[mark-r]

Is it really necessary to overwrite the data multiple times to erase it? With the densities provided by today's hard drives, the techniques you used to be able to use to get partially erased data are routinely used by the disk drive itself for normal reads.

[FooHentai]

What's your threat model? Data must not be recoverable for at least the next X years, or data must not be recoverable within any future time frame, no exceptions?

For the former, you're absolutely right. For the latter, multiple-pass overwrite provides greater assurance than single pass. Following that up with physical destruction of the platters provides further assurance.

[KozmoNau7]

Why even bother with overwriting the data if you're just going to physically destroy the platters and/or heat them beyond their curie point anyway?

[FooHentai]

Timeliness, usually. Destruction is usually a batch job so if you care about risk of data exposure in the time lag between being able to wipe the drive (usually an online, relatively low-hassle activity) and destroying the drive, wiping is worthwhile.

Again, thread modelling is crucial. There may be no point wiping!

[abrookewood]

It's totally not required to wipe it/over write it more than once. I wish I could find the reference, but someone made a fairly comprehensive attempt to read data that had been over written once and they couldn't detect anything.

[crx087]

Not true, at least not under many conditions.

The required equipment makes magnetic data unlikely to be recoverable except in exclusive cases where certain government agencies with sophisticated labs get involved, but in short, storage leaves lasting (trace) physical changes behind.

SSDs and operating systems without proper Secure Erase support can very easily leave behind complete data.

[rasz]

SSDs are the least likely type of drive to leave anything behind due to Background Wear Leveling. https://articles.forensicfocus.com/2012/10/23/why-ssd-drives...