I am required to hand over a USB thumb drive and want to make sure that it's highly improbable any data can be recovered.
So far I've used the built-in MacOS disk utility and erased the drive several times, twice with the highest security option (7 passes). Since I don't know what exactly the tool does (and does not) and I now have access to a Linux rig and ran additional passes:
- I zeroed the drive (dd /dev/zero)
- I scrubbed the drive
- In a last step I was planning to dm-crypt the drive, create an encrypted container, fill it with zeros, and leave it at that. According to Wei et. al (PDF) encrypted data is unrecoverable (obviously) so remaining artifacts are of no use to anybody. Unfortunately the device was not encrypted beforehand and that's why I use the dm-crypt container.
This is probably way too much but I really need to make sure the data is unrecoverable by industry-level means (companies with access to appropriate software, maybe hardware). My threat model does not include state-level or law enforcement techniques - or in other words nobody is actively searching for previous data on that drive. It's going to be used by an unknown amount of people with different backgrounds and access to equipment.
My questions here are:
- Do you have any experience with this? What's a reasonable and reliable method to use? Do you have data to back it up?
- Do you know of any tools I can use to verify the results?
And yes, the device should've been encrypted in the first place, but, you know - should've would've could've.