How long does a 7 Pass US DoD 5220 method take?
February 6, 2008 8:04 PM   Subscribe

It is so hard to say because it seems like every app operates at different speeds. I have one which will do two passes on a 60 GB drive in something like 15 to 20 minutes and another which would take an hour and a half for the same level of wiping. I think you are looking at somewhere around four or five hours for what you want, but it could be less if the program is efficient. Unless you have data concerning a major crime on that disk I can see no reason for anything beyond the DoD method, and probably less. Punks who want your personal info probably won't even bother with a drive that has been wiped with a single pass. It's cheaper to find another one that hasn't been. Anyway, it shouldn't be to burdensome to do a DoD wipe. I am pretty sure it will be complete overnight.
posted by caddis at 8:24 PM on February 6

It'll take some time...primarily depending on the RPMs your drive is at (other factors as well). I'd expect about a day or so (dod3 takes us about 6-10 hours for that drive size where I work). Honestly unless you're protecting highly classified top secret material dod3 should be fine. The more passes you do the more sophisticated the equipment needs to be to recover it. At dod 7 you're talking about some expensive efforts.
posted by samsara at 8:26 PM on February 6

This page shows a 10 pass KillDisk run at 30 minutes per gigabyte.
http://www.its.niu.edu/its/sh/downloads/wipedisk.shtml#etoc

I ran the single zero pass on a bunch of hard drives of varous sizes in about 10-15 minutes.
posted by so_ at 8:26 PM on February 6

If possible, just run a single pass - 7-fold overwrite is extreme overkill. At even 1 or two passes, it will take forensic-level labs a very long time to get anything off of your drive.

One more data point - for an old 250 GB drive of mine that I wiped (7200 rpm), it took at least 12 hours for a single pass.
posted by chrisamiller at 8:32 PM on February 6

it depends on how big the drive is and on the drive's maximum sustained write speed. drive size multiplied by sustained write speed multiplied by 7 is your lower bound. be aware that (according to wikipedia, at least)

As of the June 2007 edition of the DSS C&SM, overwriting is no longer acceptable for sanitization of magnetic media; only degaussing or physical destruction is acceptable.

do you actually need to meet DoD 5220.22-M, or is this just a checkbox for a manager's procedural compliance?
posted by russm at 9:22 PM on February 6 [1 favorite]

Well, I am stating the obvious, but does this software have some kind of progress meter? Why not just let it run for n minutes and then do some arithmetic? If you're wiping the disk anyway, it's not like you're going to lose anything if you interrupt it and start over. I don't see much reason the progress would be non-linear.

And this is tangential to the question, but security only really makes sense in relation to the likelihood of a particular attack. I would seriously consider whether there would be any reasonable attack that would involve trying to read a wiped disk vs. other, easier ways of obtaining the same information.
posted by dixie flatline at 11:08 PM on February 6

I do computer forensics for a living. Anything more than one pass is overkill, unless you think that your data is worth enough for someone to spend millions of dollars over the course of a year to try to recover it - and still have the risk of failing. Do the minimum and don't worry about it. One pass is enough to defeat almost anyone. The government specs are paranoid to an extreme.
posted by procrastination at 4:51 AM on February 7 [1 favorite]

« Older How can I make chip shop chips...   |   What do I do with a pack of 25... Newer »