Erasing complete disk

[tommy11]

Hello!

I exchanged my hdd and want to sell it, so i want to completely secure-delete the drive.

Now ive got 2 options:

a) Eraser: I format the drive, start a 2-time pseudorandom data pass and reformat it!

b) I use DBAN for a 2-time pseudorandom data pass!

The first option has the advantage that I could use my PC while the data-shredding is made.

Is there any difference between those 2 options (security). Should I use the b) option?

Is a 2-time pseudorandom data pass enough? I really want to be sure that all the data is destroyed, because the hdd had very important data on it!

Thanks

 

[DavidHB]

I gather that the drive is not a system drive, so it is easy to use Eraser to clear it.

Just quick formatting the drive, and then using Eraser to erase the free (i.e. all the) space will do what you want. There is, on the basis of current evidence, no need to use more than a single pass. Assuming that the drive will not otherwise be accessed while you are erasing it, I would think that that you could use your machine for low-intensity work while the erase is running.

I'd recommend Eraser over DBAN for this purpose because (1) DBAN is more technical and requires more process steps, (2) DBAN is really for clearing the whole machine, and it is easy to erase more than the single drive if you get it wrong, (3) DBAN has not been supported or updated for some years, and does not work with every machine. Both programs are equally effectve in security terms.

David

 

[tommy11]

thank you for your reply!

it is very important for me, that it is impossible to read the drives data... like i said i want to use eraser and there is one question that is not answered

is there a difference in security-aspects if i use the method we talked about and the dban-method without formatting?

is single-shredding really enough to get sure? (i wonder why the gutman-method exists when a single run is enough)

 

[DavidHB]

it is very important for me, that it is impossible to read the drives data... like i said i want to use eraser and there is one question that is not answered
is there a difference in security-aspects if i use the method we talked about and the dban-method without formatting?

Well, actually I did answer that question when I said that the two applications were equally effective in what they did. The main difference between them is in how they work; DBAN has, in effect, its own OS, so can erase the system drive, while Eraser, obviously, cannot completely erase the drive on which it and Windows are running. The 6.1 (beta) versions of Eraser will in fact format and erase a drive (or a partition) in one go, though, again, this cannot be the system drive.

is single-shredding really enough to get sure? (i wonder why the gutman-method exists when a single run is enough)

To understand why the Gutmann method is now overkill (Peter Gutmann himself has said so), you need to understand drive technology. Magnetic media, once the polarity is reversed (a 0 is changed to a 1 or vice versa) retain little or no 'memory' of what was once there in the space that is written to. However, there may be inaccuracies or inconsistencies in the way the read/write heads move over the platters, so that vestiges of previously recorded data may remain, and may be recoverable. In experiments conducted in the mid-1990s, Gutmann found that he could recover such data, and devised his 35 pass method to ensure that the read-write heads would cover all the space that had been written to. As a result, this method became a kind of 'gold standard' of erasing. Over the last 15 years, hard drive technology has however changed almost out of recognition, and drives record data at densities (and therefore with an accuracy and consistency) that were unimaginable 20 years ago, which in turn means that even single pass erasing appears (from more recent experiments) to make data in practice non-recoverable.

Although the technology has changed, user expectations and confidence have not necessarily changed with it. When he wrote Eraser 6, Joel decided that users would expect the Gutmann method to be the default, at least for file/folder erasing. Drives now work so quickly that this did not really create performance issues in small erasing tasks. For larger tasks, however, and particularly for free space erasing, using 35 passes - where (almost certainly) one will do - does lengthen the erasing process very considerably, which is why for free space the default is the single pass erasing method. As free space erasing also overwrites the unused file table entries, any attacker will face the difficulty that they will not even know what data has been erased, much less where it might be on the drive, and this further reduces the already near zero chance that recoverable data will be present in the area that has been erased. This means that the major area of risk is not the erasing process but the fact that sensitive data may have been accidentally left on the drive; erasing the whole drive, when possible, will of course eliminate this risk (from that drive).

David