I had to make a post for a class, so I decided to make one about something that I have always been interested in knowing the answer to. I know that formatting a drive does not entirely wipe a hard drive clean (well at least not with an operating system cd), however I have used a program called G-Disk in the past with people making claims that it actually turns your hard drive back to all zeros. I was wondering if this is true, or could someone still be able to pull information off of a drive that was wiped clean using this program. If anyone knows the answer to this question or has any light to shed on this subject, I would be greatly interested in the answer. Also, if anyone knows any other programs that would accomplish a complete wipe of a hard drive, I would be interested to hear about them. Thank-you for any replies.
There are quite a few free as well as commercial disk-wiping utilities that will allow you to overwrite a hard drive with zeroes, or ones, or some other pattern you choose. Many of these utilities also allow the user to select multiple passes of the same or differing patterns.
It's been my experience (and that of recognized researchers) that one pass will sufficiently wipe a drive beyond recovery. Yeah, there's the "possibility" of recovering some data using Magnetic Force Microscopy, but the method is questionable at best and tremendously tedious.
See the Wiki entry on the
Google "The Great Zero Challenge" for fun. Basically the challenge expired without anyone having successfully met it.
Google "The Great Zero Challenge" for fun. Basically the challenge expired without anyone having successfully met it.
It wasn't so great a challenge. The "prize" was 40 dollars, plus I think you had to pay for shipping, which isn't worth my while opening a client file, let alone starting a recovery.
Even if you're worried about electron microscopy, a random wipe followed by a zero wipe is all you'd ever need. The major reason to use a degausser over a wipe is that degaussing takes a couple of minutes including picking up your stuff and walking over to the room, versus half a day to multiple pass wipe any decent drive.
It wasn't so great a challenge. The "prize" was 40 dollars, plus I think you had to pay for shipping, which isn't worth my while opening a client file, let alone starting a recovery.
That's certainly a fair point, but I still don't know anyone capable of recovering data after a single overwrite pass.
Having said that, Paul Sanderson posted here in the not-too-distant past that he recovered useful quantities of misregistered data from a wiped drive. Whilst that data wasn't overwritten per se, it still shows what can be done on older drives. I think he did this on an 80Gb device.
edit to add A degausser also has the benefit of not being concerned with the P- and G-lists of bad sectors. A wipe pass would most likely ignore those, and it's *possible* they could contain useful information.
Google "The Great Zero Challenge" for fun. Basically the challenge expired without anyone having successfully met it.
It wasn't so great a challenge. The "prize" was 40 dollars, plus I think you had to pay for shipping, which isn't worth my while opening a client file, let alone starting a recovery.
The prize was increased to $500 which is still less that what a typical data recovery firm charges. Still, if someone had the ability to recover the file names in a practical manner, why not attempt it?
Despite all the bull you hear , a disk drive DOES NOT write 0's and 1's to the surface.
Even more frightning moden disk drives actually use probabiltiy to recover the data encoded on the surface, is is not a process where the value of a given data bit can be recovered with 100% certainty.
As a result there is significant research pointing to the fact that data can be recovered by going off track slightly and using probalistic functions to recover the data, the reason being is that if you can predict the patten used to wipe the data you can subtract that from the signal.
This is why the DOD wipe is multiple layers with different values.
Check out this cool s**t……… ohhhhh yesss
Sobey, C.H., Orto, L. & Sakaguchi, G. (2006) Drive-Independent Data Recovery The CurrentState-of-the-Art. IEEE TRANSACTIONS ON MAGNETICS, VOL. 42, NO. 2,
Sobey, Charles H. (2004) Recovering Unrecoverable Data The need for Drive-independent Data Recovery. [Online]
Available at http//
[accessedDEC-2007]
What I find interesting about Sobey's papers is that he claims that typical data recovery firms numbers regarding their recovery rates are suspicious yet there are no published data regarding the success rate of SignalTrace (now owned by Seagate), compared to competitors.
The technology has been around since 2004. You would think that if their technology is that much better than anyone elses, they'd have cornered the market by now.
He makes many good points about the state of the data recovery business, but perhaps his best point is that there needs to be some sort of independent verification and certification, which would apply to all methods of recovery.
As a result there is significant research pointing to the fact that data can be recovered by going off track slightly and using probalistic functions to recover the data, the reason being is that if you can predict the patten used to wipe the data you can subtract that from the signal.
This is why the DOD wipe is multiple layers with different values.
Pity everything they say about this is just theory. I still eagerly await the recovery of data from the Watergate tapes. That should be a cinch if they can do it with hard drives.