Site Overlay

The Great Zero Challenge

The Great Zero Challenge: A challenge to confirm whether or not a professional data recovery firm or any individual(s) or organization(s) can recover data from a hard drive that has been overwritten with zeros once. All they used is the Unix dd command using /dev/zero as input to overwrite the drive.

They are doing this because many people believe that in order to permanently delete data from a modern hard drive that multiple overwrites with random data, mechanical grinding, degaussing and incinerating must be used and even physically destroy them just to be extra safe.

As far as challenges go, this is one that many will pass, because no data recovery firm claims to be able to do zero recovery other than those with access to electron microscopy tools.

Many professional recovery firms for most part use tools that scan through the partition and file table area and perhaps even the entire disk to locate data that has either been marked erased or had references removed (for a full disk scan) and then restoring it. Perhaps they’ll also move the spindle from a dead drive into a new case to complete the operation, but I doubt there are many companies that will actually do electron force microscopy for you and even fewer that will do it at anything other than an astronomical fee.

My opinion is that the recovery business is a focus around confidence that a professional will be doing the recovery and that you or your employees won’t worsen the situation. In the event that a drive with critical data fails and you don’t have a backup, who wants to be the person responsible for damaging the disk during recovery?

Anyway, this whole debate should be moot by now. If you want to secure your drive use full disk encryption (now freely available in TrueCrypt) and when it comes to destroying the data just overwrite the header area a thousand times with random garbage. It will take only a second or two, and the whole drive will be useless to anyone. Oh, while you are at it, why not use the dd command these guys used.

Of course it would also be nice if more manufacturers were producing encrypted disks as standard with verified schemes so that we wouldn’t have to do encryption in software.

The Great Zero Challenge: http://16systems.com/zero/index.html

Similar Posts:

Published By:

Author: Ajit Gaddam

Ajit Gaddam is an accomplished technology executive and is currently the Head of Security Engineering at Visa, where he is responsible for building large scale AI driven cybersecurity products, leading engineering programs, and providing expert guidance on cybersecurity matters. He has presented at conferences worldwide, including USENIX Enigma, RSA, Black Hat, Strata Data Hadoop, COSO Dublin, and GCS Ukraine. Ajit has been quoted by major media organizations and his work has been showcased in academic journals, security publications, and in two published books. He is an active participant in various open source and standards bodies, is a prolific inventor of disruptive technologies (over 100+ global patents), and moonlights as an instructor (SANS, community colleges).

3 thoughts on “The Great Zero Challenge

  1. Yes. Thank you for this news. I am tired of seeing “file destroyer” software that claims to overwrite your files a thousand times.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll Up