Last week we talked about securely destroying paper-based information. This week, we’ll touch on the electronic.
As we’ve said often before, electronic files don’t really go away when you hit the delete button. In many instances, they can be recovered, often with frightening ease. In a study conducted last year by Kessler Int’l, 40% of the hard-drives purchased on eBay contained sensitive or private information from corporate financial data to the web-browsing history and personal pictures. And while a small proportion required forensic analysis to recover, most was easily visible to any casual user.
Here’s what happens when you “delete” a file in Windows.
- Since Windows 95, deletion merely moves the file into the Recycle Bin. The file is not deleted and can be recovered by simply opening the Recycle Bin, finding the file and clicking Restore.
- When you empty your Recycle Bin, the file is still not deleted. Windows merely erases the tiny pointer that told the computer where on the hard drive the file is located. That makes the file invisible to the operating system but it’s still on the disk. It will eventually get overwritten if/when the computer needs to reuse that space but it’s completely random when or even if that overwrite will happen. There are any number of utilities which can search and recover files in this state including many that can recover partial files.
Okay, it’s actually a little bit more complicated than that since, for example, files on your flash drive go straight to step 2 and the Recycle Bin will automatically age files off based on size but the general principle remains – files aren’t really gone just because you hit the delete button.
So how do you make files really go away when you’re done with them?
- If you are done with the computer, the simplest and most secure way to be sure that your data is safe is to pull the drive, take it into the parking lot and hit it several times with a big hammer. It’s easy, it’s perfectly secure and (guilty pleasure alert) it’s kind of fun. The downside is that you won’t get as much when you donate or resell the shell afterward.
- To wipe all your data without physically destroying the drive, you can reformat the disk. The easiest way is to click the Windows Start button, then select Run. When the box opens, type “cmd” to open a DOS command prompt. In this new box, type “format c:\” and hit Enter. Note: This will not only kill the data but will also wipe the operating system and all your programs. (It’s also a good way to kill really persistent viruses.) Be sure you’re running a full reformat, not merely the “Quick Format”. Quick Format merely rebuilds the file index mentioned in 2 above.
- If you’re feeling truly paranoid, you can download any number of eraser or “disk sanitizer” programs that perform DoD grade wipes and overwrites. These will not only delete the data but will overwrite it multiple times, either with all 1s, all 0s, random data or some combination. Good programs are available on the internet for free.
A few years ago, these were important because a really good forensic expert with an electron microscope could look for small inconsistencies in the drive and recover even overwritten data. Nowadays, that’s not an issue. The tolerances for harddrive heads have become so tight that there are no inconsistencies to exploit. According to recent research, even a single overwrite is sufficient now. - CDs, DVDs and older floppies can be run through the disk-slot of a home shredder. (Shredders with that slot are a little heavier-duty and can handle the resistance. If you don’t have one, look for that feature when it’s time to replace the shredder.)
If you only want to eliminate some files without wiping the entire drive, you’ll need specialized software. I downloaded a program called Eraser but I have to admit that other than a few tests I haven’t used it. I figure that whole-disk encryption is good enough to protect my information until it’s time to get rid of the computer – and then I want to get out the sledgehammer and have some fun.
Leave a Reply