disk wipe---DOD short wipe versus DOD long wipe

6364 views
Skip to first unread message

Drew

unread,
Jun 2, 2008, 6:37:13 PM6/2/08
to

Hi All:

Does anyone know the difference between the DOD short wip and the DOD
long wipe of a hard drive?

Is one more preferred than the other to make data from a hard drive
unrecoverable?

Which one is the actual standard that most techs are doing to wipe a
drive?

Thanks for any thoughts!
Drew

John O

unread,
Jun 3, 2008, 9:36:30 AM6/3/08
to

"Drew" <dr...@drew.com> wrote in message
news:aet8445k8va74m2aq...@4ax.com...

DOD is a waste of time, unless you're wiping the drive for a DOD machine, a
mob boss, a spy, or a terrorist.

For the rest of us a single-pass all zeros does the job more than
adequately. To retrieve the data after that you need to pay big money and
send the drive to a data recovery company...and get real lucky, too. Fees
for that start in the thousands and it's not a job anyone can ever do at
home.

-John O


Bill Eitner

unread,
Jun 4, 2008, 8:02:03 PM6/4/08
to

It's interesting to me that something like that (recovery
of anything after an all-zero pass) is possible at all.

Barry Watzman

unread,
Jun 12, 2008, 6:47:25 PM6/12/08
to
If you care about this, you are either doing something VERY unusual, or
you are paranoid.

Very unusual = you have national security data, terrorist data or
criminal activity data on your PC.

OTHERWISE (which is almost everyone), ANY actual overwrite of the data
... just a non-DOD, simple overwrite ... is all that you need. Once the
data is overwritten (any simple overwrite, non-DOD at all), retrieving
it becomes IMPOSSIBLE at a normal end-user level (no matter what
end-user software tools are used). At this point, while forensic,
non-end-user recovery is still possible, the cost goes up into 6-figures
(hundreds of thousands of dollars), the time required goes up into the
hundreds of hours (in a VERY specialized lab that very few have access
to at any cost) and not even law enforcement would attempt such recovery
unless there was a very specific, very compelling reason to do so.

[FWIW the long wipe wipes the disk more times with more patterns. Each
overwrite makes recovery more difficult, more expensive, and closer to
totally impossible (although actually achieving totally impossible is,
itself, impossible).]

The BEST way to eradicate data on a disk is not DOD approved. Disk
drives have a "secure erase" command (aka a "destroy yourself" command
... although only the data is destroyed, the drive itself is NOT
destroyed). This command is HIGHLY secure, once the command is issued
the action is done entirely within the drive, and it's more secure than
any external data elimination done by writing to the drive.

For more information on this, see:

http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml

Barry Watzman

unread,
Jun 12, 2008, 6:52:08 PM6/12/08
to
Recovery IS possible, but the cost and effort required is astronomical.
John was correct that all of this is a waste of time for most people.

Also, in terms of security, overwriting with data is better than
overwriting with all 0's or all 1's. What I do is just repartition the
drive to a single large partition (which, by itself, does nothing in
terms of data security), then copy a 100GB folder of TV shows and movies
to the drive (multiple times if necessary) until the drive is full, then
erase everything. That effectively overwrites everything on the drive,
and if someone wants to do data recovery, they will get several seasons
of "Gray's Anatomy" and "24" (how fitting) ... and nothing else.

John O

unread,
Jun 12, 2008, 9:52:42 PM6/12/08
to
> to at any cost) and not even law enforcement would attempt such recovery
> unless there was a very specific, very compelling reason to do so.

In a couple weeks I get to hang out with guys who work at one of the FBI
forensics labs. As you say Barry, even they rarely send drives out for
recovery (they contract out the procedure) after a wipe because of the
expense and because they can usually find other evidence at far less expense
and time.....most criminals just aren't smart enough to cover *all* their
tracks.

-We recently wrote an IT forensics course...very cool stuff.

-John O

mbg...@gmail.com

unread,
Jan 3, 2018, 11:14:23 PM1/3/18
to
DOD wipes have switches that vary the iterations of overwrites and the complexity. You can do a basic DOD wipe with several commercial types of software from Norton Ghost to Variants of the Unix/Linux drive utilities.
The switches can do a standard DOD with overwriting the drive 5-7 times with options of 1s 0s or random or selective hard/soft writes. More iterations are the long wipe (I believe)up to 25 times with Gdisk(Ghost)
You can do a low level wipe with some drive mfgr utilities like Western digital disk manager, which can destroy the sectors and cylinders of the formatting on the disk at the physical level of the hard drive. It can be rebuilt!
But just because the Government uses these opposed to the degaussing wand to magnetically wipe the data, doesn't make a better more secure method. Many qualified hackers can still decipher the data with more economic tools today. It does not take a mountain of money or a genius TODAY.

Recovery methods find latency charges from data that resides on the physical platter which over time has changed the surface of the disk, and new fresher overwrites can not obscure, the longer the data resides on the disk the easier it is to detect.

Anyone that tells you not to protect your private information today is an idiot, and probably works for the Government. Corporations are trading your shopping personal and sensitive information with evermore invasive techniques and your new devices are littered with gadgets / cameras / microphones / keypads loggers, etc. A very lucrative business if you believe the numbers.

mbalinomf...@gmail.com

unread,
Sep 11, 2019, 6:07:56 AM9/11/19
to
hi please help I want to reset my pc
Reply all
Reply to author
Forward
0 new messages