Comparison of Secure Erase and other data removal methods in government agencies
Method of cleaning data is a special method by which a data destruction program or file shredder to overwrite the data on the hard disk or other storage device to the stored data securely destroyed without possibility of recovery.
Technically, there are other methods of destroying data that are not based on overwriting sectors 12 to media, such as destroying media in shredders, demagnetizing hard drives, or burning hard drives and SSDS. As a rule, the term “data cleaning” refers to software methods of information removal.
List of data cleaning methods
Here are some popular data cleaning methods used by data destruction programs:
- Secure Erase (industry standard)
- DoD 5220.22-M (US Department of defense)
- NCSC-TG-025 (us Department of security)
- AFSSI-5020 (US AIR FORCE)
- AR 380-19 (US Troops)
- NAVSO P-5239-26 (US Navy)
- RCMP TSSIT OPS-II (Canada)
- CSEC ITSG-06 (Canada)
- HMG IS5 (United Kingdom)
- ISM 6.2.92 (Australia)
- NZSIT 402 (New Zealand)
- VSITR (Germany)
- GOST R 50739-95 (Russia)
- Gutmann (Peter Guttman)
- Schneider (Bruce Schneier)
- Pfitzner (Roy fitzner)
- Filling in random data
- Zero-fill
Most data destruction programs also allow you to customize your own data cleaning method with any overwrite pattern and as many passes as you want. For example, a program might allow data to be overwritten with zeros during the first pass, ones in the second pass, and then random characters for eight more passes.
What is the best method of data cleaning?
Overwriting one or more files or the entire hard drive just once with a single character (one or zero) should prevent data recovery from the hard drive by any file recovery software - this has been proven by research laboratories, which means most data cleaning methods are overkill.
Most experts agree that the best way to safely erase is to overwrite the entire hard drive in a single pass. The very simple Write Zero method does pretty much the same thing, albeit much slower.
Using any cleanup method to delete data actually just comes down to writing other data on top of your previous ones – this happens both when you safely delete one file and when you clean up the entire hard drive or disk array.
If one overwrite is enough, why are there so many methods to clean up data?
Some researchers believe that there are, or may be, methods for extracting information from hard drives that use residual plate magnetization, which will allow data to be recovered even after each sector on the drive has been completely overwritten. Therefore, independently of each other, different organizations have developed their own standards that guarantee the impossibility of recovery, not only existing methods, but also those that will appear in the future. In simple terms, everyone is trying to make a name for themselves on what is unclear and inaccessible to others.
Secure Erase
Secure Erase is the name of a set of commands available from the firmware of PATA and SATA-based hard drives. Secure erase commands are used as a method of clearing data to completely overwrite all data on the hard disk. This is the only method that is used inside the hard drive: the program tells the hard drive to “delete data in a safe way”, and then the HDD controller erases the data.
Once the hard drive has been erased by a program that uses SecureErase commands, no file or partition recovery program will be able to extract data from the drive. This method works as follows:
1 pass: filling units or zeros
No overwrite check is needed here because the overwrite process is controlled by the hard disk firmware. Because of this, SecureErase is faster than other data cleaning methods and possibly more efficient.
More about Secure Erase
Because Secure Erase is only a method of cleaning up the data of the entire disk, it is not available to safely destroy individual files or folders, which so-called file shredders can do.
Using SecureErase to delete data from your hard drive is often considered the best way because it is done at a low level. Neither the operating system nor the file system is relevant to the process when the controller itself sequentially overwrites the entire hard drive.
To run the Secure Erase command, you must use a program that interacts directly with the hard disk. One such program is HDD Erase, developed by the Center for magnetic Recording Research at the University of California, San Diego. (https://cmrr.ucsd.edu/resources/secure-erase.html 35)
Secure Erase is not implemented in all hard drives and SSDS. Some file shredders and data cleaning programs use the words Secure Erase in their specifications, but if they do not specifically indicate support for this feature, they probably use some other algorithms.
Use Secure Erase in a storage system:
Most storage systems, including enterprise models and NAS for home users from Huawei, QNAP, and Synology support Secure Erase: simply select the drive you want to clean, run disk cleanup, and wait for the process to complete. Of course, before that you need to remove the disk from the array.
Secureerase application on desktop computers and laptops
The safe disk erase feature can be integrated into UEFI, which is the best and most convenient cleaning method. If it does not exist - here is a list of programs that use the SecureErase method:
- MHDD
- CopyWipe
- Hdparm (linux)
Secure Erase application for SSD
Typically, if you apply the Secure Erase command to an SSD drive, the controller understands it and executes it, dropping all memory cells with the Block Erase command, including those reserved for internal use in the " Empty”state. Only SMART data, firmware and damaged cell table are not affected. The disk returns to the new state and restores the factory write speed. On a normal SSD, this command is executed in a minute or two against several hours on the HDD.
