Shhhh...A data scrubber they don't want you to know about

TOTAL ERASURE: Secure Erase, available on most ATA-based hard drives, can wipe a disk clean in a few hours.

Thoroughly removing data from a hard drive doesn't always require an expensive degausser. There are techniques for permanent erasure that involve only software, if you're willing to do a little preparation.

One approach uses a little-known set of commands embedded on most new Advanced Technology Attachment-based hard drives, called Secure Erase. Once set in motion, Secure Erase irretrievably erases data on a hard drive. In the National Institute of Standards and Technology's Publication 800-88, Secure Erase is listed as one of the acceptable methods for sanitizing disk data.

Secure Erase could work too well, in fact. Although approved by the American National Standards Institute, Secure Erase was shunned by Microsoft and other operating system vendors. Perhaps the company feared that, no matter how difficult its developers made the Secure Erase commands to find and execute from within the operating system ' some users would still invariably erase all their data by accident. As a result, Secure Erase cannot be evoked from Microsoft Windows. Most motherboard BIOSes block use of the commands.

If you really want to use this feature, however, the Center for Magnetic Recording Research offers a free DOS-based utility, called Disk Drive Secure Erase, available at, that can call the Secure Erase commands. You download the program and copy it on a bootable DOS disk. Then run the program from the command line, assuming you can tweak your BIOS to run the program, or find another board that does not block Sure Erase commands. It scans your drives and gives you options to erase those you want. For those you pick, Secure Erase overwrites all data with zeros.

The advantage of Secure Erase is that it can wipe a disk clean in a matter of hours, much less time than the multiple passes required by a Defense Department 5220-style block erase.

Plus, Secure Erase has some strengths over block erase as well, according to the tutorial that comes with the software, written by University of California at San Diego researcher Gordon Hughes and hardware analyst Tom Coughlin. For instance, the block erase will only go to the maximum address on the disk. If that address is not set to the native capacity of the disk, the additional blocks will not be touched. Blocks written in error and extra partitions will also be missed. 'Secure Erase is built into the hard disk drive itself and thus is far less susceptible to malicious software attack than external software utilities,' the tutorial states.

About the Author

Joab Jackson is the senior technology editor for Government Computer News.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.