how many pseudorandom passes is enuf when wiping unused spac

  • Thread starter Thread starter Anonymous
  • Start date Start date
A

Anonymous

Guest
I have read the help files and can't find any info on how many passes of pseudorandom data is "enough" (or lets say equivelent to gutman 35 passes) when wiping unused space. 35 passes? More less? And I read the info that says using speudorandom passes is better on on unused space than gutman but why? Thanks
 
Most overwriting passes in the Gutmann method are not necessary for modern hard drives, and using 35 overwriting passes seems like an overkill in any case. In fact, overwriting with random data a few times, possibly even once, should be enough to prevent data recovery from current drives.

I recommend using one pass of pseudorandom data for erasing unused disk space, because it's much faster than other available methods. If you are absolutely worried about security, you can increase the number of passes. I remember using three overwriting passes for files.
 
Important to remember

Even Gutmann's own paper (available at http://www.cs.auckland.ac.nz/~pgut001/p ... e_del.html ) makes it clear that a 35-pass is overkill. He used it as a random "pull from the air" number and many people never read the paper to realize this and have made 35-passes some kind of "perfect number." It's far from it - it's drastic overkill.

The key to Gutmann is the METHOD used - not the number of passes.

It's well worth a read - as is the follow-up paper found at:
http://www.cypherpunks.to/~peter/usenix01.pdf
 
Just a bit more...

I posted above and gave the link to the Gutmann Papers. To spare you reading the whole document - here is the epilogue which discusses the 35-pass.....

Epilogue
In the time since this paper was published, some people have treated the 35-pass overwrite technique described in it more as a kind of voodoo incantation to banish evil spirits than the result of a technical analysis of drive encoding techniques. As a result, they advocate applying the voodoo to PRML and EPRML drives even though it will have no more effect than a simple scrubbing with random data. In fact performing the full 35-pass overwrite is pointless for any drive since it targets a blend of scenarios involving all types of (normally-used) encoding technology, which covers everything back to 30+-year-old MFM methods (if you don't understand that statement, re-read the paper). If you're using a drive which uses encoding technology X, you only need to perform the passes specific to X, and you never need to perform all 35 passes. For any modern PRML/EPRML drive, a few passes of random scrubbing is the best you can do. As the paper says, "A good scrubbing with random data will do about as well as can be expected". This was true in 1996, and is still true now.
 
Anonymous said:
I recommend using one pass of pseudorandom data for erasing unused disk space, because it's much faster than other available methods.
I agree with this. When I RMA a drive, I delete all partitions, create one (empty, of course) all-encompassing partition on the drive, then do one wipe with one pass of pseudorandom data. Then I use the respective drive manufacturer's DOS-based utility (or Western Digital's Windows-based Data LifeGuard utility) to do a full low-level format (which isn't a true "low-level format" in the original sense of the phrase). This writes zeroes to the entire drive, over the pseudorandom data. Unless the NSA is out to get you, your data will be 100% safe if you do this.

As I write this, Eraser is running in the background on a soon-to-be-RMA'd Maxtor drive I have.
 
Back
Top