This is kind of tied to my previous posting, and I have a lot more research to do, but here is some information to start with.
1. I have yet to find a program that actually WIPES anything from your handset. ClockworkMod Recovery doesn't seem to from the user interface. A format is NOT the same as a wipe, and while it makes your data difficult to recover, IT IS NOT GONE. Might be important to some of you. A format only "frames" the partition as new ignoring what the current bits are, but it leaves them in place. This explains why we are told to "wipe 3x", cuz we aren't wiping anything and 3 formats may be good enough to move on cleanly (but your data is still there).
2. I would love to see someone implement dd commands into the automated "wipe" since then it would actually wipe the data. DD is available at an adb shell and I have used it to extract a forensic image of any of the mtdblocks I want. DD would also mean that we would only ever have to wipe once.
3. Wiping Cache and Dalvik cache is a great idea for cleaning up your handset when you do not want to reload a ROM from scratch. It is completely unnecessary as a part of our current ROM replacement process (clockwork, etc). Dalvik is just a folder on /data, so it should be automatically "wiped" anytime /data is. /cache is also hit as a part of wipe data so it is redundant to keep doing it. However... keeping in mind that we seem to never be wiping anything, how many formats does it take to clean up our partitions enough to make em usable... maybe this is where the magic 3x comes from. Formatting is fine I guess, but your data is still there... and it is NOT wiped, so we shouldn't use that term. It will mislead the newbs into thinking they are protecting themselves... and they are not.
If this data can be proven wrong I will be HAPPY to retract, but this is what I can see from the commands that are visible and the amount of time it take (decreasingly) to wipe the data.
If clockworkmod already uses dd to perform the wipe/format, then we can safely do away with this 3x nonsense. NIST has reported numerous times that a single dd wipe is good enough for forensic destruction of data.
Again, sorry if this upsets anyone... my only goal here is to make sure we know exactly what we are doing, and we do the best that we can. From what I can see that is not the case yet. Koush you are the man and your programs rock, I am just trying to get to the forensic truth of the matter.