Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

Dunshoppin

3 Posts

30902

September 10th, 2008 20:00

Data wiping PERC array

Hi all

 

I had a really frustrating conversation today with a chap who insists that you can't wipe data from a RAID array without doing a low level format.  I use Active Killdisk to run a single pass/write zeros method and he says this is not enough, that the controller will cache some of the writes and leave the data on the disks intact.  I know the PERC4/Di is good but just how much of a four 38GB disk set does he think can be cached?  And as I remember, the cache is flushed on system shutdown?

 

The array was RAID 0+1 so I reconfigured it as RAID 0, ran the single pass, reconfigured it as RAID 5 and reinstalled the OS.  It made more sense than initializing four disks individually - at least I could set it running and walk away.

 

He also says that even with a successful write pass, it is still possible to read the previous data.  I didn't think the drive electronics could do that - that you would have to remove the platters and analyse the disk surface with something more advanced.  He seems to think even that is a possibility.

 

The last bit was my favourite - apparently a RAID controller won't write a zero if there is one already there.  I'm not clear why a pre-existing zero would hold more information than a new one?

 

Please tell me, is there anything in any of this?  Am I just missing the point and he's saying something valid here?  Data security is a very touchy subject these days, particularly in the goverment and banking sectors, which applies in this case.

 

Many thanks in advance!

Dev Mgr

6 Operator

 • 

9.3K Posts

September 11th, 2008 13:00

The PERC may cache some, but it's only 256MB at most, so if you're writing zeros to more than 256MB's of disk space, it has to actually write the zeros to the disk(s).

Also, you can disable the write cache to eliminate that part completely.

Another possibility is a bit more involving, but helps ensure data destruction is to destroy the raid set, and then create a new one in a different raid type (e.g. if it was raid 5, now make a raid 0) and let it fully initialize. Then do the same again (go from raid 0 to multiple raid 1's or so). If you're still not comfortable, you can then make multiple single-disk raid 0's and then run your zero-ing software on each individual virtual disk.

This process would make data recovery most likely as impossible as it can get short of physically destroying the harddrives (or degaussing the drives).

Dunshoppin

3 Posts

September 11th, 2008 22:00

That's great, thanks for the input!  You've pretty much reinforced what I believed to be the case.

 

As far as you are aware, is it possible to interrogate a disk after wiping (single pass, write zeros) without moving the platters to more advanced equipment?  Are drive electronics capable of telling the difference between zeros that used to be ones and vice versa?

 

Thanks again.

 

Dev Mgr

6 Operator

 • 

9.3K Posts

September 12th, 2008 12:00

I honestly couldn't tell you.

I'm not sure they'll be able to tell you 'officially', but you can see if maybe a data recovery company can give you an answer to that question.

Was this post helpful?

View All

No Events found!

Top