2

According to this article, you can securely erase a disk by following these steps:

  1. Perform full drive encryption with BitLocker
  2. Format the drive
  3. Encrypt the drive again.

Further:

The second encryption ensures your first encryption key - which is usually kept on the drive - is overwritten. A zealous decrypter could recover the key and decrypt your data. But with the second encryption they can only recover the second key, and, since the older data is also encrypted, they still can't read it.

I wish to hear second opinion before I rely completely on this method. I have spare SSDs I can sell on the second-hand market. Would you sell a drive that was encrypted two times to someone you don’t know?

Jam
  • 133
  • 5
  • Many good questions generate some degree of opinion based on expert experience, but answers to this question will tend to be almost entirely based on opinions, rather than facts, references, or specific expertise. – Ramhound Jan 31 '20 at 22:12
  • 1
    One overwrite pass (entire spinning disk) with zeros will make Any data on the hard drive unrecoverable. More is a waste of time. SSD's are a bit different>>>https://superuser.com/questions/22238/how-to-securely-delete-files-stored-on-a-ssd?rq=1 – Moab Jan 31 '20 at 22:24
  • [This](https://www.howtogeek.com/115573/htg-explains-why-you-only-have-to-wipe-a-disk-once-to-erase-it/) supports the @Moab comment. It also talks about Peter Gutmann's original paper that started all of this nonsense in the first place. – Señor CMasMas Jan 31 '20 at 22:32
  • In my question I specifically mention encryption. Would you sell a drive that was encrypted twice to people you don’t know? – Jam Jan 31 '20 at 22:42
  • There was a million dollar challenge years ago, you get a million bucks USD if you could recover an overwritten text file from a one pass erased hard drive, they even gave the name and contents of the file, also the location on the disk, no one even tried because they know it cannot be done. It was unchallenged for a year before it was withdrawn. – Moab Jan 31 '20 at 22:44
  • 1
    A lot of modern SSDs already use encryption internally. In that case you can simply execute the "Secure Erase" function via the manufacturers utility and the SSD throws away the encryption key. That is very fast and provides even more security than overwriting it (because you can never overwrite every flash cell of an SSD). – Robert Feb 01 '20 at 11:54

0 Answers0