filesystem CAN be used, with various levels of success and impediment to normal use. In that case, the filesystem is somewhat protected DURING use, as well as afterwards. Ahh, it IS mentioned.

Also worthy of note: "encrypted" MS-Office documents do NOT encrypt their content -- according to Microsoft. A now seven-or-more year old design flaw which was announced as "No intent to repair". The "Lock with a password" depends upon a normal copy of the Office component to respect the locks.

Abuot the authors:
Simson L. Garfinkel is long known for speaking authoritatively beyond
his knowledge. He has written on MANY topics that pertain to computers
and networking -- a regularly published author. Abhi Shelat, I don't
recognize.


Copyright 1999-2003 Dr. Raj Mehta. All rights reserved.