On Tue, 27 Oct 2009 17:14:52 +0100, Rene Maroufi wrote > Last year, I talked with a employee of a data recovery company about > this. My question to him was: Is it enough to overwrite a partition > or harddisk only once, or must i do this many times. His answer was: > On all modern harddisk its enough to do it once (modern means all harddrives > newer than 10 years!). Only one dd if=/dev/zero of=<disk_to_delete> > is enough, but the real problem is a other: All harddrives have replacement > blocks (to compensate failures). Old data can be in blocks that dd can't > reach because they are marked as corrupt. The use of alternative blocks > in a harddrive is manged by the drive itself. The OS can't reach > these blocks. > > Simple forensic tools can't reach these blocks, too, but if you need > really high security you must destroy your harddrive in a secure way > (for example with a degausser).
"According to the Center for Magnetic Recording Research, 'Secure erase does a single on-track erasure of the data on the disk drive. The U.S. National Security Agency published an Information Assurance Approval of single pass overwrite, after technical testing at CMRR showed that multiple on-track overwrite passes gave no additional erasure.'" http://en.wikipedia.org/wiki/Data_erasure See the secerase master command of atactl(8), to force ATA hardware that is -capable- of it to overwrite sectors that have previously been reallocated. Note: FREEZE LOCK is used by sys/dev/ata/wd.c at boot, so either a custom kernel or a power cycle of the drive will be needed to enable the capability. I don't know if SCSI devices have similar "secerase" capability.
