Is DOD or Gutmann HDD wiping excessive?
Is single pass zero write to a drive good enough? Do you have a good reference to cite to support that?
I work for company that doesn't have any secrets that would be wanted by a well funded organization that could pay for super exotic data recovery. My boss is writing a policy to scrubbing drives and he thinks we need to use the DOD standard, I think it is excessive and will waste time.
I am somewhat of a hard drive recovery expert myself, and I have never seen a method to recover data from a file that has been overwritten. I know there are way to recover data from remapped sectors, which is usually minimal data anyways. A 35 pass wipe wouldn't give you a advantage over 1 wipe in that case.
I think there is zero advantage to multiple wipe over single wipe. According to Peter Gutmann is theoretically possible to recover data after rewrite by using a Magnetic Force Scanning Tunneling Microscope. I couldn't imagine it taking less then weeks and cost 100's thousands of dollars with that method. I can't find any data recovery service that can claim to recover overwritten sectors. Maybe the NSA or CIA does it on super important stuff, but no one is talking about it.
I found this reference http://www.nber.org/sys-admin/overwritten-data-gutmann.html
Anybody else find any references confirming or rejecting this idea?
one pass enough for hard drive wipe, one pass zeros good