In this day and age data security is even more important then ever. The news is full of stories where private information was found on used computers. Simply deleting data by throwing it into the Recycle Bin or the Trash is not even a viable option for true security.

With so many people using their computers for online banking, storing personal data such as Social Security Numbers, tax records, nude pictures, journals, stories, etc, it’s a wonder more doesn’t go on that we do not know about. After all this is just what’s reported in the news! With identity theft at an all time high, and the number of computers sold at an all time high, individuals must know how to protect their data.

Luckily for us, lots of companies provide such tools even for us Mac users! Unluckily for us, there are companies who specialize in recovering the unrecoverable data. I’ve had direct experience with Drive Savers many times, but their prices start at $800 and go from there. This is outside of the realm of your average data thief. But their “Museum of Disk-Asters” proves that even drives that look destroyed can have data recovered off them.

Two obvious questions come to mind. First, how does secure data erase work? And if it works, how do these companies recover it?

Hard drives work sort of like a record player, but with magnetic dust sprinkled on it. Each platter (like a record,) in the hard drive is split up into sectors. The number of platters and sectors defines how much data the hard drive can hold, ie. 80 megabytes or 250 gigabytes. The head (like a record player needle but MUCH smaller,) magnetically moves the dust particles in certain patterns. One pattern equals a Zero on the hard drive, another equals a One. This creates a binary number pattern that all computers understand and can interpert into information readable by humans.

Back in the late 80’s/early 90’s Peter Gutmann and Colin Plumb came up with the Gutmann Method. Based on the encoding mechanism used by the drive different patterns of Zeros and Ones were written to every single sector of the hard drive. Now days there are multiple methods of wiping hard drives from the Department of Defense 5220.22-m 3 pass method on the low end (the Russians and Germans, as is the State of Illinois are more paranoid,) to a modified version of the Gutmann Method at 35 passes of alternating Zeros and ones.

For most people one simple pass should be enough, but even at 35 passes companies like Drive Savers and government agencies can still retrieve data off the hard drive. Of course the more passes, the longer it takes to do in the first place, and the harder it is to recover the data. Back when hard drive technology was newer the heads were not 100% accurate, when they passed over a sector to read the magnetic particles it was not always in the exact same spot. Newer drives are a lot more accurate but can still have this same problem, especially cheaper low quality brands and consumer rated drives. Particles may have been changed on one pass, but were not changed again. This left a bit of information in the “grooves of the record” that could be read by simply stepping down how far the head moved. Incidently this is the cause of a large portion of percieved hard drive errors and corrupted data errors.

Erasel Methods such de-magnetizing and deguassing are dubious at best. And other methods such as burning, submersing in water and shooting (with a gun of course,) are still recoverable by professionals.

My favorite method is a bit time consuming, but even Data Rescue (my favorite Mac data recovery utility,) has a hard time getting anything useful. The first step is start by putting the hard drive in another computer. Using Disk Utilities or FDISK I split the drive into two or four partitions and format each. I then copy trash data to each partition. Something like an MP3 or a fairly large picture works well. I’ll simply copy it again and again to each partition on the drive until it’s full. This is similar to writing zeros and ones, but is a bit more random. So hopefully even if anything is found, it’s this data instead of what you really want to protect.

I then repartition the drive again into three pieces and repeat writing random data to the drives. This breaks up the random repeating pattern even more and causes the heads to read to slightly different parts of the drive (out of the grooves.) If I’m still feeling paranoid I’ll then install Linux or Windows to the drive and use it for a while for basic Internet Surfing or game playing. The goal is to over write as much of the original data with as much random data as possible. Of course simply erasing the drive and using it long enough for day to day business will handily accomplish this too.

For fun (because at this point the data should be gone,) I’ll pass the hard drive over to a gun enthusiast friend who’ll fill it full of holes. Or I’ll simply take it apart and play with the magnents or play with the platters. Even without going this far, I’m confident enough about the data being gone that I’d gladly give it over to a needy charity to use.

No related posts.