Data security nowadays is the burning issue not only for companies and government agencies, but rank and file people as well. In the world of high tech, it is quite a challenge to destroy information, especially when you have no idea how to do it. We are all well aware of recent notorious trials, when the only evidence determining the outcome of the process was the data resurrected from a magnetic device. According to various studies over 40% of all discarded magnetic storage devices do still contain personal and classified info that as you can already guess, can be and is used not in the owner’s favor. Besides, constant hardware upgrade makes the problem even more complicated than ever.
Actually data security is a two-sided problem. It is to be made clear, that providing confidentiality implies not only information to be stored properly, but also be destroyed according to certain rules. The first step to protecting yourself is to know exactly which security precautions work and which do not.
Many people believe the misconception that repartitioning a disk will result in complete destruction of its contents. Actually that is not quite so. Repartitioning the drive only alters references to partitions in the Partition Table, leaving all file data intact. In fact, there are a number of programs available to successfully recover previously deleted partitions.
Formatting a drive also does not guarantee data destruction. Formatting procedure implies modification of the Master File Table (MFT) that keeps track of where file contents are stored on the disk and verification of each sector for consistency. Even a low-level format does not actually erase the file contents for good, since they can still be resurrected from their deleted state with minimal effort by using the popular today Magnetic Force Microscopy technology. MFM is an effective tool to magnetic investigations on submicron scale. Image obtained by MFM is the space distribution of some parameter characterizing magnetic probe-sample interaction, i.e. interaction force, amplitude of vibrating magnetic probe, etc. The MFM technology is being successfully applied in resurrecting deleted information even after a multiple overwriting, since it provides a unique possibility to differentiate between ones and zeros of various passes, because they are far from being the same when looking through the Magnetic Microscope.
The only way to make sure that all the data has been erased from a magnetic device is to overwrite all on-disk sectors with random patterns. Although this sounds complex, there is an easy way to do this.
The process of deliberately, irreversibly removing or destroying the data stored on a memory device (magnetic disks, flash memory drives, etc.) is generally known as Data Sanitization. A device that has been sanitized has no usable residual data and even advanced forensic tools should not ever be able to recover it, thus providing maximum level of security.
Data Security Standards
Government and military agencies are deeply worried by the fact how easily deleted information can be recovered particularly taking into consideration classified and top secret issues. That is why there have been developed a number of disk sanitizing standards. They are distinguished by wiping patterns and number of passes:
- US DoD 5220.22-M. US Department of Defense recommends to overwrite all addressable locations with a character, its complement and then a random character. Finally, the target data area is to be verified;
- US Navy standards NAVSO P-5239-26.
- NAVSO P-5239-26 for MFM encoded drives;
- NAVSO P-5239-26 for RLL encoded drives;
- British HMG Infosec Standard No.5. At first to write a single character pattern, then its complement and then a random character. Finally, the target data area is to be verified;
- German VSItR Standard. Overwrite the deleted information 7 times with specific patterns. Finally, the target data area is to be verified;
- Australian ASCI 33. Overwrite with a character (C), then verify. Overwrite with –C (the first pass character’s inverse), then verify again. Overwrite everything with both C and –C once again but without verification. Fill everything with random characters.
- Russian GOST R 50739-95. Destroy information by a single pass with writing random characters into each sector byte.
- Peter Gutmann's algorithm. A whopping 35 passes, with 27 random-order passes using specific patterns combined with eight passes using random patterns;
- Bruce Schneier's algorithm. Two passes of specific patterns followed by five passes using a cryptographically secure pseudo-random sequence;
- Paragon's algorithm.
- Overwrite each sector with a forcefully randomized 512-byte string, new for each sector, using CSPRNG (cryptographically secure pseudo-random number generator).
- Overwrite each erased sector with its complement.
- Overwrite each sector with a 512-byte string (CSPRNG), again forcefully randomized and different from the first pass, and new for each sector.
- Finally, the target data area is to be verified.
Note! Military and government standards always require 100 percent residual data verification. It is necessary to make sure that the operation has been properly accomplished. Besides corrupted sectors discovered during the operation are to be logged to keep the user informed, since these sectors may contain classified information.