Hard Drive erasing progarm?

[Archman]

Are there any good FREE programs that will erase a HD?

 

[Rubycon]

DBAN

 

[Archman]

MS Dawn, thank you

 

[fishjie]

question: does doing a format of the hard drive not gurantee deletion of all data?

 

[Fallen Kell]

Originally posted by: fishjie
question: does doing a format of the hard drive not gurantee deletion of all data?

Correct. Most format software will simply remove the file lookup table information and leave the blocks alone. When you actually go to write to a new block of data, it will then actually format that block at that time. As such, if the disk was previously formated and had data stored on the disk, that data will still be accessible from forensic disk analyzer software and can be reconstructed and retrieved.

You need to use a format program that actually writes and re-writes to all data blocks when it actually does the format command. The reason most new format utilities do not do this is because it would take a long time to format the large sized disks.

 

[Seekermeister]

Maxtor's MaxBlast/PowerMax has a low level format utility in it. I would imagine that other manufacturer's utilities do also.

 

[Matthias99]

Originally posted by: Fallen Kell

Originally posted by: fishjie
question: does doing a format of the hard drive not gurantee deletion of all data?

Correct. Most format software will simply remove the file lookup table information and leave the blocks alone. When you actually go to write to a new block of data, it will then actually format that block at that time. As such, if the disk was previously formated and had data stored on the disk, that data will still be accessible from forensic disk analyzer software and can be reconstructed and retrieved.

You need to use a format program that actually writes and re-writes to all data blocks when it actually does the format command. The reason most new format utilities do not do this is because it would take a long time to format the large sized disks.

Most format tools (including the ones that Windows comes with) have the option to do a "full" format (or else they will have an option for a "quick" format, which will do what you described above, and deselecting that option will do a full format). A "full" format or zero fill (sometimes erroneously called a "low level format") will make it impossible to use data reconstruction software on the drive. For most people, this is plenty good.

However, even a zero fill of the drive may leave some data that can still be read by disassembling the drive and reading the platters with higher-resolution magnetic scanners. Writing multiple passes of random data (like DBAN does) is better, but due to things like track alignment error, there may still be some readable data on the drive afterwards.

If the data on the drive is sensitive enough that you think someone might be willing to spend many thousands of dollars to acquire it (corporate/military secrets, etc.), then the only real option is to destroy the drive.

 

[w00t]

"Hard Drive erasing progarm?"

Topic Title

I also wanted to say next time please use the search function I've seen plenty of these threads

 

[fishjie]

thanks for the clarification guys.

 

[Archman]

I've played with Mac OS X, and noticed that when you want to format a HD it has the option to write zeroes to the HD, and has another option to do that seven times. I wonder why MS didn't include that option on their OS.

Not taking sides for Apple or MS, I like both.

 

[Fallen Kell]

Originally posted by: Matthias99

Originally posted by: Fallen Kell

Originally posted by: fishjie
question: does doing a format of the hard drive not gurantee deletion of all data?

Correct. Most format software will simply remove the file lookup table information and leave the blocks alone. When you actually go to write to a new block of data, it will then actually format that block at that time. As such, if the disk was previously formated and had data stored on the disk, that data will still be accessible from forensic disk analyzer software and can be reconstructed and retrieved.

You need to use a format program that actually writes and re-writes to all data blocks when it actually does the format command. The reason most new format utilities do not do this is because it would take a long time to format the large sized disks.

Most format tools (including the ones that Windows comes with) have the option to do a "full" format (or else they will have an option for a "quick" format, which will do what you described above, and deselecting that option will do a full format). A "full" format or zero fill (sometimes erroneously called a "low level format") will make it impossible to use data reconstruction software on the drive. For most people, this is plenty good.

However, even a zero fill of the drive may leave some data that can still be read by disassembling the drive and reading the platters with higher-resolution magnetic scanners. Writing multiple passes of random data (like DBAN does) is better, but due to things like track alignment error, there may still be some readable data on the drive afterwards.

If the data on the drive is sensitive enough that you think someone might be willing to spend many thousands of dollars to acquire it (corporate/military secrets, etc.), then the only real option is to destroy the drive.

Correct, which is why for when a government facility is getting rid of a disk used to store classified material they go through a wipe process which involves using a program to randomly write a a full sized block of random 1's and 0's to each and every block of data on the disk, including the hidden/reserved data blocks that are held for use when sectors are marked bad. I believe the current standard is 5 complete runs of that utility before the disk can be gotten rid of. If the disk has failed they will destroy them in either an acid bath or a degauser which litterally rips the magnetic coating off the glass substrates.

 

[n0cmonkey]

The only way to be sure is to destroy the drive. Anything else leaves too much data behind.

 

[Matthias99]

Originally posted by: Fallen Kell

Originally posted by: Matthias99

Originally posted by: Fallen Kell

Originally posted by: fishjie
question: does doing a format of the hard drive not gurantee deletion of all data?

Correct. Most format software will simply remove the file lookup table information and leave the blocks alone. When you actually go to write to a new block of data, it will then actually format that block at that time. As such, if the disk was previously formated and had data stored on the disk, that data will still be accessible from forensic disk analyzer software and can be reconstructed and retrieved.

You need to use a format program that actually writes and re-writes to all data blocks when it actually does the format command. The reason most new format utilities do not do this is because it would take a long time to format the large sized disks.

Most format tools (including the ones that Windows comes with) have the option to do a "full" format (or else they will have an option for a "quick" format, which will do what you described above, and deselecting that option will do a full format). A "full" format or zero fill (sometimes erroneously called a "low level format") will make it impossible to use data reconstruction software on the drive. For most people, this is plenty good.

However, even a zero fill of the drive may leave some data that can still be read by disassembling the drive and reading the platters with higher-resolution magnetic scanners. Writing multiple passes of random data (like DBAN does) is better, but due to things like track alignment error, there may still be some readable data on the drive afterwards.

If the data on the drive is sensitive enough that you think someone might be willing to spend many thousands of dollars to acquire it (corporate/military secrets, etc.), then the only real option is to destroy the drive.

Correct, which is why for when a government facility is getting rid of a disk used to store classified material they go through a wipe process which involves using a program to randomly write a a full sized block of random 1's and 0's to each and every block of data on the disk, including the hidden/reserved data blocks that are held for use when sectors are marked bad. I believe the current standard is 5 complete runs of that utility before the disk can be gotten rid of. If the disk has failed they will destroy them in either an acid bath or a degauser which litterally rips the magnetic coating off the glass substrates.

I've actually heard that disks that ever contained "Top Secret" classification data are always destroyed (by degaussing, or being literally shredded; I doubt an acid bath would be an effective disposal technique, and is awfully messy/dangerous).

Disks that contained less sensitive information (e.g. financial or personal data) would probably just be wiped quite thoroughly, as you described. There is a DOD (Department of Defense) specification for wiping hard drives; it is along those lines.