On Sun, 2016-08-28 at 23:41 +0000, jim bell wrote: > To me, this looks clueless. My assumption is that Bleachbit is > software that overwrites data on a hard disk a few times, in order to > make it un-recoverable even with 'heroic" means. I recall reading, > 25-30 years ago, that some government agency (perhaps it was the NSA?) > had a standard that required the re-writing of new, random data onto a > location which had previously stored secret data 5 times, in order to > guarantee that the old data was completely unrecoverable.
Pretty sure it's a DoD standard you are referring to, and I think the original spec was a 35 pass wipe based on the differing magnetic storage patterns of old hard drives (RLL, MFM, etc). While anything particularly sensitive I would probably wipe a good 3 times (plus a final pass with zeroes) to be sure, I remember reading or hearing one pass with zeroes is enough to make it effectively impossible without an electron microscope on modern drives, and that more than four passes is likely overkill on modern drives. All this of course goes out the window if you are using solid state drives, which if set up properly will actually wipe your free space for you and severely frustrate any attempts at forensic analysis, and for which overwriting prior to deletion may actually reduce the lifespan of your drive for dubious if any gain. Of course, if you really need to get rid of the info and you don't want to use the drive again, there's always the shredder. Anyway, back to the nominal topic: I have looked through BleachBit's source code and it appears to do a one-pass wipe with zeros, if the overwrite data option is turned on. This appears to be the only option offered, at least in my version (1.12). -- Shawn K. Quinn <skqu...@rushpost.com>