# dban - best wipe method?



## freakb18c1

Heh.. well Gutmann is the best method. However I would do a DoD 3 Pass at the very minimum.


----------



## Capt

Quote:


> Originally Posted by *freakb18c1*
> 
> Heh.. well Gutmann is the best method. However I would do a DoD 3 Pass at the very minimum.


Wouldn't 3 passes be a waste of time? A single pass is more than enough to make it impossible to recover any data. As far as Gutmann being the best method..

http://www.dban.org/node/40


----------



## freakb18c1

A single 0 pass can technically be recovered.. Possible, but not probable.








It's just good to be on the safe side!

I had I case where I formatted a drive and formatted a drive by mistake, and recovered all the data just fine. But one time I shift + deleted a file that I could NOT recover for the life of me.


----------



## Kramy

I usually do a zero fill with the manufacturer tools. (Seatools or WD DLG)

http://support.wdc.com/product/download.asp?groupid=612&sid=3
http://www.seagate.com/support/downloads/seatools/

DBAN takes a long time and requires rebooting to run it. Lately I've been shredding a lot of drives, so I do zero fills first from within Windows - if the owner requests it, I'll use CCleaner to nuke the drive over and over, as it has the same 1/3/7/35 pass options that DBAN does. (Caveat - it only nukes data within the partition(s), so you still have to run a zero fill to catch stuff outside)

http://www.piriform.com/ccleaner


----------



## DuckieHo

Quote:


> Originally Posted by *freakb18c1*
> 
> A single 0 pass can technically be recovered.. Possible, but not probable.
> 
> 
> 
> 
> 
> 
> 
> 
> It's just good to be on the safe side!


How? Even with a scanning electron microscope, it's not doable with good certainity.


----------



## freakb18c1

Have you ever tried recovering a wipped hd? I have ran a few tools after just running a single pass was ran, it found data... Was it readable? Not really








I'd like to think the government would be able to recover a wiped drive.


----------



## DuckieHo

Quote:


> Originally Posted by *freakb18c1*
> 
> Have you ever tried recovering a wipped hd? I have ran a few tools after just running a single pass was ran, it found data... Was it readable? Not really
> 
> 
> 
> 
> 
> 
> 
> 
> I'd like to think the government would be able to recover a wiped drive.


If a zero was written to each bit, how could a tool running through the same controller which wrote the value recover data? How would the controller know the value to be anything other than what it wrote? The answer is that the wiping software actually did not write a zero to each bit.

Nope, the government does not have the ability to recover a properly wiped drive.... in the same way they can't break AES-128 or recover data from a powered off DRAM (that wasn't frozen).


----------



## Capt

So I used WD DLG to do a zero fill and then did a 3 pass with CCleaner. There's nothing else to do now, right?


----------



## Kramy

Quote:


> Originally Posted by *Capt*
> 
> So I used WD DLG to do a zero fill and then did a 3 pass with CCleaner. There's nothing else to do now, right?


She's wiped! Nothing is surviving that.


----------



## Capt

Quote:


> Originally Posted by *Kramy*
> 
> She's wiped! Nothing is surviving that.


I might go the extra mile and do another 3 passes with ccleaner.


----------



## TAE2U

Yodat File Recovery will get back anything you Shift Delete.. its paid but worth it!


----------



## HiTekJeff

There are many law enforcement tools that can recover data, even those wiped several times. This is done though special tools and magnetic manipulation. Those tools include both custom hardware and software that analyze the data on a micron level. Some of this can be seen if you use a bit sector analysis program yourself that are widely available. You can scan it from sector 0,1 all the way to the end. This is why government agencies use *BOTH 35 pass wipes and hardware destruction*. They have industrial grade metal shredders that can chew up things like hard drives and other storage medium.

Also, check out how the FBI cracked the iPhone using the israeli computer firm that makes custom software/hardware for such purposes. They didn't have a program yet that could do it, just for some other iOS versions, but wrote one. If you truly want security you MUST destroy the drive. Otherwise, you are good with any program that does multiple wipes as most public don't have access to that type of software/hardware required. You can simply dispose of it or sell it and no one likely can recover it. Takes too much time and isn't cost effective unless you have a reason to.


----------

