11 Personal
15
Copyright© 1994-2011 Paragon Software Group. All rights reserved.
Basic Concepts
This chapter explains terms and ideas that show how the program works. To understand these helps to obtain a general
notion of the operation performance and makes it easier for the user to operate the program.
Data Sanitization
Data security is a two-sided problem. It is to be made clear, that providing confidentiality implies not only information to
be stored properly, but also be destroyed according to certain rules. The first step to protecting yourself is to know
exactly which security precautions work and which do not.
Many people believe the misconception that repartitioning a disk will result in complete destruction of its contents.
Actually that is not quite so. Repartitioning the drive only alters references to partitions in the Partition Table, leaving all
file data intact. In fact, there are a number of programs available to successfully recover previously deleted partitions.
Formatting a drive also does not guarantee data destruction. Formatting procedure implies modification of the Master
File Table (MFT) that keeps track of where file contents are stored on the disk and verification of each sector for
consistency. Even a low-level format does not actually erase the file contents for good, since they can still be
resurrected from their deleted state with minimal effort by using the popular today Magnetic Force Microscopy
technology.
The only way to make sure that all the data has been erased from a hard drive is to overwrite all on-disk sectors with
random patterns of ones and zeros. Although this sounds complex, there is an easy way to do this.
The process of deliberately, irreversibly removing or destroying the data stored on a memory device (magnetic disks,
flash memory drives, etc.) is generally known as Data Sanitization. A device that has been sanitized has no usable
residual data and even advanced forensic tools should not ever be able to recover it, thus providing maximum level of
security.
Data Security Standards
To irreversibly destroy all on-disk information there have been developed a number of disk sanitizing standards. They
are distinguished by wiping patterns and number of passes:
1. US DoD 5220.22-M. US Department of Defense recommends to overwrite all addressable locations with a
character, its complement and then a random character. Finally, the target data area is to be verified;
2. US Navy standards NAVSO P-5239-26.
NAVSO P-5239-26 for RLL encoded drives. At first to write the fixed value (0xffffffff) to the target data area,
then the fixed value (0x27ffffff), and then random values. Finally, the target data area is to be verified;
NAVSO P-5239-26 for MFM encoded drives. At first to write the fixed value (0xffffffff) to the target data
area, then the fixed value (0xbfffffff), and then random values. Finally, the target data area is to be verified;
3. British HMG Infosec Standard No.5. At first to write a single character pattern, then its complement and then a
random character. Finally, the target data area is to be verified;
4. German VSItR Standard. Overwrite the deleted information 7 times, consistently filling it with the following
patterns: 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, 0xAA. Finally, the target data area is to be verified;
5. Australian ASCI 33. Overwrite with a character (C), then verify. Overwrite with –C (the first pass character’s
inverse), then verify again. Overwrite everything with both C and –C once again but without verification. Fill
everything with random characters;