How do I securely wipe my hard drive?

Ever since Gutmann published his original paper [3] in 1996 there has been an assumption amongst security types that to 'securely' delete a hard drive one had to overwrite it many times. While it's not entirely clear that this claim was true when Gutmann made it, nevertheless, changes in magnetic hard drive technology appear to have made the need for multiple overwrites completely unnecessary. As explained in gory detail in [1] there is no economical way known to recover data that has been overwritten just once from a modern magnetic hard drive. So a single pass writing zeros should more than handle things.
As explored in the Wikipedia article on data remanence it is possible for bad sectors to potentially be recovered because the zero pass wouldn't touch them. But keep in mind that no matter how many times one wipes a drive those bad sectors won't be written to. So if bad sectors are an issue then one will probably need to degauss, physically destroy the drive or use whole disk encryption.
Where things get more fun is with solid state drives (SSDs). As explained in [2] there are real problems with securely deleting SSDs. Right now there is really no good way for a normal person (e.g. someone who isn't a storage expert) to really know if they have successfully deleted everything off a SSD. Tricks like filling up the drive with data won't work because the drives have more capacity than they advertise and since flash cells fade the drive may have taken cells (with data) offline. The drives do support entire disk delete commands but as [2] points out, those commands aren't always appropriately implemented. Overwriting sometimes works but sometimes not and using a pattern of zeros is particularly problematic because some SSDs compress contents.
So if one wants to securely dispose of a SSD I suspect the only reasonable approach is software based disk encryption. Yes, some SSDs do implement hardware level encryption but given the lack of easy validation of the logic and updates when there are issues I wouldn't personally trust that approach. Of course this reduces the security of a 'wipe' to someone not being able to crack the password on the key file stored in the SSD. Personally I'd still do two wipes, at least one using some kind of random data, before disposing of a SSD just to be especially paranoid. Perhaps the only reasonable alternative with SSDs is physical destruction.

References

[1] Dave Kleiman Craig Wright. Overwriting Hard Drive Data: The Great Wiping Controversy. 2008. URL http://www.vidarholen.net/~vidar/overwriting_hard_drive_data.pdf.

[2] Laura M. Grupp Michael Wei. Reliably Erasing Data From Flash-Based Solid State Drives. 2011. URL http://www.usenix.org/events/fast11/tech/full_papers/Wei.pdf.

[3] Peter Gutmann. Secure Deletion of Data from Magnetic and Solid-State Memory. 1996. URL http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html.

Leave a Reply

Your email address will not be published. Required fields are marked *