Secure Empty Trash or Hammer?

Discussion in 'Mac Basics and Help' started by Henri Gaudier, Jan 10, 2009.

  1. Henri Gaudier macrumors 6502a

    Henri Gaudier

    Joined:
    May 4, 2005
    Location:
    France
    #1
    According to Which? Magazine "The only way to stop fraudsters stealing information from old computer hard drives is by destroying them completely....... the most straightforward solution - it recommends using a hammer."

    I have always thought that S.E.T. made data 100% impossible to retrieve. Further, whenever I've sold on a machine, I've reformatted the drive using Low Level Format and have felt 100% confident that the machine is clear. Am I mistaken?

    If I'm not, this advice seems incredibly wasteful and un-green.

    http://news.bbc.co.uk/2/hi/technology/7816446.stm
     
  2. Eraserhead macrumors G4

    Eraserhead

    Joined:
    Nov 3, 2005
    Location:
    UK
    #2
    A 1-pass wipe in Disk Utility will be OK, a 7-pass wipe will be more than enough.
     
  3. Henri Gaudier thread starter macrumors 6502a

    Henri Gaudier

    Joined:
    May 4, 2005
    Location:
    France
    #3
    And so Which? is needlessly advising people to destroy perfectly good drives and by result, increasing pollution. It's stupid that this kind of thing should be printed!
     
  4. Eraserhead macrumors G4

    Eraserhead

    Joined:
    Nov 3, 2005
    Location:
    UK
    #4
    Well technically they are correct, but unless you are a super-spy its not going to be an issue over 7 wipes.

    Also Windows doesn't have a built in tool to do disk wipes ;).
     
  5. Henri Gaudier thread starter macrumors 6502a

    Henri Gaudier

    Joined:
    May 4, 2005
    Location:
    France
    #5
    Ahhh so if someone had the expertise .. even 7 wipes wouldn't protect you? This is what I'd like to get a definitive answer on; is there anything that is genuinely 100% successful at erasing data beyond recovery?
     
  6. surflordca macrumors 6502a

    surflordca

    Joined:
    Nov 16, 2007
    Location:
    Ontario, Canada
    #6
    If seven wipes is not enough, you have to be hiding something very, very bad. Use the hammer :rolleyes:
     
  7. BlueRevolution macrumors 603

    BlueRevolution

    Joined:
    Jul 26, 2004
    Location:
    Montreal, QC
    #7
    Hammer? If it's that bad, the drive should be purged in fire.
     
  8. i.shaun macrumors 6502a

    i.shaun

    Joined:
    May 1, 2008
    Location:
    Canada
    #8
    A refrigerator magnet!

    A Microwave should also cause a lot of damage. Both to the disk and the microwave.

    A Hammer would make a big big mess.

    Firearms would be the fun way to go, even moreso than a microwave.

    Fire is also a way



    I don't know what the big deal is about wiping data, maybe if you're a computer hacker or you have child porn on the HDD, you'd want to completely destroy it.

    In most cases, a simple format would work. Re-writing a new OS, and any disk usage beyond that would write over any data on the drive, and most users (at least around me) are pretty computer illiterate.

    If, however the user in question is not computer illiterate, and untrustworthy -- and you have sensitive CC info or anything else, a 2 pass erase, format, and re-install should suffice.

    If you really want to be secure, and and are very paranoid, you can do a 7-pass format. Writing zeros over all data 7 times, plus writing new OS data on a re-install should work extremely well for 99.99% of users.

    Of course fancy government computer forensics might somehow be able to recover some data after such a format, however I doubt it could recover much. If you feel you need to destroy it 100%, physically destroy the disk.
     
  9. millerj123 macrumors 6502a

    Joined:
    Mar 6, 2008
    #9
    The quick answer is yes, destroying the drive completely.

    For certain businesses, the military, etc., secrets must be kept. The techniques for data recovery exist, which is why the recommendations for securing your data keep getting more complicated. As soon as someone comes up with a way of recovering data that's been wiped 7 times, the recommendation will be to wipe the data 10 times or whatever. For personal data, how paranoid are you? Do you lock your doors when you leave home? How many locks, and do you have an alarm system?

    All of this boils down to risk assessment. What could be done with the information gleaned from your drive, and what would that mean to you? I don't store account numbers in my financial software, and my address is already on probably literally tons of hard copies of documents, so I chose not to worry about that, but I still shred anything with my name and address on it before disposal.
     
  10. mgpg89 macrumors 6502a

    mgpg89

    Joined:
    Aug 31, 2008
    Location:
    Belgium
    #10
    If you have something personal to hide, that a 7-time wipe won't cover ... you should probably use that hammer on yourself.
     
  11. AppleMatt macrumors 68000

    AppleMatt

    Joined:
    Mar 17, 2003
    Location:
    UK
    #11
    No you're not mistaken.

    There are no tools commercially available tools that can recover files that have been written over even once.

