Format Vs Pdwipe
Results 1 to 4 of 4

Thread: Format Vs Pdwipe

Hybrid View

  1. #1
    Junior Member
    Join Date
    Jul 2006
    Posts
    6

    Format Vs Pdwipe

    I am trying to understand what is the core difference between operating system based HDD erasing tools like format and third part tools like Pdwipe/eraser or OSS -dban.

    Please refer me the links which will help me in getting my understanding right.

  2. #2
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,192
    Hi,

    There is one fundamental difference. The operating system tools are designed to prepare a hard drive for the installation or reinstallation of the operating system, and that alone.

    They are not security tools and do not actually "erase" the data. It is still there, and can be subsequently recovered. This is exactly the same as when you "delete" something from the drive using the OS tools, and when you "empty" the recycle bin. All that happens is that space on the HDD is marked as available for reuse.

    A third party security tool actually overwrites the HDD or a part of it with other data. The basic DoD requirement writes zeroes on the first pass, ones on the second, and random zeroes and ones on the third. This makes it impossible to use a simple software solution for data recovery.

    This site has the theory explained:

    http://www.cs.auckland.ac.nz/~pgut001/
    Last edited by nihil; December 23rd, 2006 at 10:37 AM.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  3. #3
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,883
    A nice reference chart for the DoD standard can be found here:

    http://www.zdelete.com/dod.htm

    (Standard DoD 5220.22-M / NISPOM 8-306)

    Oh and just for the record (because I know it will come up) there is no legendary NSA 7 pass standard. The NSA uses the DoD standard and has no separate recommendation. You can actually call the NSA and ask them about this and they will gladly tell you this.

    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  4. #4
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,192
    Nice link Hoss,

    Whilst we are "mythbusting", there is a common misconception that Peter Gutmann's method involves overwriting 35 times. It doesn't.......................

    Some tools will use 35 passes because they are based on the assumption that you do not know the encoding pattern used by the drive, and they aren't smart enough to detect it. I think that only 17 or so of them are actually effective in any given situation.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides