Skip to comments.Deleted but Not Gone (Must read, unless you have a computer science degree, IMHO)
Posted on 11/03/2005 4:43:16 PM PST by neverdem
Maintaining privacy in the era of digital information requires work on a number of fronts, whether fending off spyware, protecting important files with encryption or configuring a Wi-Fi hot spot to keep interlopers off a wireless network.
One basic privacy measure, however, is easily overlooked: proper data destruction.
Deleting confidential data completely is essential when donating or selling old computers, and it can also help maintain privacy on computers that may end up lost or stolen. And for businesses looking for ways to comply with the security requirements of laws like the Sarbanes-Oxley Act, a sound policy on data control and destruction is crucial.
When normal deletion methods like the Recycle Bin or the delete command are used, the computer's operating system, for the sake of speed, creates an illusion that data has been deleted. In fact, it merely earmarks that region of a disk or drive as being available for new data to overwrite the old data. Until that overwriting occurs, the old data can be retrieved with undelete programs and tools used by data recovery labs and law enforcement agencies.
There are, however, several options for securely eliminating data from hard disks, U.S.B. flash drives and other storage media. These programs overwrite data with meaningless characters to render it unrecoverable with today's data recovery techniques. Some of the programs can overwrite entire drives...
For example, Darik's Boot and Nuke, known also as DBAN, is a free open-source program available at dban.sourceforge.net. It runs on Windows computers and offers six methods to overwrite data, including a Defense Department standard (DoD 5220.22-M) that can overwrite the disk three times, as well as a method called PRNG Stream Wipe, which can make a user-defined number of disk overwrites using randomly generated characters.
(Excerpt) Read more at nytimes.com ...
Or you can just format the hard drive 7 times and save yourself the money.
PGP or cyberscrub.
Why seven times? Wouldn't one time do the trick?
Darik's Boot and Nuke ("DBAN") is FREE. Who's paying?
In criminal cases I've read of defendants purchasing several commercial data scrubbers and still the cops were able to retrieve everything. I wonder if the products mentioned really work.
Back in the olden days of Norton 5.0, they had the "WASH" utility built in that would write all "0"s the all "1"s then random 0 & 1
Norton 6.0 (I still have the floppies!) still had it also but no longer ---- law enforcement, IMHO, was the reason for4 removing that basic security option.
Remember X-Tree Gold ?
Yes, I do, but I don't appreciate you bringing it up. [wink]
A thorough dunking in the river or lake should work well, providing you don't remove it after the dunking.
Apparently even after you format a drive there is a ghost of an image of old data that gets left on it - it's still stored (if in degraded condition) in the magnetic fields of the drive. This ghost image is further degraded every time the drive is formatted. After you format the drive 7 times you've given yourself a near certainty that any data on the drive at the start of the process will be unretrievable.
root@localhost# dd if=/dev/zero of=/dev/hda
Th FORMAT command created an "UNDO/UNFORMAT mirror on the hard drive as a default state
with a format command " format c: /u "
where "U" means "Unconditional" -- do NOT create the "undo"
If I remember all that basic DOS stuff from way back.
I put Vista on my main drive and without realizing it, defaulted to my storage drive and wiped it clean (if you have windows already, the beta goes to the next drive by default i guess)...
Boy did I regret that.
Luckily, a program I found salvaged all the important information and I was able to live life...the wife was near killing me.
Hard drives are cheap. When you get rid of an old computer, pull the hard drive. A screwdriver and a hammer should finish the job.
After using the Secure Empty Trash command, not even the FBI or the NSA can recover those files.
Also - when you delete a file, all that is done is it removes the first character of the file name in the FAT It erases nothing! gowin.exe changes to _owin.exe
That is how you UNDELETE a file you just have to add the first character back in.
How all that old basic stuff comes back - I haven't thought of that for ### years!
How long have I been doing this? Back in the ARPANET days, I was TIMESDOMAIN system username CLOCK aka Tick-Tock ---- ahhh reminiscing back to the days of 8k pages and systems running off the "color crystal" a blazing 1.44mhz
btt 4 l8r
I see. Thanks for 'splainin.
Even low level formatting can be beaten - with free software. From Brian Kreg's blog Before You Get Rid of that Hard Drive..:
I had no idea what I was getting myself into.
Getting the data off of the laptop proved the easy part. Then it was time to format the computer's hard drive to wipe it clean of any data. A full format with a Microsoft Windows DOS-based floppy disk appeared to erase all of the data. But then I scanned the newly-formatted hard drive with Helix, a free forensics tool often used by law enforcement folks to recover incriminating data from computers seized from suspected criminals. Within 20 minutes, Helix had retrieved more than 30 percent of the data that was supposedly erased from the drive, including personal digital photos, records of which Web sites the laptop's owner had visited online, as well as Microsoft Word documents and other personal files.
Formatting a hard drive is akin to ripping out its table of contents. The files on the drive aren't really destroyed, it's just that the computer's operating system no longer has any meaningful directions on where to find a particular file on the drive. Using free data-recovery tools such as Helix, however, much of that data can easily be retrieved. So, if you're at all concerned that there is remotely sensitive information on an old computer you're planning to sell on eBay or donate to the local school district, it might be worth spending a little time securely erasing the hard drive using software that writes 1s and 0s over each bit of storage space on the drive.
With a little Web searching, I found a powerful and free tool called "Dban." If you're just trying to delete certain files or folders (but not the entire hard drive), skip ahead a few paragraphs because you definitely do not want to mess with this tool -- it will erase everything on your computer, at least well beyond the recovery skills of most of our readers here. Following the directions and the FAQ on Dban's site, I was able to burn the program to a CD-Rom. I put the disc in the laptop and rebooted it, which launched the program.
The Dban tool does a good job, but it writes over each sector of the hard disk seven times, so it can take quite a while to wipe a hard drive. I was cleaning a 20 gigabyte hard drive, and it took almost three hours for the program to do its job. According to the Dban FAQ, securely wiping a 120 gigabyte drive (a size that is common in many desktop computers sold these days) could take upwards of 18 hours -- depending on your computer's hardware.
I ran the Helix disc again on the laptop and it found virtually nothing on the drive -- at least not much that was readable or usable.
If you're in the market for a program that can securely delete specific files or folders on your PC (as opposed to wiping an entire drive), there are plenty of free options. One is WipeDisk. Another is Secure Delete. The one I prefer is Eraser.
Regardless of which tool you use, most will allow you to specify the number of "passes" -- or the number of times to overwrite the file(s). Some will default to 7 passes -- one standard used by the Department of Defense to wipe sensitive information from a computer -- while others, like Eraser, default to wiping the targeted area 35 times. Thirty-five passes is probably overkill, but hey, sometimes it pays to be paranoid when it comes to computer security.
Just how many passes you need to blot out the data on your hard drive is really up to you. For the average computer user who just wants to resell or donate an old PC, even running a single pass with a program like Dban is better than just formatting the drive or reinstalling the operating system.