On Tue, Oct 27, 2009 at 04:12:54PM +0100, Jordi Espasa Clofent wrote: > Hi all, > > The subject is auto-descriptive ;) > After reading a while about wiping [1] I think there's not a unique way > to do it. Finally I've chosen a simple double-step method: > > First, > > $ dd if=/dev/urandom of=<disk_to_delete> > > and next > > $ dd if=/deb/zero of=<disk_to_delete> > > ?Do you think is it safe enough? I mean ?is it enough against the common > recovery low-level data tools?
Last year, I talked with a employee of a data recovery company about this. My question to him was: Is it enough to overwrite a partition or harddisk only once, or must i do this many times. His answer was: On all modern harddisk its enough to do it once (modern means all harddrives newer than 10 years!). Only one dd if=/dev/zero of=<disk_to_delete> is enough, but the real problem is a other: All harddrives have replacement blocks (to compensate failures). Old data can be in blocks that dd can't reach because they are marked as corrupt. The use of alternative blocks in a harddrive is manged by the drive itself. The OS can't reach these blocks. Simple forensic tools can't reach these blocks, too, but if you need really high security you must destroy your harddrive in a secure way (for example with a degausser). Regards Reni -- Reni Maroufi i...@maroufi.net
