1.1 Erasing Confidential Data 

Modern methods of data encryption are deterring network attackers from extracting sensitive data from stored database files.

Attackers who want to retrieve confidential data are becoming more resourceful by looking into places where data might be stored temporarily. For example, the Windows DELETE command merely changes the files attributes and location so that the operating system will not look for the file. The situation with NTFS is similar.

One avenue of attack is the recovery of data from residual data on a discarded hard drive. When deleting confidential data from hard drives, removable disks or USB devices, it is important to extract all traces of the data so that recovery is not possible.

Most official guidelines regarding the disposal of confidential magnetic data do not take into account the depth of today's recording densities, nor the methods used by the operating system when removing data. For example, the Windows DELETE command merely changes the file name so that the operating system will not look for the file. The situation with NTFS is similar.

Removal of confidential personal information or company trade secrets in the past might have been performed using the FORMAT command or the FDISK command. Ordinarily, using these procedures gives users a sense of confidence that the data has been completely removed.

When using the FORMAT command, Windows displays a message like this:

killdisk note

Important: Formatting a disk removes all information from the disk.

The FORMAT utility actually creates new FAT and ROOT tables, leaving all previous data on the disk untouched. Moreover, an image of the replaced FAT and ROOT tables is stored, so that the UNFORMAT command can be used to restore them.

FDISK merely cleans the Partition Table (located in the drive's first sector) and does not touch anything else.

Erase/Wipe Methods

One Pass Zeros or One Pass Random

When using One Pass Zeros or One Pass Random, the number of passes is fixed and cannot be changed. When the write head passes through a sector, it writes only zeros or a series of random characters.

User Defined

You indicate the number of times the write head passes over each sector and pattern to be written.

US DoD 5220.22-M

The write head passes over each sector three times. The first time with zeros (0x00), second time with 0xFF and the third time with random characters. There is one final pass to verify random characters by reading.

US DoD 5220.22-M (ECE)

The write head passes over each sector seven times. The first time with zeros (0x00), second time with 0xFF and the third time with random characters, the fourth time with 0x96, and then first three passes repeated again. There is one final pass to verify random characters by reading.

German VSITR

The write head passes over each sector seven times, each pass writing the following characters: 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, 0xAA.

Russian GOST p50739-95

The write head passes over each sector two times, first pass is zeroes (0x00), the second pass is random characters.

Canadian OPS-II

The write head passes over each sector seven times, each pass writing the following characters: 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, Random.

HMG IS5 Baseline

The write head passes over each sector once, writing zeroes (0x00).

HMG IS5 Enhanced

The write head passes over each sector three times, writing zeroes (0x00), then 0xFF, and finally random characters.

US Army AR380-19

The write head passes over each sector three times, first pass writing random characters, then zeroes (0x00), and finally 0xFF.

US Air Force 5020

The write head passes over each sector three times, first pass writing 0xFF, then zeroes (0x00), and finally random characters.

Navso P-5329-26 RL

The write head passes over each sector three times, first pass writing 0x01, then 0x27FFFFFF, and finally random characters.

Navso P-5329-26 MFM

The write head passes over each sector three times, first pass writing 0x01, then 0x7FFFFFFF, and finally random characters.

NCSC-TG-025

The write head passes over each sector three times, first pass writing zeroes 0x00, then 0xFF, and finally random characters.

Bruce Schneier

The write head passes over each sector seven times, each pass writing the following characters: 0xFF, zeroes (0x00), then five passes with random character.

Gutmann

The write head passes over each sector 35 times

New! Department of Energy erase method (DoE M 205.1-2)

3 passes

New! Canadian CSEC ITSG-06 erase method

Pass 1: Writes a one or zero
Pass 2: Writes the complement of the previously written character (e.g. one if Pass 1 wrote a zero)
Pass 3: Writes a random character and verifies the write

New! Erases with user defined method

using specified number of passes and custom pattern (including hex values) for each pas

 

This document is available in PDF format, which requires Adobe® Acrobat® Reader (Free download):

hard disk eraser

USER'S GUIDE
(for DOS)

Size: 494 KB

killdisk hard disk eraser

USER'S GUIDE
Size: 2 MB

hard disk eraser note

KillDisk Datasheet
Size: 242 KB