Modern hard disks reserve sectors for error correction. DBAN will <b>not</b> wipe these sectors, nor will any other software product that I know about. (This is a feature that I want to add to DBAN, but it might not be possible to implement. I need to do more research.)
Suppose, for example, that you have a hard disk with 25 physical units of storage, P[0] through P[24].
<PRE>PPPPPPPPPPPPPPPPPPPPPPPPP</PRE>The drive might expose only 20 physical units to the interface and reserve 5 for internal error correction.
<PRE>LLLLLLLLLLLLLLLLLLLLRRRRR</PRE>If P[6] -- which is usually addressed as L[6] -- goes bad, then it will be transparently remapped to P[20] by the hardware.
<PRE>LLLLLLBLLLLLLLLLLLLLMRRRR</PRE>When DBAN requests L[6], it will actually get P[20].
<PRE>LLLLLLBLLLLLLLLLLLLLMRRRR
+-------------^ L[6]</PRE>Furthermore, if DBAN tries to get P[24] by asking for L[24], then the drive will say that there is no such block.
The last data written to P[6] will, therefore, be recoverable by somebody with the capacity to read data directly from the media, perhaps with an electron microscope. The risk will depend on the recoverable defect rate of the media.
I have several Western Digital disks, model 00BB-00DAA1, that are 120 GB, and a few refurbs of the same model that are exactly 32 MiB smaller. It follows that there is at least 32 MiB of real physical storage on each refurb disk that is not accessible with regular software.
If, for the purposes of discussion, you infer that the cylinder size is 32 MiB, then these disks have abut 3,500 cylinders each. It also seems reasonable that a hardware designer would reserve one cylinder for error recovery.
Thus, up to 0.03% of these disks might not be wiped before DBAN would even begin to notice faults in the media.
You can mitigate this risk by using encrypted filesystems.