coaxial
I actually had a conversation about data wiping with a known expert in data security forensics. This is what told me about wipe(1) and all the other "write over the data lots of times" advice:
The origin of that advice was back in the 1980s, and it was based on actual research using disks that were commercially available at the time. After overwriting the data on the disk, successive reads of those blocks would result in reads that weren't always the data that was overwritten. For example, if you originally had one hundred 1s, and you over wrote them with one hundred 0s, when you read that data back, you'd occasional get some 1s in it. Read it a second time, and you would get 1s back in different places. This meant that if you read over written blocks enough times you could use statistics to figure out what was originally there.
So why did this work? Magnetic disks store the bits on them by setting magnetic domains from north to south and vis versa. (Say north=1 and south=0.) However, the servo motors of the time that positioned read-write head on the disk weren't very accurate. To accommodate the low tolerances of the motors, and due to semiconductor technology at the time, the area of each disk that was needed to contain a bit was fairly large. This meant that the physical bit on the disk was actually larger than the read-write head. When the head was moved back and forth across the disk, it would land in different places relative to the center of the physical bit. Reposition the head enough times, and you could figure out what parts of each physical bit weren't over written. (It's the same idea as figuring out what words are written after they're scratched out once with an ink pen.) To avoid defeat this attack, it was recommended that all data be over written seven times. Each time you would be writing data to a slightly different place on the physical bits, and so you'd eventually cover enough of the physical bit that it was impossible to piece together the original data. (Just like scratching out a word seven or eight times makes it unreadable.)
Now enters uninformed speculation. Since technology has gotten better for us, it is reasonable to think that attackers have better technology too. Therefore, if seven times was good, then 24 times must be better!
But is it? Actually no. Technology has improved. Servo motors have gotten more accurate. Magnetic domains have shrunk. Today's magnetic disks are at such a density that the read-write heads and the size of physical bits are the same. This means, that if you overwrite your data once, it's gone. Completely gone. There's no evidence that repeated reads like what was done in the 1980s can recover it. If you overwrite it more than once, you're just wasting your time.
Also, this overwrite your data for protection only works for magnetic disks. Flash drives use a completely different technology, that actually makes true overwrites difficult.
http://www.boingboing.net/2011/01/14/paranoia-and-deletio.html#comments
