Reformating the HD (is 7-pass zero out sufficient)?

Discussion in 'Mac Basics and Help' started by hajime, May 15, 2012.

  1. hajime macrumors 601

    Jul 23, 2007
    Hello. Before I give my computer to somebody, I need to reformat the drive. Under the Security Options, one can choose 1-pass, 7-pass, 35-pass to zero out the data. Supposing that somebody very technical from Apple wants to access very important data from the drive, will that person still be able to access the data after I made a 7-pass zero out formatting? I know there are people who are not concerned about such security issue. I just want to know if 7-pass is sufficient to make the data non-retrievable. Also, will zero out the data many times cause damage to the drive? Thanks.
  2. miles01110 macrumors Core


    Jul 24, 2006
    The Ivory Tower (I'm not coming down)
  3. chown33 macrumors 604

    Aug 9, 2009
    Sailing beyond the sunset
  4. arjen92 macrumors 65816


    Sep 9, 2008
    Below sea level
    Erasing it one time with zero's should be enough. Also, why would the first time a stranger used your computer send it to an apple tech to retrieve your old data?

    If you really want to be sure, you should remove your hard drive. Replace it maybe. Use a magnet to destroy your old harddrive, that way nobody can retrieve the information.

    Hard drives do wear out after a while. Although writing zeroes 7 times doesn't add a lot to the wearing, it does add a tiny little bit.

    But you could wonder, why would there be a 35-pass zero erase, if 1-pass or even 7-pass should be enough. For the paranoid people? Or is there actually a valid reason?
  5. ChrisA macrumors G4

    Jan 5, 2006
    Redondo Beach, California
    It depends on who you are selling the computer to and how much they are willing to spend to cover your data. 1-pass will wipe it out well enough that most people will not be able to recover it. They would have to physically disassemble the disk drive and use some special hardware to recover it.

    the 7-pass will stop most people who are willing to disassemble the drive. Most data recover services would not be able to recover anything. However if some one has the resources of a national government there is not much you can do except to physically destroy the drive. One place i worked had "shredder" strong enough for disk driver. In another place they used a band saw and chopped them up after the degauss machine scrabbled the bits

    I'd say 1-pass would do it. unless you have worked at a bank or some other place with very valuable data.
  6. ChrisA macrumors G4

    Jan 5, 2006
    Redondo Beach, California
    The reason is because head positioning over a track is not 100% perfect. There is always some potion error. So if you write a zero over some data the zero might not cover all of the old data. One can disassemble a drive and look at the tiny fractional width of a track that is still exposed. You need some expensive equipment and a clean room. But with 7 passes the random head position errors will mostly cover the data and some on both sides it it.
    The head can over or under shoot the track and there might by vibration that the head can't compensate for. It is mechanical stuff like this.

    Also, using more sophisticated methods one can "see" under the zero too. It is like painting over marks on a wall, the paint does not cover 100%. But if you apply 35 coats it comes close. Poor analogy but close enough.

    Over all the way to think of the bit on the track is that they have "fuzzy" edges and their positions not quite perfect. So if you write "fuzz or fuzz" and with not-perfect alignment you can still see some of the old data.

    They make dye that changes color based on the direction of the magnetic field and if you apply this dye to the platter and then look with the right kind of microscope you can see the effect described above. I can't imagine the cost of this kind of work, to recover a few billion bits that way.

    Again if you write over the data even once recovering the old data will cost a LOT and require some one to disassemble the drive. Given enough money and time they can figure out what was one the drive. Only physical destruction prevents that. So if you think the CIA is after you, grind the drive to dust then scatter the dust. But the 1-pass will keep any normal person from your data.
  7. dusk007 macrumors 68040


    Dec 5, 2009
    Even the CIA can't. It is pure paranoia. A few years back it seemed possible to do it after one pass. Just to be sure anyway they said overwrite it multiple times than it is impossible anybody will ever manage to retrieve anything.
    Now it just holds as a myth.
    This from the link that was posted at the beginning of the thread covers all the actual research that has been done.
    Modern harddrives after one pass are wiped not even the CIA can do anything about it. No matter the time or resources.

    It is the same with Encryption. In the movies they always crack everything with some super hacker or super computer. The layman thinks yeah the government can do it. The truth is nobody can break AES256 today. Unless you are dumb enough to use a tampered with and not properly reviewed implementation it is unbreakable without a ridiculous amount of luck or an insecure password.
    Even a quantum computer won't change that they only threaten RSA.
    Not even AES 128bit is breakable today even with all the fastest super computers at your disposal. Yet most use 256bit just to be safe and add a salt to enlarge the key even more.

    It is ridiculous. There are 35 passes because people once thought it possible. Now in 30 years there has been only indication to the contrary that it actually gets harder every generation. 1 pass the rest is just wasting time.
    A magnet is faster.
    A shredder is great for recycling, because you need to shred the old broken stuff anyway.
  8. Quad5Ny macrumors 6502a


    Sep 13, 2009
    New York, USA
    I'd like to add that Zeroing a drive is only effective for spinning media (HDD).

    While it may work with some SSD's, it's not a sure bet like it was with hard disk drives. Your better off issuing the Secure Erase command to the drive. If the manufacture designed the controller correctly (not all of them do), it will erase everything.

    Reading this should be enough get you started -
  9. TyroneShoes2 macrumors regular

    Aug 17, 2011
    It really depends on two things:

    1) How paranoid you are,

    2) Who's hands the drive might fall into.​

    It doesn't really matter how much you scrub if the genius FBI hacker is motivated enough to find those off-shore accounts and ponzi scheme details. If you are worried about all the kiddie-porn remnants and are just taking it in to the Genius bar, I think 7-pass will probably cover it.

    It seems that HDDs are so cheap that I would just destroy a HDD rather than sell it with a computer if I were paranoid about the data (and just because you are paranoid does NOT mean someone isn't really following you).
  10. miles01110 macrumors Core


    Jul 24, 2006
    The Ivory Tower (I'm not coming down)
    Fixed for you. The Germans thought nobody could break the Enigma. Oops.
  11. Comeagain? macrumors 68020


    Feb 17, 2011
    Spokane, WA
    They thought nothing could sink the Titanic either.
  12. dusk007 macrumors 68040


    Dec 5, 2009
    What I meant is that no matter the resources you cannot break it. There is no difference between the Geek in the garage with his Atom Netbook and an NSA super computer. Neither has the capability to break even 128bit AES, let alone 256bit.

    The algorithm has no useful exploitable flaws. That anybody knows off. If the NSA math whizzes no about one. They wouldn't use the encryption themselves because any russian guy could figure it out too and break their entire system.
    Implementations can be tampered with but if you use open source ones that you compile yourself that have been sufficiently reviewed, they are safe. Any company that would use a bad one would act against US law and could go bankrupt with one whistleblower.
    As long as their are no funny things in key derivation it cannot be broken today. If one encrypts with an implementation that is fake, it won't matter if one uses more bits anyway.
    It may not be theoretically impossible as One time pads but it is practically impossible. If the CIA throws all its might behind it, it doesn't change that. What you need to break it is an exploit. There is none known and loads of people tried to find one, if there was one they'd be hard at work to get a new encryption standard.
  13. marcusj0015 macrumors 65816

    Aug 29, 2011
  14. goRoostr macrumors member

    May 17, 2012
    Philadelphia Suburbs
    To add to yours:
    Or 3) How much time you have on your hands, because even a 1-zero pass takes a long time, imagine a 7 or 35? you would be there forever waiting for it to finish.

Share This Page