One of the first things computer users, who are concerned with security, learn is that multiple overwrites with ones and zeros are required in order to wipe data to the extent that it is unrecoverable by any forensic analysis tools. According to this article on Softpedia, on which I stumbled while searching for something else, the above statement is a myth; a busted myth actually. Experts now claim that a single complete overwrite is enough to render the data unrecoverable.

Refering to the myth, the author of the article writes:

One of the reasons behind this idea is that the positioning of a hard disk drive’s head is not precise enough to ensure that the data is overwritten with new information from the exact same byte.

A study, published on December 2008, claims that tests performed on both last and older generation hard drives have shown that recovering even a single byte of data after a complete overwrite is practically impossible.

Security researchers from Heise Security, who have reviewed the paper presented at last year’s edition of the International Conference on Information Systems Security (ICISS), explain that a single byte of data can be recovered with a 56 percent probability, but only if the head is positioned precisely eight times, which in itself has a probability of occurring of only 0.97%.

Since I was one of those who believed the statement about the multiple overwrites, I found the article very interesting. I haven’t read the study itself though.

Effective data wiping with a single complete overwrite by George Notaras is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Copyright © 2009 - Some Rights Reserved