Well, having a background in IT security let me fill in some of the gaps. This is kind of from a different angle than the original article though; more about making sure data is actually deleted rather than trying to make sure it’s recoverable.
The fundamental principal that makes recovery of data from magnetic media so possible is that it’s imperfect. The fact is modern hard drives are so dense manufactures are literally dealing with quantum randomness. This means just because a head writes over a track doesn’t mean it writes over every single molecule in that track.
Now, to be practical, writing over data once is enough to foil almost anyone. Past that you need time, skill, money, and an electron microscope. Even then you’re digging only for fragments of data at a very slow pace (100s of MB/h). Unless you piss NSA off you’re good with a single-pass wipe. The best practice today for government/military use is an eight-pass wipe, which pretty much beats even the electron microscope. Some people advocate as much as 35-pass wipes; but this is just overkill given modern recovery technology.
As far as SSDs, we won’t really know for a few years until the forensics field matures more. Until you get someone like FBI/NSA interested, who can take equipment like an electronic microscope and huge budgets and analyze them, we won’t know to what extent, if any, data may be recovered after being overwritten. In the past few years we’ve had minor breaks in data recovery from traditional RAM, but this is hit and miss even under the best circumstances such as having physical access immediately after shutting down and having something on hand to immediately cool the RAM down. Of course, NAND is by design more permanent, and MLC and SLC have fundamental differences, so once again, we just don’t know yet.
Either way, for forensics purposes recovering overwritten data doesn’t come into play much. Most people leave traces everywhere on their system. “Deleted” files, page and hibernation files, web browser history and cache, Windows thumbnails, System Restore, and Shadow Files are just a few of the places ripe for finding information users thought was long gone. I prefer EnCase for these purposes, as it’s extraordinary thorough in finding traces of long lost data.
One more note here deals with “secure wipe” tools. The fact is they don’t work, at least not on modern equipment. Journaling file systems don’t necessarily map directly to the hard drive. That is, because the file system points to sector 1 doesn’t mean that’s where the data is. The file system is duplicating bits for redundancy, moving things around for performance, and lots of other small tasks to keep things running. On top of this, modern hard drives also obfuscate the physical layer to some extent, quietly moving data around to bypass bad sectors for example. This all means that no software tool can know exactly where a file is on the physical drive, or where previous traces of it are. The only sure way to securely wipe data is either encrypt your entire drive or fill the entire drive with data, thus wiping all deleted files out. The Windows cipher command works well for this.