Jump to content
Sign in to follow this  

Secure erasing is probably not on all devices secure

Recommended Posts

Years ago (and retested with the current version of CDBurnerXP) I noticed that using the secure erase option on specific burner/media combinations makes the data track on the disc only a tiny bit more transparent (the last sample is an unformatted DVD-RW). Since the data track is still very good visible I'm wondering if and how reliable data could be recovered especially with better equipment from advanced forensic institutions.


On talking about this with another developer of burning software he told me he uses for his application the BLANK command (code A1h) to blank the disc. But he also told me he doesn't know exactly what the drive writes in this mode. I guess CDBurnerXP uses the same command. If so, it is probably not secure for some reasons:


- On trying to find some (vendor-specific) documentations the command seems to be described with varying detail. From what I have found some actions performed are described sometimes as optional or some media types can refuse to blank on media which the device thinks is already blank.

- To the user blanking reflects a potential undefined behavior while requesting actual data to securely overwrite the disc reflects a defined behavior. To make it clear what this means: Data burning casually on a disc proofs to any user that this action works as expected as the user sees that the data could be written succesfully (besides being a probably more used and well-tested command as blanking) while it is hard to actually verify for a user that full blanking worked successfully leaving more room for drive-specific errorneous/unsecure implementations.



If those concerns are more or less true it might make sense to improve the secure erase option to make it more secure. Alternatively options could be provided to choose between different variants like:

- Relying on the drives implementation of blanking

- Zeroing the disc by explicitly requesting the data to be written from the start to the end

- Randomizing the disc by explicitly requesting the randomly generated data to be written from the start to the end

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  


Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.