Sitemap
Tel: 0870 3000905
g+ t f
  • WEEE Disposal:

    Providing a collection and recycling service for Clients.

  • Protecting the Environment:

    Managing Hazardous Wastes for Clients since 2005.

  • Assisting Business:

    Providing Consultancy, mitigating risk to the Envionment, Improving CSR.

Permanent destruction of Data on Hard Disks and Solid State Disks

By



Background:

How is electronic Information Stored?

 

Electronic data is stored as a series of 0s and 1s, known as “binary code”. Each digit is known as a bit and the smallest number of them that can be read is eight, which is referred to as a byte. A kilobyte (kB) is 1024 bytes or 8192 bits and a megabyte (MB) is 1,048,576 Bytes or 8,38,8608 Bits.

 

Computers usually use mechanical Hard Disk Drives to store information permanently. This is known as non-volatile storage because the information does not disappear when the computer is switched off. Mechanical Hard disks store the information on a magnetic disk, known as the platter and the information is written to the platter using a “head”- a modern version of the record player stylus. Information is stored on the platters using positive and negative magnetic charges to correspond with the 1s and 0s noted above.

 

Other forms of storage media include Tapes, CDs, DVDs and Solid state media (USB thumb drives and Solid State Hard Drives). Every one of these stores digital information as a series of 0s and 1s.

 

Data Protection

 

Both the United States and the United Kingdom employ regulations that are designed to protect the confidential information of third parties, including the personal details of members of the general public. The United Kingdom’s regulations consist of the “Data Protection Act”, although this act in itself, whilst being an implementation of the EU Data Protection Directive (1995), does not make direct reference to the secure destruction of confidential information.

 

The Act does however make clear reference to third party access to such information and the penalties that may be imposed should such an occurence arise. Numerous cases have been brought by the Information Commissioners office (ICO) against public bodies who have employed third parties for the destruction of such information, only to have it end up in a public place. Moreover, the Act prohibits the transfer of that data to a country outside of the EU, which has significant implications for those who employ third parties known to export e-waste.


The Removal of Data

The removal of data from Physical storage devices, allowing for their re-use can be considered as having four different approaches, each with their own merits and each having their own pitfalls. They are defined as being:

  • Weak Erase (deleting the file)
  • Block Erase (Software Erasure of Data)
  • Normal Secure Erase (Built in erase commands in modern Hard Disks)
  • Enhanced Secure Erase

.

Deleting a File (Weak Erase)

 

Many people assume that if you delete a file from your computer and then empty the ‘wastebasket’ that is on the desktop (and maybe run a ‘disk clean-up’ for good measure), the file is gone for good.

 

Unfortunately, when you ‘delete’ a file from your PC, what you are doing is not erasing the file itself, but simply the reference to it on the mechanical hard disk, known as the master file table reference. Essentially, the data itself is still there, you’ve only removed the reference to where it can be found. It’s a little like “Ripping the index out of a book. The actual pages, with all the original information and text are still there.”

 

This principle doesn’t just apply to a computer or laptop. It applies to just about every digital device you own or use. As stated by the Information Commissioners Office,
“Personal data can be stored on any device with a permanent memory, including desktop and laptop computers, external hard drives, games consoles, mobile phones, tablets, faxes, printers, and removable memory such as that found in digital cameras.” In pretty much every instance, simply deleting the file, doesn’t remove the data. The operating system only marks the parts containing the data as “unused.”

 

There is of course a caveat emptor to this, in that it does not apply to modern solid state disks, which employ the “TRIM” command, but more about this later.

Recovering Deleted Files from Mechanical Hard Disks

 

Deleted files can be recovered easily using proprietary file recovery software and there are plenty to choose from. A couple of examples include:

  • Active Undelete: This is freeware software for DOS and Windows. It can recover files on Hard Disks formatted to NTFS, FAT, ex FAT, Linux Ext2/Ext3/Ext4/BtrFS, Apple HFS+ and Unix UFS file systems.
  • Wise Data Recovery: Can get back lost files from hard drive, external hard drive, USB drive, Memory card, digital camera, mobile phone, MP3 player and other storage media.

