How many times to erase hard drive
January 8, 2007 6:51 PM   Subscribe

How many times should I zero the hard drive of a laptop I am going to sell?

I have an old iBook (the display fritzed) that I am planning to sell on Ebay. I had the hard disk zeroed in a single pass. This took two and a half hours. Because the display is not working, I had to take it to a Mac repair shop and wait. Now I am wondering about security. Should I have the hard disk zeroed again, seven times, thirty-five times?

There was no financial information on the computer (Quicken, tax programs, etc.). I prefer to contemplate my dismal finances on scribbled scraps of paper. My net-surf patterns would show that I sometimes visit websites with encrypted pages for buying on-line; I have an Ebay account, etc.

I hope that nobody is interested in my journal, fanfic, or academic papers and manuscripts.
posted by bad grammar to Computers & Internet (17 answers total) 1 user marked this as a favorite
 
Well, it depends on who gets hold of your old hard drive. I'd say the average user these days wouldn't know how to get your old data since you overwrote it once (you did overwrite it, and not just erased it, right?) I think the Eraser program recommends 7 times.
posted by IndigoRain at 6:58 PM on January 8, 2007


Zeroing is a good first step, but deletion patterns are better. I'd imagine that what you've done is probably fine. The question is if you have anything worth stealing on it. If you do, you should go for another erasure, if not, what do you care.

It's all about risk, and based on what you said was on it, I would say don't worry about it.
posted by cschneid at 6:59 PM on January 8, 2007


I think the DoD or NSA (or both?) used to recommend 7 passes as well. However, I third the idea that your data probably isn't worth the kind of effort it would take to retrieve it after a single pass.
posted by saraswati at 7:07 PM on January 8, 2007


"In the time since this paper was published, some people have treated the 35-pass overwrite technique described in it more as a kind of voodoo incantation to banish evil spirits than the result of a technical analysis of drive encoding techniques. As a result, they advocate applying the voodoo to PRML and EPRML drives even though it will have no more effect than a simple scrubbing with random data... For any modern PRML/EPRML drive, a few passes of random scrubbing is the best you can do."

Do another pass of all 1's and another pass of 0 or 1 at random and call it a day.
posted by Zed_Lopez at 7:12 PM on January 8, 2007


Repeated zeroing has little additional benefit over a single zeroing since it introduces no additional noise. A low-level zeroing is good for pretty much anything short of someone disassembling the disc and applying a couple hundred $k of machinery to analysing the fields on it, so I wouldn't worry unless there is classified material on it.

If you want a higher security erasure without physical destruction, you want to overwrite it with high-quality random data. A couple passes of pseudo-random is still very good. Repeated writing with random data makes it more difficult to analyse the content even after disassembling the drive and inspecting the fields at the sides of the tracks, which is the only approach I (an eleceng who doesn't work for NSA) knows of for dirty-tricks data recovery.

If it only contains what you list on it, I wouldn't bother any further at all - assuming the computer store did the erasure correctly.
posted by polyglot at 7:13 PM on January 8, 2007


You're fine. Nobody's going to be going after your data with a scanning electron microscope.

One of the things I work on is wiping software that declassifies servers onboard U.S. Navy submarines. And hell, we still just do one-pass wipes, which is good enough up until the time the hard drives are chucked into the incinerator, or however it is they physically destroy the drives.
posted by Khalad at 7:33 PM on January 8, 2007


I think the DoD or NSA (or both?) used to recommend 7 passes as well.

Yes -- NSA is 7 passes; DOD (52202.22-M) is 3 with Guttman at 35 passes.
posted by ericb at 7:56 PM on January 8, 2007 [1 favorite]


Filesystem author here. One pass is good enough. All that stuff about 7 passes is crazed hooey. Promoted by semantec to sell wipe software. Only a handful people in the whole world have the technology to recover an erased drive and they aren't going to be trying to steal some random person's drive. The only way a theif would be able to steal your data is to pay those people thousands of dollars to do it for them and even then, they would probably get nothing.
posted by Osmanthus at 8:25 PM on January 8, 2007


For your circumstances, you're already beyond fine. But if you feel super-paranoid, try iWipe on its (wait for it...) "Super Paranoid" setting, which uses the aforementioned 35-pass Guttman method. It's shareware, but the free version will wipe free space on any setting.
posted by cribcage at 8:50 PM on January 8, 2007


To expand on Zed Lopez' answer, here is Peter Gutmann's original paper. (Note spelling). And Zed Lopez' quote is from Peter himself, who is well aware of the current state of the art.
posted by i_am_joe's_spleen at 9:31 PM on January 8, 2007


Everyone, please read Zed_Lopez's and Osmanthus' comments again and stop spreading the false notion that this 35 pass baloney does anything on modern hardware.
posted by Rhomboid at 10:25 PM on January 8, 2007


I do hope that wasn't aimed at me. I just wanted to point people at the source.
posted by i_am_joe's_spleen at 11:48 PM on January 8, 2007


I counseled doing a couple of more passes just because you were concerned, and it couldn't hurt.... so I thought. On first reading, I missed that you'd had it done at a repair shop, and presumably paid for it.

I think this was worth doing, in case you had something sensitive you forgot about on the drive (in previous questions, I've jumped up and down insisting upon the relevance of running DBAN instead of just formatting.)

But I've got to agree with everyone who's said you shouldn't feel like you need to do more. It would take someone fantastically interested in your data in particular, and willing to go to ludicrous expense, to attempt to recover anything. No one's going to do that with a random hard drive.
posted by Zed_Lopez at 12:28 AM on January 9, 2007


First off, zeroing the drive once will mean it will be impossible for a software-based reader to get -any- data off of that drive. Anything more than that is purely extra credit which probably has no real world use. A lot of people do the DoD 3-pass just for kicks and for CYA.

Secondly, Gutmann is usually a little misunderstood. I dont believe he recommends 35 passes. What he has done is gather 26 or so patterns which coincide with the patterns drive manufacturers use to write data on their drive. For instance, pattern number three would coincide with old Maxtors or somesuch. Gutmann's implementation is 35 passes because no one really knows what encoding method is on their disk, so why not do them all to be extra-super safe.

The downside to doing anything but a zero-ing out is the time. On a slightly older machine you may wait 45 minutes to a couple hours just to do the DoD 3-pass. Especially laptops with slow drives. Typically you can zero a drive in well under 30 mins.

Zeroing drives is easy. Some people might benefit from using sdelete from sysinternals to wipe the free space on the drive or to securely delete a file at a time. This is handy if youre planning on giving your computer to someone without wiping it first. You could delete your profile and other files and just do a sdelete -z to wipe all that free space.
posted by damn dirty ape at 7:02 AM on January 9, 2007


Seconding dban. Its free. Burn the image to a CD and off you go.
posted by damn dirty ape at 7:03 AM on January 9, 2007


Unless you are a covert agent of some sort, you are good to go.

And if you are a covert agent, don't sell the hard drive.
posted by Tacos Are Pretty Great at 7:26 AM on January 9, 2007


Response by poster: Thanks for the advice, people. I agree that it probably isn't worth it to repeat the zeroing. I still feel a little worried, but I must have paranoid tendencies. I should be more worried that meth addicts will steal my snail mail bills out of my mailbox.
posted by bad grammar at 8:16 AM on January 9, 2007


« Older Foot-in-mouth   |   Automatically downloading text off web pages Newer »
This thread is closed to new comments.