As a part of learning system programming, I am looking to implement a file shredder. The simplest way (and probably seen as naive) would be to replace the data bytes with zeroes (I know OS splits the files and I'll replace bytes in all those chunks). But when I google on this topic, I am surprised to find multiple pass algorithms, some going as high as 35!
Could someone elucidate the benefit of multiple pass please? I couldn't find any explanation.
Thanks
Imagine a physical disk storing the binary value 0101. Physically, on the disk, the charges exist as real values, which are rounded up or down by the disk controller
binary -> physical charge
0 1 0 1 -> 0.1 0.9 0.1 0.9
If you were to overwrite the data with zeros, some residual charge would remain from the previous values, so you could in this simple example, the new values being
binary -> physical
0 0 0 0 -> 0.01 0.09 0.01 0.09
Equipment that is sensitive enough to read these charges at high resolution, can then be used to extract this "shadow" of the overwritten data. That's why rewriting multiple times (and using random values) helps obscure the data.
The multipass erase is necessary to destroy data on magnetic storage devices. Data can be recovered with the right equipment even if it was overwritten by another sequence of 1s and 0s from the layers below or in between.
However, there are voices on the internet which claim that multipass erasure is no longer necessary, as the areal density of data on modern harddrives has increased 10 000 fold.
It is said that experts with special equipment can reconstruct a formatted drive. Therefore the advise is to overwrite the data on the drive multiple times with differing (random) patterns.
The overwriting of data with 0s in multiple passes only makes sense for magnetic storage devices, because of what @pufferfish said. For SSD and other flash storage mechanisms this fails, see http://www.usenix.org/events/fast11/tech/full_papers/Wei.pdf
Moral of the story: Dealing with hardware problem in software may change when hardware technology changes, although the API will not change.