Even erasing the whole operating system (Microsoft Windows, Mac OS, Linux) still leaves the files intact- and recoverable simply by booting off an install CD.

 

Going One Step Further:

 

You can go a step further: delete the files you want to erase, empty the recycle bin, download a huge file which fills the disk and overwrites the space taken up by the old files – and then delete that. But even then, when your old files have been overwritten with new files, ‘ghosts’ of the old data may remain on the hard drive (this in itself is making it a little harder for criminals to recover your data).

Block Erase: The Overwriting, Purging or Binary Wiping of Mechanical Hard Disks

 

Binary wiping, which is also known as Purging or Disk Overwriting is a process of writing a random series of 0s and 1s to every part of the mechanical hard disk, changing the magnetic state of every part of the platter at random so that the information on it is pure gibberish.

 

Numerous governments throughout the world have developed standards of data wiping/ disk purging to prevent access to confidential information. These included:

  • U.S. Air Force SSI 5020: 4 Pass write with verification (1993)
  • U.S. DoD Unclassified Computer Hard Drive Disposition: 3 pass Write (2001)
  • German Federal Office for Information Security: 2-3 pass write (2004)
  • NIST SP-800-88: 1 pass write (2006)
  • Australian Government ICT Security Manual 2014 – Controls: 1 pass write (2014)
  • HMG Infosec Standard IS 5 Baseline: 1 pass write
  • HMG Infosec Standard IS5 Enhanced: 3 pass write
  •  

    However, the effectiveness of these standards have been undermined by the is-interpretation of a paper published in 1996. During that year, Peter Gutmann of the Department of Computer Science at the University of Auckland published a paper entitled “Secure Deletion of Data from Magnetic and Solid-State Memory”. The paper, which was widely is-interpreted led to the Gutmann method- a binary wiping process that employs 35 random writes to the hard disk platter, thereby introducing doubt as to the validity of processes aimed at writing to blocks with fewer passes.

     

    However, the paper was aimed at technology deployed prior to 1996 and as stated in an epilogue later released by Gutmann, “For any modern PRML/EPRML drive, a few passes of random scrubbing is the best you can do. As the paper says, “A good scrubbing with random data will do about as well as can be expected”. This was true in 1996, and is still true now.”

     

    Block Erase, unlike the process of Secure Erase (see below) has one flaw in that it does not overwrite blocks that are bad. The Hard Disk controls this part of its operation internally, re-assigning data from bad blocks to good blocks and then preventing the bad block from being used by the computer itself. As a result, Block Erase software is not able to access and erase this part of a hard disk.

    Solid State Vs Mechanical Hard Disks:

     

    Solid state Drives are different to traditional mechanical drives. They support the “TRIM” command which means that they will completely wipe the file in the background once you have deleted it from the computer. The reason for this is that they function differently to mechanical hard disks. A Mechanical disk operates faster when it overwrites sectors that previously stored information but that have had the master file table reference removed. This is because the process of overwriting or blanking a sector on a mechanical disk takes time to complete and consumes system resources.

     

    On a solid state disk, the converse is true. Overwriting a sector of the disk that contains any data, even if it has no file table reference takes longer than writing to a blank part of the disk. When a file is deleted, the TRIM command tells the disk to blank the area that previously stored the data and this is performed in the background without taking up any of the computers resources. As a result, simply deleting a file by dragging it to the wastebasket really does remove all the information on a solid state disk.

     

    However, manufacturers have been reported to also include “wear levelling” to increase the life-expectancy of Solid State devices. Wear levelling re-allocates data to other blocks, making the previously used blocks unavailable for use. This can leave data on the solid state device in a “dormant” state that cannot be read or accessed by software until the block is once again activated.

    Secure Erase

     

    Secure erase, unlike the software erase discussed above, is a built in function on most modern hard disks currently available. It is a command line driven function that is implemented inside the firmware of the hard disk itself and results in the entire disk being overwritten. To execute Secure Erase commands, you must use a program that interfaces directly with the hard drive and even then, you probably won’t be running the command manually.

