Despite marketing claims to the contrary, the only sure way to eliminate data from a hard disk is to destroy the disk.
Claims by British company Evidence Eliminator that its software is effective against forensic examination have been greeted sceptically.
Matthew Dalton, IT manager at law firm Phillips Fox, says he can’t see how it could be done.
“There’s residual magnetism on a disk and it’s physically there — software can only go back to what’s been written to the disk. I’d be very dubious about anything short of de-gaussing the hard drive.” De-gaussing is the practice of applying a strong magnet to the drive.
Evidence Eliminator cites a study by British data recovery specialist Vogon in which Vogon tested a variety of data deletion methods ranging from software to use of a hammer and electric sander. Evidence Eliminator says the test endorsed its software as effective against forensic searches of hard drives.
But Vogon boss Gordon Stevenson says “there is fact, fiction and marketing, and [Evidence Eliminator’s statement] is somewhere between the latter two”.
Stevenson says Vogon’s test showed a cheap sander was more effective than $100 software.
“Anyone who believes they have written software to eliminate 100% of the evidence from a hard disk is technically naive .”
Auckland data recovery company Computer Forensics says Vogon is right to say there’s no way data can be eliminated by software.
“But you have to look at it from a practical point of view,” says managing director Brian Eardley-Wilmot. “There are conventional, software-based data wiping techniques and then there are the exotic ones.
“Using software tools and operating within the normal ambit of the PC, you can have a file on disk and its components can be totally overwritten. For normal conventional purposes, it can’t be recovered.
“But there are exotic ways of recovering data which are very expensive and quite time-consuming, which involve peeling back the layers of overwrites and include sophisticated magneto-resistive techniques.”
Eardley-Wilmot says the process is expensive and he knows of no commercial organisations in New Zealand that use it.
Dalton says Phillips Fox doesn’t use software to wipe data from hardware it disposes of.
“We make sure they go where people are unlikely to try to recover anything.”