HPE Community
Disk
1752790 Members
6123 Online
108789 Solutions
New Discussion юеВ

The fairy tale of "under-data" - or how to erase disk data securely

 
PDP-Fan
Valued Contributor

тАО09-06-2016 01:54 AM

тАО09-06-2016 01:54 AM

The fairy tale of "under-data" - or how to erase disk data securely

Many people think that data on a hard disk can only be securely destroyed by physical destruction of the disk itself. Many people also think that it is necessary to overwrite disk data multiple times to avoid any detection of remaining data fragments.
These fragments are sometimes called "under-data" and the theory says it is possible that at the very edge of the data tracks some overshoots of old data could remain after overwriting. This is explained by mechanical tolerances of the record heads relative to the magnetic tracks.
Source of this theory is a paper from Peter Gutmann from 1996:
http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html

In this paper he suggests to overwrite a disk up to 35 times to make sure that all the under-data has been overwritten too. He also explains that with the aid of a Magnetic Force Microscope (MFM) it was possible to scan the disk surface and recover under-data.

I have personally investigated this MFM application and it turned out that a full scan of one disk surface would take about one year! Even a "high speed" MFM needs several hours to scan a 100x100 micrometer area...

To make it worse, what you receive from that MFM scan is a huge picture of magnetic fields and structures. This picture is about 100 times bigger than the amount of data on the diks surface.
For a 1TB disk drive a 100TB big picture will be crated. Someone will then have to interpret that picture to find all the 0's and 1's on it.... And if it is really possible to recognise under-data correctly is still in question.

Daniel Feenberg has analyzed the Gutmann paper and found that most information in there is purely theoretical:
http://www.nber.org/sys-admin/overwritten-data-guttman.html

If you read those two papers carefully (especially the second one) you will find that one time overwriting is totally sufficient!

And finally forensic experts have analyzed the issue and came the the same conclusions:
http://www.springerlink.com/content/408263ql11460147/
(Craig Wright, Dave Kleiman, Shyaam Sundhar R.S.: Overwriting Hard Drive Data: The Great Wiping Controversy)

***********************************************
"If it seems illogical... you just don't have enough information"
2 REPLIES 2
Dennis Handly
Acclaimed Contributor

тАО09-06-2016 03:00 AM

тАО09-06-2016 03:00 AM

Re: The fairy tale of "under-data" - or how to erase disk data securely

I believe that the US government agency responsible for IT policies also said once was enough.

(Unless you worked for one of the three letter agencies.  :-)

0 Kudos
PDP-Fan
Valued Contributor

тАО09-06-2016 11:07 PM

тАО09-06-2016 11:07 PM

Re: The fairy tale of "under-data" - or how to erase disk data securely

Yeah... it's a question of the level of paranoia you have :-)

***********************************************
"If it seems illogical... you just don't have enough information"
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.