Data is stored on a hard disk as a sequence of 1s and 0s (ones and zeros) represented by differently magnetized parts of a disk. Information removed from a hard disk drive by non-secure means (for example, by simply deleting the file) can easily be recovered by file recovery software. By using specialised equipment, someone may be able to recover even repeatedly overwritten information.
When you delete a file from your disk, Windows deletes the reference to that file from its File Allocation Table (FAT), but the actual data remains on your hard disk in the same sectors in which it previously existed. Even deleting partitions or formatting your hard drive wont actually remove the data. It remains for prying eyes to see whether its financial information (such as online banking information, payroll data, social security numbers or credit card numbers), confidential e-mail messages, personal photos or other private information. If you leave critical data on the disk, a knowledgeable person can look into your private information and crime, such as identity theft, becomes easy.
To prevent data retrieval, the existing data must be destroyed. You permanently destroy data by writing over it usually with some pattern (such as all zeroes, 00000, or all ones, 11111). Sophisticated data thieves can read or interpret deleted data and can retrieve that information even from reformatted drives. Therefore most standards implement permanent destruction by repeatedly writing patterns over the original data.
Eight different methods for destroying data:
Fast
American: U.S. Standard, DoD 5220.22-M
American: NAVSO P-5239-26 (RLL)
American: NAVSO P-5239-26 (MFM)
German: VSITR
Russian: GOST P50739-95
Peter Gutmann algorithm
Bruce Schneier algorithm
Fast Method
The Fast method, as its name indicates, is the quickest method. It performs a single pass on the selected partition or drive and zeroes out all sectors. This method may be sufficient if you feel that you dont need to be concerned about someone attempting to recover the data. Perhaps youre giving an old computer to another family member or its to be transferred to another person in your department.
Even though this method is named Fast, depending on the size of the disk, erasing the disk with this method will require considerable time. For example, erasing an external FireWire (IEEE 1394) 120 GB disk may take almost 2 hours.
U.S. Standard, DoD 5220.22-M
To destroy data, this method uses four passes:
1. Writes randomly selected symbols to each byte of each sector.
2. Writes the complement of the first passs pattern to each byte of each sector.
3. Writes random symbols again.
4. Verifies the data written in the third pass.
NAVSO P-5239-26 (RL)
To destroy data, this method uses four passes:
1. Writes 0x01 to all sectors.
2. Writes 0x27FFFFFF to each sector.
3. Writes random symbols to each sector.
4. Verifies the data written in the third pass.
NAVSO P-5239-26 (MFM)
To destroy data, this method uses four passes:
1. Writes 0x01 to all sectors.
2. Writes 0x7FFFFFFF to each sector.
3. Writes random symbols to each sector.
4. Verifies the data written in the third pass.
VSITR
To destroy data, this method uses seven passes:
1. Writes 0x00 to all sectors.
2. Writes 0xFF to all sectors.
3. Writes 0x00 to all sectors.
4. Writes 0xFF to all sectors.
5. Writes 0x00 to all sectors.
6. Writes 0xFF to all sectors.
7. Writes 0xAA to all sectors.
Russian: GOST P50739-95
In one pass, GOST writes logical zeros (0x00) to each byte of each sector for 6th to 4th security level systems. For 3rd to 1st security level systems, it writes randomly selected numbers to each byte of each sector.
Peter Gutmann algorithm
The Gutmann method uses thirty-five passes to securely erase date. While this method is very secure, it is also the method that takes the longest time.
Bruce Schneier algorithm
Bruce Schneiers algorithm uses seven passes:
1. Writes 0xFF to all sectors.
2. Writes 0x00 to all sectors.
3. Writes a cryptographically secure pseudo-random sequence to all sectors.
4. Writes a cryptographically secure pseudo-random sequence to all sectors.
5. Writes a cryptographically secure pseudo-random sequence to all sectors.
6. Writes a cryptographically secure pseudo-random sequence to all sectors.
7. Writes a cryptographically secure pseudo-random sequence to all sectors.
This method is a very secure method particularly if you dont want to take the time to use the Peter Gutmann algorithm.