where nearly all the available spare tracks are used? Just what percentage of the disk capacity is that, representing bad tracks which may contain recoverable data not wiped by DBAN?
...snip...I don't understand your problem then I suppose or you do not understand my answer. I know it's not what you asked but I tried to explain why knowing amount of spare sectors is useless knowledge in relation to the problem at hand. Only useful info is whether sectors were actually reallocated or not.
- unless of course Spinrite has determined that the spared sector is ok after all and un-spared it!SPARE SECTOR POOL: excess sectors set reserved to replace bad sectors, these are OUTSIDE user addressable LBA and can therefor not be accessed by DBAN. This is NOT a problem as these sectors are EMPTY.
Thank you again, but forgive me - you still haven't understood what I'm getting at. I'm not looking at a specific hard disk but the general case in order to enable me to write a reasoned policy and procedures document. Note that DBAN is not acceptable in UK Government use bcause it only cleans LBA-addressable sectors.
You have to use Blancco or some other accredited utility, which also wipes spare sectors and ex-LBA sectors that have gone bad and been spared out (grown defects).
It's also why Steve has Beyond Recall as a slated future project - his knowledge of the ATA command set would allow him to do a much more thorough job than DBAN.
Donor: I've got this laptop I'd give you but I'm worried about my personal data.
Me: Don't worry, we'll wipe it with DBAN. But I have to tell you there is a very small risk of residual data remaining.
Donor: <Sharp intake of breath> Hmmm... Can you quantify it? I'm a bit paranoid and need to know just what the risk is before I agree to let you touch it.
Me: Well, if a sector mis-reads, even if it's only a transitory problem due to static, the disk may mark the sector (containing your data) as bad and reallocate it. Forensic programs might still be able to read it.
Donor: Err, well, we get quite a lot of static. My disk is fairly full but I reckon just a proportion n of my data might be sensitive. So if the spare sectors are a proportion m of the advertised size of the disk, in the worst case where it's used nearly all its spare sectors, the chance is no greater than n * m that some of my sensitive data might survive. I reckon a one in a million chance might be within my risk appetite. So what exactly is the the value of "m"?
Yes good to erase all data, but in most cases the scraps are almost unusable, I would worry more about scraps of data left in slack space, as most OS versions use a buffer to store data before it is written to dick, and the buffer is often not erased fully after completing a write, so every partial cluster write does write out, completely by default, the full uncleared data that was there before, and this is faithfully copied to disk as well. You final bits of log files and such, that windows and all OS are so determined to keep, always contain a chunk of data that was currently written before, and these scraps are often going to be around for a while in the tail of the log files.
You are not going to recover much from the tiny snippet, especially as you will have no context as to file type, and where it was in the original file. Might be enough to prove that a certain file was there, but the overall chance of it being useful is vanishingly small.
Having heard every SN episode since #1, I'm sure Steve has said that if a track is automatically spared out by a drive as a result of a transitory error,
Spinrite level 4 can test the orginal track, and if it looks good after all, can (or can tell the drive) to "unspare" the track. In that case you would have a non-LBA sector potentially containg user data.
Level 4 saves the content of a track before hammering it. Since every LBA sector potentially contains user data it can only save it to a non-LBA track - it has nowhere else. If you pull the plug while it's doing so, your data won't be lost because the drive has remapped that sector to the spare sector where Spirite (or the drive at Spinrite's prompting) put it.
Blancco and other government accredited tools can similarly access and wipe non-LBA sectors, presumably in the same way as Spinrite accesses them (and BeyondRecall will),
whereas DBAN runs under a Linux kernel and accesses a disk through the Linux drivers, which only give you access to LBA tracks.
As a retired government-accredited security consultant it was my job to be paranoid so I could tell my clients when they didn't need to be. Or more often when they needed to be a good deal more paranoid than they usually were! In those circles, we were looking for proveably secure solutions.
You had to assume that any bit of magnetic coating that could possibly store data potentially would. That's why Blancco is accredited by DBAN isn't.
Obviously (and you don't need to tell me), that's a million miles from the situation with our charity, but habits die hard. For my own satisfaction and integrity I still want to know how many spare tracks there typically are which might, however remotely, contain user data.
(And I still want to know whether there's intelligent life amongst the stars.
What practical use would the answer be to me? Absolutely zero.)
You'd never have thought Heartbleed or Spectre/Meltdown could possibly leak private keys, but they can. Everything that can possibly happen, will, given long enough.
This thread has becom nugatory. You seem to have no interest in understanding my point of view
but only in berating my intelligence.
One tiny point before I un-watch it: the same national intelligence agency that says it trusts Blancco but not DBAN also says that ATA Secure Erase is not reliably implemented on all drives and hence no better (possibly worse?) than DBAN.
And I've never mentioned bad clusters and I'm perfectly well that they are at a totally different level of data abstration.
This is not possible to guarantee. Modern drives have caches, and they won't listen to Steve or anyone else telling them how to disposition their data. If you allowed the caches to be fully disabled, then the drive would be so slow you'd never want to use SpinRite on it.so that even if you pull the plug on Level 4 at any time, Steve guarantees you'll not loose any data.