Re: Advice regarding servers and Wiping Drives after testing

[Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>]

On 2007-08-31 cosynmr () googlemail com wrote:
> Can someone explain why anything would be left after running :
>
> dd if=/dev/zero of=/dev/hda
>
> Wouldn't this write zeros across the entire disk? How could anything
> be recovered afterward?
>
> I see osx disk utility can with write zeros once, or write zeros many
> times. Is there any advantage in multiple writes?

The magnetic media in your harddisk are analog, so even after
overwriting the media with zeroes there may be some residual magnetism
left from which the original data might be reconstructed. However, that
will require opening the case and examining the actual platters with
Magnetoforce Microscopy or something. Overwriting the media several
times will reduce residual magnetism, because due to mechanical
inaccuracy the heads will not be at the exact same positions during each
pass.

That said, I have yet to see a single case where someone was able to
recover data from an overwritten harddisk, even after a single pass with
zeroes.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq