Skip to comments.Deleted but Not Gone (Must read, unless you have a computer science degree, IMHO)
Posted on 11/03/2005 4:43:16 PM PST by neverdem
Maintaining privacy in the era of digital information requires work on a number of fronts, whether fending off spyware, protecting important files with encryption or configuring a Wi-Fi hot spot to keep interlopers off a wireless network.
One basic privacy measure, however, is easily overlooked: proper data destruction.
Deleting confidential data completely is essential when donating or selling old computers, and it can also help maintain privacy on computers that may end up lost or stolen. And for businesses looking for ways to comply with the security requirements of laws like the Sarbanes-Oxley Act, a sound policy on data control and destruction is crucial.
When normal deletion methods like the Recycle Bin or the delete command are used, the computer's operating system, for the sake of speed, creates an illusion that data has been deleted. In fact, it merely earmarks that region of a disk or drive as being available for new data to overwrite the old data. Until that overwriting occurs, the old data can be retrieved with undelete programs and tools used by data recovery labs and law enforcement agencies.
There are, however, several options for securely eliminating data from hard disks, U.S.B. flash drives and other storage media. These programs overwrite data with meaningless characters to render it unrecoverable with today's data recovery techniques. Some of the programs can overwrite entire drives...
For example, Darik's Boot and Nuke, known also as DBAN, is a free open-source program available at dban.sourceforge.net. It runs on Windows computers and offers six methods to overwrite data, including a Defense Department standard (DoD 5220.22-M) that can overwrite the disk three times, as well as a method called PRNG Stream Wipe, which can make a user-defined number of disk overwrites using randomly generated characters.
(Excerpt) Read more at nytimes.com ...
Or you can just format the hard drive 7 times and save yourself the money.
PGP or cyberscrub.
Why seven times? Wouldn't one time do the trick?
Darik's Boot and Nuke ("DBAN") is FREE. Who's paying?
In criminal cases I've read of defendants purchasing several commercial data scrubbers and still the cops were able to retrieve everything. I wonder if the products mentioned really work.
Back in the olden days of Norton 5.0, they had the "WASH" utility built in that would write all "0"s the all "1"s then random 0 & 1
Norton 6.0 (I still have the floppies!) still had it also but no longer ---- law enforcement, IMHO, was the reason for4 removing that basic security option.
Remember X-Tree Gold ?
Yes, I do, but I don't appreciate you bringing it up. [wink]
A thorough dunking in the river or lake should work well, providing you don't remove it after the dunking.
Apparently even after you format a drive there is a ghost of an image of old data that gets left on it - it's still stored (if in degraded condition) in the magnetic fields of the drive. This ghost image is further degraded every time the drive is formatted. After you format the drive 7 times you've given yourself a near certainty that any data on the drive at the start of the process will be unretrievable.
root@localhost# dd if=/dev/zero of=/dev/hda
Th FORMAT command created an "UNDO/UNFORMAT mirror on the hard drive as a default state
with a format command " format c: /u "
where "U" means "Unconditional" -- do NOT create the "undo"
If I remember all that basic DOS stuff from way back.
I put Vista on my main drive and without realizing it, defaulted to my storage drive and wiped it clean (if you have windows already, the beta goes to the next drive by default i guess)...
Boy did I regret that.
Luckily, a program I found salvaged all the important information and I was able to live life...the wife was near killing me.
Hard drives are cheap. When you get rid of an old computer, pull the hard drive. A screwdriver and a hammer should finish the job.
After using the Secure Empty Trash command, not even the FBI or the NSA can recover those files.
Also - when you delete a file, all that is done is it removes the first character of the file name in the FAT It erases nothing! gowin.exe changes to _owin.exe
That is how you UNDELETE a file you just have to add the first character back in.
How all that old basic stuff comes back - I haven't thought of that for ### years!
How long have I been doing this? Back in the ARPANET days, I was TIMESDOMAIN system username CLOCK aka Tick-Tock ---- ahhh reminiscing back to the days of 8k pages and systems running off the "color crystal" a blazing 1.44mhz
btt 4 l8r
I see. Thanks for 'splainin.
Even low level formatting can be beaten - with free software. From Brian Kreg's blog Before You Get Rid of that Hard Drive..:
I had no idea what I was getting myself into.
Getting the data off of the laptop proved the easy part. Then it was time to format the computer's hard drive to wipe it clean of any data. A full format with a Microsoft Windows DOS-based floppy disk appeared to erase all of the data. But then I scanned the newly-formatted hard drive with Helix, a free forensics tool often used by law enforcement folks to recover incriminating data from computers seized from suspected criminals. Within 20 minutes, Helix had retrieved more than 30 percent of the data that was supposedly erased from the drive, including personal digital photos, records of which Web sites the laptop's owner had visited online, as well as Microsoft Word documents and other personal files.
