Go to Top

No data, no cry

Things used to be much easier back in the old days. When Cold War spies smuggled secrets, they could rest easy knowing that in case of an emergency, the information could be fairly easily destroyed. Paper strips with secret codes and microfilms could be burned, or even swallowed if the spy needed to get rid of the evidence quickly. Electronics are best left unconsumed though — swallowing them does not destroy the data, so the enemy could get the idea to forcibly remove them from an amateur spook’s stomach. I’m sure you can imagine how unpleasant that would be.

The arsenal of tools that make it possible to erase data permanently can be divided into two basic categories — software tools and hardware tools. The first category contains all programmes that run the process of fully overwriting the data, while the second category contains tools for physical destruction of data storage devices.

Many programmes and applications that thoroughly overwrite the entire disk space — bit by bit, segment by segment, cluster by cluster — are available online. Some of them can be downloaded for free while others require purchasing a licence. In any case, their success rate depends on several factors. In this lesson we’ll analyse the most important factors that you’ll have to consider when shopping around for a data erasure method.

Data erasure algorithms

The process of erasing data can be easily illustrated with a piece of paper with some text written over it in pencil. If you use the same pencil to evenly write over that text, you’ll see that the original writing will still be legible (pictured below, second line). If you try to erase it with an eraser, you’ll remove the pigment but the paper will still hold the shape traced by the point of the pencil — if you lightly pencil over it several times (the equivalent of digitally enhancing a magnetic trace of data), you’ll see it quite clearly. As you can see, you’ll be more successful if you start by writing random text over the information that you want to erase first (see the last line) — that’s the job of a data erasure algorithm.

The most basic method of overwriting data is to fill the entire space of the disk with zeroes, or sometimes with ones. More advanced algorithms use randomly generated digits created by a pseudo-random number generator (the equivalent of doodling over your text with a pencil). This operation is completed within a single overwrite cycle. A single cycle can be effective in preventing data from being restored with most popular data recovery tools. In the past, it was recommended that this cycle is run more than once, to ensure that the data gets completely overwritten and cannot be recovered. But is it really necessary in this day and age? I asked one of the experts at our lab:

“There are some factors that could render a single overwriting cycle insufficient to destroy all of the data. The electromagnetic head that writes the data is never perfectly centred over its path — it can slightly gyrate, causing the peripheral data to remain in place. Old magnetic strips, floppy disks and hard drives had a similar problem (see the illustration below — one path is visibly off-course). New information gets modified by the underlying data to a certain degree as well (just like the pencil doodle over a pre-existing text). You could potentially enhance all those traces and attempt to read them. But in practice, this is nigh on impossible — you’d need some extremely sophisticated hardware to do that, and only professional data recovery labs have tools of that calibre. What’s more, new data recording technologies that maximise data density (perpendicular, or even shingled magnetic recording), largely eliminate the chances of gaps full of old data cropping up between paths.”

Robin England, Data Recovery Research Engineer from Kroll Ontrack

drive-close-up

As you can see, a single cycle of overwriting your data can be enough to make you sleep soundly. But just to be sure and to tick off all the safety procedures, quality software tool use over a dozen data erasure algorithms. Some of them are highly complex and take several overwriting cycles to complete. Here are some of the algorithms used by the Blancco tool:

Algorithm Mode of operation Uses

National Industrial Security Program (NISPO) Operating Manual for the USA Department of Defence (DoD) 5220,22-M, 1995

Number of overwriting cycles – 3
Cycle 1 – writes a random pattern
Cycle 2 – writes an inverted pattern
Cycle 3 – writes multiple random patterns

To destroy classified and confidential data, other types of data to be destroyed physically

Germany VISR Standard, 1999

Number of overwriting cycles – 3
Cycle 1 – writes a string of zeroes
Cycle 2 – writes a string of ones
Cycle 3 – writes a string of alternating zeroes and ones

For classified and confidential information

Russia GOST standard P50739, 1995

Number of overwriting cycles – 2
Cycle 1 – writes a string of zeroes
Cycle 2 – writes random pattern

For classified information

Bruce Schneier algorithm

Number of overwriting cycles  – 7
Cycle 1 – writes a string of ones
Cycle 2 – writes a string of zeroes
Cycles 3..7– random write pattern

For secret information

Petera Gutmann algorithm

Number of cycles- 35
Cycles 1..4- writes random patterns
Cycles 5..6- writes a pattern of 55h,AAh
Cycles 7..9- writes 92h,49h,24h patterns
Cycles 10..25- writes an order of 00, 11h, 22h, etc. up to FFh
Cycles 26..28- as in 7..9
Cycles 29..31- writes a pattern of 6Dh, B6h
Cycles 32..35- as in 1..4

For top secret information

Using a suitable tool for your device (top-shelf software will have separate versions for hard drives, SSD cards, mobile phones and even targeted tools that will permanently remove only the file specified by the user) will be enough for most users concerned with the safety of their data. This is provided that the overwriting process does not get disrupted. In the previous email I mentioned that corrupted sectors of the disk cannot be overwritten. This means that you cannot erase data stored therein by using the overwriting method. Information stored in those sectors can still be recovered.

PLEASE NOTE: when it comes to highly sensitive data, such as corporate or institutional data in entities that are legally obliged to provide data security, leaving any sector out of the erasing process, even if the sector is corrupted, is not acceptable.

Good quality software should have a reporting feature for corrupted sectors — whenever one of them is located, you’ll get a notification. Seeing this message will mean that in order to fully destroy all data stored within that storage device, you’ll have to completely physically destroy it.

In my next post, I’ll tell you exactly how to do this. It’ll be worth the wait — we will be setting disks on fire, drilling through them, grinding them and melting them in acid — in other words, we will finally show them a good time!

See you soon!

P.S. As usual, any questions, doubts or comments about this series can be shared in the comment box below.

, , , , , , , , ,