Is corrupting the ciphertext corruption a good erasure?

Question

Normally when you wipe a drive there are still ghost remains of the data even after overwriting the disk multiple times. So I was wondering if you could encrypt the drive and then overwrite the encrypted data, would it be possible to recover any data from the corrupted ciphertext or would the data be completely impossible to recover?

Answer 1

Normally when you wipe a drive there are still ghost remains of the data even after overwriting the disk multiple times.

I'll save you some work. This isn't true, and hasn't ever been true as far as anyone can tell.

The technique often referred to here is called Magnetic Force Microscopy (MFM) and was referenced in an old DoD standard for disk erasure. Despite attempts to replicate the concept, nobody has ever been able to recover data from a magnetic disk erased with even one pass of random data, and nobody has ever been able to recover data from a magnetic disk erased with one pass of zeroes outside of lab conditions on very old low density disks (5GB in size or less). It is estimated that those processes could only be performed at a rate of megabytes per month on disks erased with a zero wipe pass, and without complete confidence in the resulting data (bits could be wrong!).

Modern disks have such a high density that overwriting with random data destroys any chance of reading any "latent" magnetic data, even with sophisticated specialised equipment. The physics just doesn't work that way. The signal to noise ratio between the newly written data and whatever "latent" magnetic trace is so vast that there's no way to recover a "previous" bit's value with a confidence better than 50-50.

MFM and similar myths are often touted by disk erasure software companies who want to scare you into thinking you need their product. You can particularly ignore anyone that references the Gutmann method, which was designed for types of magnetic disks from the 80s and 90s.

Current DoD guidelines for disposal of magnetic media state that a single random data pass is sufficient up to SECRET, and physical destruction is advised for TOP SECRET. The latter is most likely a risk assessment that it is probably cheaper to destroy the disks completely rather than risk the potential of getting something wrong during the wiping process. Anything in excess of a single random wipe pass is pure superstition. All you're doing is wearing out your disk.

For SSDs, you'll want to use ATA Secure Erase. The implementation of this is vendor specific so you'll want to find the tool from your SSD manufacturer that lets you do it. There are some generic ones that try to cover off most SSDs too. The way it works is that all modern SSDs (barring some very early ones) generate a random encryption key during first initialisation, and then transparently encrypt all data on the SSD after this. This includes data written to otherwise inaccessible sectors provisioned for wear-levelling and other SSD operations. As SSDs have limited write cycles, it isn't very efficient to overwrite every sector with random data or zeroes. Instead, ATA Secure Erase simply resets the encryption key on the disk to a new random value, thus rendering all previous data on the disk unreadable. This negates the need for a costly wipe process, with the added bonus of being very fast.

Answer 2

If you are running linux, tools such as Shred, wipe can make data unrecoverable. You can actually overwrite it a couple of times. You can also use dban for any disk to wipe it completely.