Formatting a hard drive is akin to ripping out its table of contents. The files on the drive aren't really destroyed, it's just that the computer's operating system no longer has any meaningful directions on where to find a particular file on the drive. Using free data-recovery tools such as Helix, however, much of that data can easily be retrieved. So, if you're at all concerned that there is remotely sensitive information on an old computer you're planning to sell on eBay or donate to the local school district, it might be worth spending a little time securely erasing the hard drive using software that writes 1s and 0s over each bit of storage space on the drive.
With a little Web searching, I found a powerful and free tool called "Dban." If you're just trying to delete certain files or folders (but not the entire hard drive), skip ahead a few paragraphs because you definitely do not want to mess with this tool -- it will erase everything on your computer, at least well beyond the recovery skills of most of our readers here. Following the directions and the FAQ on Dban's site, I was able to burn the program to a CD-Rom. I put the disc in the laptop and rebooted it, which launched the program.
The Dban tool does a good job, but it writes over each sector of the hard disk seven times, so it can take quite a while to wipe a hard drive. I was cleaning a 20 gigabyte hard drive, and it took almost three hours for the program to do its job. According to the Dban FAQ, securely wiping a 120 gigabyte drive (a size that is common in many desktop computers sold these days) could take upwards of 18 hours -- depending on your computer's hardware.
I ran the Helix disc again on the laptop and it found virtually nothing on the drive -- at least not much that was readable or usable.
If you're in the market for a program that can securely delete specific files or folders on your PC (as opposed to wiping an entire drive), there are plenty of free options. One is WipeDisk. Another is Secure Delete. The one I prefer is Eraser.
Regardless of which tool you use, most will allow you to specify the number of "passes" -- or the number of times to overwrite the file(s). Some will default to 7 passes -- one standard used by the Department of Defense to wipe sensitive information from a computer -- while others, like Eraser, default to wiping the targeted area 35 times. Thirty-five passes is probably overkill, but hey, sometimes it pays to be paranoid when it comes to computer security.
Just how many passes you need to blot out the data on your hard drive is really up to you. For the average computer user who just wants to resell or donate an old PC, even running a single pass with a program like Dban is better than just formatting the drive or reinstalling the operating system.
Anyone know how to remove a pop-up stuck in registry files? Driving me nuts.
Hunh! Interesting stuff to look into later.
Critical Windows Patch Coming Next Week:
Microsoft will release just one software update next week to plug a critical flaw in computers running its Windows operating system, the company said today. Redmond rates patches "critical" if they close a security hole that attackers could use to break in and take over vulnerable Windows machines.
Security Fix will have more details on the patch when it is issued on Tuesday.
That's what I do. Bashing the bejesus out of the old drive doesn't hurt the trade-in value, and it sure does protect your information. And it's fun. :-)
You guys are on track. A good sand rubbing works even better.
Yes and no. It depends on how the program "destroys" the data. Where I work we have to clean certain hard drives so as to prevent Social Security Numbers from being retrieved. Just formating, even 10-20 times does not prevent recovery. We use a program that writes, overwrites, and overwrites again a total of 35 times as well as scrambling the 1's and 0's dozens of times. We run the program twice to be sure the hard drive is clean.
Lately though we've decided it was easier to have the hard drives removed and placed into an industrial shredder and ground into nearly a fine power. A lot quicker and easier.
Anyone know how she can find the rest of the paper? It's on Word
I've heard that evidence eliminator is a good program to delete cookies, content IE.5 files and history files.
Excuse me... I remember VSX... in fact, I still have it.
I'm waiting for it to become a collector's item.
Or you can use the 15 day trial version then f disk your hard drive and do it again :)
search google for "Eraser" (free) or "East Tec Eraser" ($50) and you get some for windows too.
They both wipe files (browser cache too) as many as 35 times.
I don't need this article. I can delete hard drives by just looking at them. Must be my magnetic personality.
Try this (from the Word Help file):
Open an earlier version of a document
On the File menu, click Versions.
Click the version of the document you want to open.
This version contains all the previously saved versions.
If that doesn't work, go to Microsoft's website; on the left hand side click "communities", then forums,office, Word,General. You can search or you can post the question there. You can pretty much be guaranteed to get an answer that will work.
Random generated patterns overwriting free space (multiple times) is a good option.
Still, US GOV; DOD, Spook central Tempest specifications require the complete physical destruction of the data medium when its retired. Even media that's NEVER been used!
Yes, but open source programs can and still do employ such processes. Why? Cause they're imported from outside the US by-passing US laws.
might do the job.
Got any geeks out there?
Trade in value? My Osborne is a collector's item. The others I use until they are ready for the landfill. If you don't upgrade software, you don't have to upgrade hardware.
You might want to try TweakNow RegCleaner. It's free and seems to pick up stuff other programs miss.
Thanks I'll try it.
This (#20) might be useful...
Not as good as the multiple random overwrites. Formating writes the same thing every time. Theoretically it could still leave a faint trace of the original information. (VERY theoretically, and unless it's the government, or another government, you are trying to hide the data from, the reformatting is probably good enough).
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.