     

     

    Secure Erase functions started to be incorporated on Disks in 1996, after an agreement was reached by the numerous manufacturers and the US’s CMRR. During the process, the drive itself performs a single overwrite of all parts of the disk platter. As stated by the CMRR, “It completely erases all possible user data areas by overwriting, including the so-called g-lists that contain data in reallocated disk sectors (sectors that the drive no longer uses because they have hard errors in them). ” The host computer is not fed details during this process as the disk itself is able to self-verify overwriting of each block.

     

    Complete eradication of user data off drives can be accomplished by running data Secure Erasure utilities such as the freeware “
    HDDerase” It executes the Federally-approved (NIST 800-88) Secure Erase command in the ATA ANSI standard, which is implemented in all recent ATA drives greater than 15-20 GB.

     

    Note though that the Secure Erase Command in the SCSI ANSI standard remained an optional addition to those Hard Disks and many were manufactured post 1996 without the executable addition to the firmware.

     

    External USB Drives

     

    External enclosures contain standard hard disks and use a bridge (small printed circuit board with control chip) that interfaces the ATA or SATA drive with USB. As detailed by Seagate, the Bridge’s controller chip will in many instances block Secure erase commands, resulting in external USB drives not being wiped.

    Enhanced Secure Erase

     

    Enhanced Secure erase is limited to drives that include encryption on them. These Disks contain a special program embedded in the silicon chips on the printed circuit board that use an encryption key to encode and decode the information stored on the platters. The enhanced secure erase command changes the encryption key and the drive’s information becomes gibberish immediately, as if it is factory new.


    Degaussing

    Degaussing is applied via an electro magnet using either an AC or DC current. These currents create a magnetic field that result in the 0s and 1s on the medium being removed as the magnetic alignment of the ferrous medium changes on the storage device.

     

    Degaussing offers a quick process of data removal for magnetic storage media such as Tapes and Hard Disks. However, for the latter, the process irrecoverably destroys the drive by removing specific information such as servo patterns, which are used to correctly position the read/ write head over the platter. As the density of information stored on Mechanical Hard Disks increases every year, the strengths of the magnetic fields needed to eradicate the data are correspondingly increasing.

     

    As highlighted in a paper by the CMRR (US), “Drive designers continually increase the linear density of magnetic recording to create higher data storage capacity per disk. This raises the disk magnetic coercivity, the field required to write bits on the magnetic media. As the magnetic coercivity increases, the fields required to erase the data on recorded disks increases. Thus an older degausser may not fully erase data on a newer hard disk drive. New perpendicular recording drives may not be erasable by present degaussers designed for past longitudinal recording drives. “

     

    A further issue with degaussing is the lack of verification once the process has been completed.

     

    Moreover, with the increasing prevalence of Hybrid SSD and fully fledged SSD drives, degaussing has no effect on data stored in NAND flash memory and should not be used on these types of drives.

     

    Physical Destruction

    Whilst degaussing is for some magnetic media a physical destruction process in that it renders the media inoperable, the act of physically destroying a hard disk, whether mechanical or solid state, will render it completely inoperable. However, this is surprisingly difficult. Mechanical Hard disks are robust devices, with a chassis made from cast aluminium and stainless steel covers, and though it is easy to destroy the sensitive electronics and the stylus mechanism, the disk itself is quite hard to destroy completely, given that it’s usually made from aluminium alloy or toughened safety glass.

     

    The US Pentagon suggests putting the whole thing in a metal-mulcher.

     

    Europe and the UK introduced a similar system through BS EN 15713 (2009) whereby shred sizes for each type of storage medium are specified in the form of a Shred Number in the standard. Hard Disks in this instance require shredding to particles no greater than 5mm in diameter.

     

    However, even such physical destruction is not absolute if any remaining disk pieces are larger than a single 512-byte record block in size, about 1/125” in today’s drives. As linear and track densities increases, the maximum allowable size of disk fragments become ever smaller.

    Ultimately

    Ultimately, there’s no clear winner when it comes to completely destroying data, particularly where the media is to be re-used or re-deployed. However, the destruction processes described above do eliminate the information contained on Hard Disks to such an extent as to make the recovery of any legible information tantamount to impossible. The remnants of information left behind on a mechanical hard disks platter are sparse or fragmented and would require significant financial investment to recover, making the process difficult to quantify.



    Date Published:

About the Author: