First, reformatting is usually done when the operating system is corrupted beyond repair.
Usually when your machine is bogged down a lot of malware, reformatting solves the issue faster than finding fixes for each malware.
Personally, I prefer reformatting because certain types of malware corrupts System Files beyond repair.
What reformatting does is that it destroys the partition tables and recreate them.
In Windows it would be C:\ partition.
The old data is still present but it is no longer readable by normal methods as all the references to the old data is overwritten (It is like the content page is destroyed hence the book appears as new because all indexes are gone, the old data is still present but there is no link to access them properly) but this is a "as good as new" for end users who want a new OS installation.
Disk Erasure Tools is usually used by organizations with highly sensitive information.
Tools such as DBAN or Secure Erase removes all traces of data by overwriting the whole hard disk with other data.
Differences between DBAN and Secure Erase
- DBAN writes by Sector therefore when bad sectors are redirected data erasure maybe incomplete. However Secure Erase writes by Cylinders so complete data erasure is guaranteed.
- DBAN takes a longer time compared to Secure Erase.
Why is this so?
Secure Erase is the standard included by hard disk manufacturers to clear sensitive data as a feature requested by governmental organizations.
Quoted from the Data Sanitisation Tutorial
Quoted from the Data Sanitisation Tutorial
Complete eradication of user data off drives can be accomplished by running data Secure Erasure utilities such as the freeware “HDDerase” downloadable here. It executes the Federally-approved (NIST 800-88) Secure Erase command in the ATA ANSI standard, which is implemented in all recent ATA drives greater than 15-20 GB. A similar command in the SCSI ANSI standard is optional and not yet implemented in drives tested. Normal Secure Erase takes 30-60 minutes to complete. Some ATA drives also implement the standard Enhanced Secure Erase command that takes only milliseconds to complete.
It uses a standard ATA set hard disk native instruction set to wipe the entire drive quickly.
You might have heard that 1 or 2 pass of overwriting might not be enough to clean the hard drive however this is not true as nowadays hard disk comes in high density capacity.
For a similar sized hard disk 5-10 years ago it can only contain like 30 or less GBs.
Hence when you overwrite such high capacity hard disk it is impossible to recreate the original data.
An analogy I can think of would be you have 2 trays of coloured arranged sand, one fine, one coarse.
If you imagine each particle to be data, if I substitute half with sand particles of another colour randomly, the tray with the fine sand will look more messed up then the tray with coarse particles.
Sdelete is like a DBAN inside Windows.
What it does using the -c (clean command) is it takes all the unused hard disk space and overwrites them.
You can also use it to overwrite the data region for a particular file.
Usually when you delete something in Windows it only remove the reference to the file and marks the region from occupied to unused.
When you use sdelete, it will remove the reference to the file and overwrites the region with random data before marking it from occupied to unused.
I hope you understand more about hard disk from this simple introduction.
Không có nhận xét nào:
Đăng nhận xét