On Sun, Jul 12, 2015 at 12:32 PM, Volker Armin Hemmann <volkerar...@googlemail.com> wrote: > > actually 1 time is enough. With zeros. Or ones. Does not matter at all. >
That depends on your threat model. If you're concerned about somebody reading the contents of the drive using the standard ATA commands, then once with zeros is just fine. Secure erase is probably easier/faster. If you're concerned about somebody removing the disks from the drive and reading them with specialized equipment then you really want multiple rounds of complete overwrites with random data. Even then you run the risk of relocation blocks and all that stuff, so the secure erase at the end is still a wise move but it may or may not completely do the job. If you're concerned about somebody leaving the disks in the drive but having access to directly manipulate the drive heads to possibly access data not accessible using the standard ATA commands then one pass is probably good enough, but I'd still use random data instead of zeros. The reason is that a clever firmware (especially on an SSD) might not actually record zeros to the regular disk space, but instead just mark the block range as containing zeros, leaving the actual data intact. For random data the drive has to actually store the contents as it cannot be represented in any more concise way. If I'm not in a rush I prefer to just do the multiple passes. Why take a chance? And of course full-disk encryption is the solution to all of the above, as it defeats any kind of attack at the level of the drive and is proactive in nature. -- Rich
