Door AnoniemOp de website van Peter Gutmann (University of Auckland) kun je de achterliggende gedachten over zijn methoden vinden. Hierin staat beschreven waarom de 35 specifieke phases nodig zijn om gegevens op een magnetisch en statisch medium volledig te wissen. Ook is er te lezen hoeveel magnetische kracht er nodig is om hetzelfde te bereiken (bij een magnetisch medium).
[url=http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.htm]http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.htm[/url]l
Mensen blijven dit maar roepen zonder het zelf eens goed te lezen, en dan met name de Epilogue in dat artikel van Peter Gutmann:
In the time since this paper was published, some people have treated the 35-pass overwrite technique described in it more as a kind of voodoo incantation to banish evil spirits than the result of a technical analysis of drive encoding techniques. As a result, they advocate applying the voodoo to PRML and EPRML drives even though it will have no more effect than a simple scrubbing with random data. In fact performing the full 35-pass overwrite is pointless for any drive since it targets a blend of scenarios involving all types of (normally-used) encoding technology, which covers everything back to 30+-year-old MFM methods (if you don't understand that statement, re-read the paper). If you're using a drive which uses encoding technology X, you only need to perform the passes specific to X, and you never need to perform all 35 passes. For any modern PRML/EPRML drive, a few passes of random scrubbing is the best you can do. As the paper says, "A good scrubbing with random data will do about as well as can be expected". This was true in 1996, and is still true now.
Looking at this from the other point of view, with the ever-increasing data density on disk platters and a corresponding reduction in feature size and use of exotic techniques to record data on the medium, it's unlikely that anything can be recovered from any recent drive except perhaps a single level via basic error-cancelling techniques. In particular the drives in use at the time that this paper was originally written have mostly fallen out of use, so the methods that applied specifically to the older, lower-density technology don't apply any more. Conversely, with modern high-density drives, even if you've got 10KB of sensitive data on a drive and can't erase it with 100% certainty, the chances of an adversary being able to find the erased traces of that 10KB in 80GB of other erased traces are close to zero.
Another point that a number of readers seem to have missed is that this paper doesn't present a data-recovery solution but a data-deletion solution. In other words it points out in its problem statement that there is a potential risk, and then the body of the paper explores the means of mitigating that risk.
Overigens staat daaronder een "Further epilogue" dat met [url=http://www.security.nl/artikel/26256/1/E%C3%A9n_keer_wipen_voldoende_voor_vernietigen_data.html]dit artikel[/url] te maken heeft.