1 |
On Sun, Jul 12, 2015 at 12:32 PM, Volker Armin Hemmann |
2 |
<volkerarmin@××××××××××.com> wrote: |
3 |
> |
4 |
> actually 1 time is enough. With zeros. Or ones. Does not matter at all. |
5 |
> |
6 |
|
7 |
That depends on your threat model. |
8 |
|
9 |
If you're concerned about somebody reading the contents of the drive |
10 |
using the standard ATA commands, then once with zeros is just fine. |
11 |
Secure erase is probably easier/faster. |
12 |
|
13 |
If you're concerned about somebody removing the disks from the drive |
14 |
and reading them with specialized equipment then you really want |
15 |
multiple rounds of complete overwrites with random data. Even then |
16 |
you run the risk of relocation blocks and all that stuff, so the |
17 |
secure erase at the end is still a wise move but it may or may not |
18 |
completely do the job. |
19 |
|
20 |
If you're concerned about somebody leaving the disks in the drive but |
21 |
having access to directly manipulate the drive heads to possibly |
22 |
access data not accessible using the standard ATA commands then one |
23 |
pass is probably good enough, but I'd still use random data instead of |
24 |
zeros. The reason is that a clever firmware (especially on an SSD) |
25 |
might not actually record zeros to the regular disk space, but instead |
26 |
just mark the block range as containing zeros, leaving the actual data |
27 |
intact. For random data the drive has to actually store the contents |
28 |
as it cannot be represented in any more concise way. |
29 |
|
30 |
If I'm not in a rush I prefer to just do the multiple passes. Why |
31 |
take a chance? |
32 |
|
33 |
And of course full-disk encryption is the solution to all of the |
34 |
above, as it defeats any kind of attack at the level of the drive and |
35 |
is proactive in nature. |
36 |
|
37 |
-- |
38 |
Rich |