Another Hard Disk Drive (part II)

Can data be recovered from erased hard disk drives?
What do data recovery experts have to say? I asked Jim Reinert, senior director of software and services for Ontrack Data Recovery whether any of this was possible. His answer was a blunt "No."
Reinert admitted that it is possible to read traces of previously written or overwritten bits, but reconstructing any usable data from them was a horse of a different color. All that's possible, he said, is to infer that something was recorded there, but not to figure out what that something was. (I concluded that since most any spot on a hard disk drive has been written to at least once during its lifetime, that doesn't tell us anything we don't already know.)
What about the disk-seeking issue, where writes to the same track might end up being in parallel? "This was more true in older hard disk drive technology when track widths were wider and aerial densities were lower," Reinert said. "In modern disk drives, the tolerances have become much smaller, so this is becoming less of an effect."
To this end, the objections about this clandestine recovery technique seem to boil down to three things:
Nobody has ever shown they can actually do this. (This, to me, is the most important fact: No one has ever actually taken a hard disk drive, recorded data on it, overwritten the data, then attempted to recover it—let alone demonstrated that they can do this reliably.)
No reputable data recovery expert believes this is possible or advertises that they can do it. (Do you want to end up in the position of having taken money for a service you can't provide?)
If it isn't possible to do it commercially, there's a strong chance no intelligence agency can do it either.
Data recovery is possible: Special circumstances There are some circumstances where pieces of data that belong to an erased file can be recovered due to the way file systems handle data. One common example of this is the cluster tip phenomenon. A file can be written to a series of clusters on a disk, then overwritten by a slightly shorter file—one which uses the same clusters, but falls shorter of filling out to the end of the last cluster than the previous file did.
In such a case, it's possible—if you are diligent, and know where and how to look—to discover the tail end of a previous file. Not much data may be recovered from the cluster tip, but it might be enough to hint at the contents of the rest of the file. The freeware Eraser utility can clean up unallocated sectors and cluster tips as part of its erasure methodology.
So what are some of the practical ways to deal with protecting confidential data without going into total overkill? Here are a few:
Perform a single-pass random wipe of the media with an appropriate program. I'm fond of Eraser; other folks swear by Darik's Boot and Nuke (DBAN)—for no-hassle, full-disk unattended destruction. Eraser is for erasing files and disks alike; DBAN creates bootable media that performs secure erasure on whole disks. The main problem with wiping a whole disk is that it's a very slow operation. But there are workarounds, like setting up the erase process to run overnight in a locked room.
Use on-disk encryption. This solution is not always practical; setting up encryption software demands time and effort. However, an encrypted disk can be decommissioned very quickly, since without the encryption key, whatever's stored on it is indistinguishable from random data. I've had good results using the freeware TrueCrypt. Windows Vista's own BitLocker feature can also be used to encrypt the OS partition of a Windows Vista system.
Degaussing the media. Hard disk drive degaussers do exist—the company Data Devices International offers devices for erasing hard disk drives—but they're expensive and probably not aimed at companies that have relatively few hard disk drives that need erasing.
Physically destroy the media in question. This is the most cumbersome method (not to mention the most labor-intensive!), but the remnants of the destroyed media can be used as hard evidence that the data—or at least this particular copy of it—has indeed been deep-sixed.