    This whole theory of data recovery, and it is a theory by admission of the person who started it, is fallable.

    The notion was created after the famous 'Guttman' paper, which *suggested* that it *may* be possible to recover bits that had been overwritten using a high powered electron scanning machine (because old hard-drives mechanisms were not as precise, so *in theory* tracks did not always run over each other exactly). Bear in mind, this was to recover *bits*, not *data* - you'd still need a way of deciding what bits go where (a hopelessly impossible task), and you don't decide what is recovered (so you'd essentially get garbage).

    He proposed 35 different kinds of wipes to cover the different kinds of magnetic media (tape, floppy etc.). This was taken on to mean we should do '35 pass' wipes on our machines and an industry sprung up around fear. By his own admission in a later paper, there is no benefit in performing a 35-pass wipe on hard-drives because many of the patterns were not designed for it. This doesn't stop people extolling the virtues of it, and subjecting their drives to this rigamarole. If the military, police, security service etc want your data it's a lot easier for them to simply take it without you knowing, or trick you into it, rather than the overt way.

    If you're really scared...securely erase your virtual memory files (loads of recoverable data in these), do a three pass 'free space' wipe followed by a full (offline) defragment. The latter is as important as the former because it will ensure traces of old files are removed.

    There's a lot of good discussion into the above. Google 'possible recover erase hard drive Guttman' or something similar.

    AppleMatt
     
  12. Eraserhead macrumors G4

    Eraserhead

    Joined:
    Nov 3, 2005
    Location:
    UK
    #12
    Not exactly, as then the data is really just sitting there (but invisible) so if the disk formatting screws up they'd be able to see your files, a 1 pass wipe would prevent that and is probably worthwhile.
     
  13. alphaod macrumors Core

    alphaod

    Joined:
    Feb 9, 2008
    Location:
    NYC
    #13
    Technically, the only way to destroy the hard drive without any way of possible recovery is to use the hard drive crusher by EDR Solutions:
    http://www.edrsolutions.com/solution.asp

    It's used by a few major banks, the DoD, and the NSA.
     
  14. Henri Gaudier thread starter macrumors 6502a

    Henri Gaudier

    Joined:
    May 4, 2005
    Location:
    France
    #14
    "I don't know what the big deal is about wiping data, maybe if you're a computer hacker or you have child porn on the HDD, you'd want to completely destroy it."

    As I said .. I'm just looking for a stone cold fact and whether or not I'm right in what I believe to be true. At the same time establishing whether or not Which? were wise to write what it did. ID theft although I believe it to be propagandarised by the media is a risk when selling on a machine.

    "How paranoid are you? Do you lock your doors when you leave home? How many locks, and do you have an alarm system?"

    I'm not paranoid. I live in the countryside and I never lock the doors of either my house or my well equipped music studio which is in my garden. We have two cars, a Jaguar and a Volvo and they sit in the drive unlocked with the keys in their ignitions and have satnavs and ipods left connected most of the time. My gf parents who are English and come from London are constantly trying to make me change my ways in this regard. So I'm pretty laid back rather than paranoid.

    'If you have something personal to hide, that a 7-time wipe won't cover ... you should probably use that hammer on yourself."

    FU baby.


    Thanks AppleMatt .. very informative. And not a snide remark anywhere. Cheers.

    Thanks for the pointer Alphaod but like I've said I was just looking for a definitive answer from an average user.
     
  15. millerj123 macrumors 6502a

    Joined:
    Mar 6, 2008
    #15
    Wow, I can't imagine not locking things up.
    As I said, I'm pretty paranoid. Based on the fact that you aren't, it's still a question of your personal risk assessment, but unless you are worried about something on your drive, you could just do a secure format and be done with it.
     
  16. Henri Gaudier thread starter macrumors 6502a

    Henri Gaudier

    Joined:
    May 4, 2005
    Location:
    France
    #16
    Yes it is a pleasure to live like this. Sometimes I can go for weeks without seeing anyone pass the house so it's quite easy to put valuable things down, out in plain sight and forget about them as I drive off to the shops. When I come back, whatever it is, a chainsaw say.... will always be where I left it.:)
     
  17. Moof1904 macrumors 65816

    Joined:
    May 20, 2004
    #17
    I worked on a classified DoD fighter aircraft project in years past and the only method of destroying classified data on a hard drive that the DoD would accept was to allow them to remove the drives and physically crush them. I'm confining my comments to this one contract only. I have no idea if that's what they demand of everyone.

    I believe that no current, commercially available technology exists to recover data from a multi-pass secure erased drive, but those who try to do such things do not publicize their success. Nor is there any guarantee that technology around the corner wouldn't allow recovery that is deemed blatantly impossible today.

    For 99.9999999999999999999999% of the people out there, a secure erase is way more than enough. For the rest, there's the hammer. Pulverizing the platters is the only way to be sure that recovery is impossible not only today, but for as long as that data is likely to be relevant.
     

Share This Page