Programs designed for scrubbing of hard disks by the method SecureErase will work with a SATA SSD. That is, if the storage system has a function of fast disk cleaning, it will work with SATA SSD drives. On personal computers it is better to use utilities from the manufacturer SSD:
- Corsair SSD Toolbox
- Samsung Magician
- Intel Solid State Drive Toolbox
- Toshiba (OCZ) SSD Utility ( Now Toshiba )
- SanDisk SSD Dashboard
- Kingston SSD Toolbox
- Micron SSD Management
Most SAS/ NVME / PCI Express SSDs are similarly cleaned using the SecureErase or Format Unit command. By the way, if you turn off the power during the SSD cleaning process, the next time you turn on the drive, it will first finish cleaning and only then go into the ready state.
An alternative to using the Secure Erase command is simple formatting followed by the TRIM command. The drive controller similarly frees memory cells by securely erasing everything that was previously stored in them.
SSD manufacturers strongly recommend that they do not use all those methods of repeated overwriting of data developed for hard disks, because first, it increases the wear of the drive, and secondly, these methods do not clean the inaccessible to the operating system data cells, including redistribution areas and damaged blocks.
Thus, we have found out that SecureErase and built-in HDD/SDD cleaning commands are a reliable, proven way to delete any data, so that no hacker, no laboratory will restore them. However, fearing the unknown, people have come up with multi-pass ways to delete data.
Common standards for data deletion
All the data deletion standards discussed below are implemented programmatically, and are most suitable for deleting individual files or logical volumes, including in large disk arrays. We will put them in a table so that you can easily compare them with each other.
|
Method |
Country |
Number of passes | Definition of each pass | Checking | Actuality | Supports by software |
| DoD 5220.22-M | США | 3 |
Pass 1-fill with zeros Pass 2-filling with ones Pass 3-filling in random data |
After each pass |
No |
DBAN, CBL Data Shredder, Eraser, Freeraser |
| NCSC-TG-025 |
No |
Disk Shredder, WinUtilities Free |
||||
| AFSSI-5020 |
At the end |
Unknown |
Eraser, Hard Disk Scrubber, PrivaZer |
|||
| AR 380-19 |
Pass 1-filling in random data Pass 2-fill with one or zero as you choose Pass 3-writes the opposite character to pass 2 |
Eraser, PrivaZer, Delete Files Permanently, File Secure Free |
||||
|
NAVSO P-5239-26
|
Pass 1-fill in 1 or 0 as you choose Pass 2-fill with the opposite character (0 or 1) Pass 3-fill with random data |
Unknown | Unknown | |||
| RCMP TSSIT OPS-II |
Canada |
7 |
Pass 1-fill with zeros Pass 2-fill with ones Pass 3-fill with zeros Pass 4-fill with ones Pass 5-fill with zeros Pass 6-fill with oness Pass 7-fill with random data |
No |
DBAN, Delete Files Permanently, Eraser, |
|
| CSEC ITSG-06 | Canada | 3 |
Pass 1-fill in 1 or 0 as you choose Pass 2-fill with the opposite character (0 or 1) Pass 3-fill with random data |
Yes |
Unknown | |
| HMG IS5 |
Great Britain |
2 or 3 |
Pass 1-fill with zeros Pass 2-none or filling with units Pass 3-filling in random data |
Delete Files Permanently, Eraser, Disk Wipe |
||
| ISM 6.2.92 | Australia | 1 | Pass 1-fill with random data |
Hard Disk Scrubber, CBL Data Shredder |
||
| NZSIT 402 |
New Zealand |
|||||
| VSITR | Germany | 7 |
Pass 1-fill with zeros Pass 2-fill with ones Pass 3-fill with zeros Pass 4-fill with ones Pass 5-fill with zeros Pass 6-fill with oness Pass 7-fill with random data |
No |
Eraser, Delete Files Permanently Secure Eraser |
|
| GOST R 50739-95 | Russia | 1 or 2 |
Pass 1 - none or zero fill Pass 2-fill with random data |
No |
Eraser, Delete Files Permanently Hard Disk Scrubber, |
|
| Guttman |
|
35 |
Pass 1-35-filling in random data |
Yes |
Unknown |
Eraser, Securely File Shredder, Secure Eraser, WipeFile |
| Pfitzner |
|
33 | Pass 1-33-filling in random data |
Yes |
Unknown | Catalano Secure Delete |
It is interesting that the us Department of defense and the us Department of security refused any software methods of data cleaning, deciding that the destruction can only be physical. Currently, the forms distributed by these agencies indicate that when destroying data carriers, it is allowed to use crumb grinders with a diameter of 2 mm, demagnetizers or incineration furnaces at a temperature not lower than 1600 degrees Celsius.
Currently, more and more companies are choosing permanent encryption as an alternative to data deletion: data is always stored on the media in encrypted form, and if necessary, the encryption key is simply deleted.
Michael Degtjarev (aka LIKE OFF)
11/02.2019
