How to Make Sure Files Are Deleted
Make Sure the Data You Want to Go Away Goes Away
A lot of personal information is on your computer. And even if you don't keep it there for good, chances are that everything about you has been on your computer at one point or another. Identity theft, corporate spying, and general privacy head the long list of reasons you might worry about your computer - and thereby your personal information - falling into the wrong hands. Those are all hugely 'popular' crimes today. So whether you're giving away or selling your old computer or simply want to make sure your information is as secure as possible today, you have to take certain specific steps.
When you do a simple file 'delete', your file system simply removes its references to the file - it doesn't actually 'erase' it. If your computer was a warehouse full of storage rooms with labeled doors, basic 'deleting' simply takes the labels off the doors. The content isn't disturbed until the warehouse manager puts something else in the room. When you ask your file system to recover deleted files, it simply puts a label back. And if you can ask it to restore deleted items, so can anyone with access to your computer. And those with tools more powerful than yours don't even need to get a new label for the door - they just open the door and walk right in.
To make sure a deleted file is really gone - to make sure the room is emptied, swept, and sanitized - you must go further. You have to find a balance between security and practicability, so what follows is an overview of your options to make sure no one can find 'deleted' files. In other words: how to make sure your files are really really gone.
1. The most secure method is to literally destroy your hard drive. It's not often practical but if done correctly it's 100% secure. Take your hard drive out of your computer, hammer at it, drive a few nails through it, and make sure to follow up by incinerating it (melting it) into an unrecognizable lump. If the disk melts down, then the files are gone in every sense of the word. While this is the most secure, it's also the most extreme way to make sure files are deleted. For most purposes, it's not a practical option to ensure no one can recover data if you still want to use that computer.
2. Use a good file and disk shredder.
Important: even the best shredder isn't as secure as incineration. Nothing is. But a good shredder comes close, and with the bonus that you can still use your computer. Good shredding is something you should perform regularly!
Shredding in this context is the computer equivalent of the paper shredder - it takes what remains of a deleted file on your hard drive and makes it indecipherable to anyone taking a peek. It does this by overwriting the data a number of times with special patterns and finally by overwriting the file names as they exist on disk. This type of file shredding is performed immediately before - or in conjunction with - file deletion on your part. You shred as you delete to make sure your files are deleted.
What do you do if you've already removed the files? Here's the crunch and the booby trap: if you've deleted your files (without shredding) then you're actually more susceptible than if you'd let them be. (And this applies to unprofessional shredding tools as well - they can make you even more vulnerable instead of protecting you.) For while you can't access your 'deleted' files, forensic experts still can. To make sure even files you've already deleted are gone forever, you need to use disk shredding.
Disk shredding - as opposed to file shredding - shreds all parts of your hard drive not in use. There are 'slack' areas at the end of all your thousands of files and of course there's all the so-called 'disk free space' - the areas on your hard drive not in use by files. A disk shredder takes care of both. Going back to the warehouse example, a disk shredder restores emptiness to all parts of the warehouse that are not designated rooms in use, and also the 'empty' corners of rooms that are in use but that are not absolutely full.
It's also important to understand that shredding is not a 'digital' operation as you might otherwise expect. Hard drives are analog, and do not store 'ones' and 'zeroes' as you'd think; and as they're magnetic they're prone to leaving data trails (ghost images). Forensic equipment can normally see what you had on your hard drive before the latest overwrite. And the overwrite before that. And so forth. Such equipment can be expensive but if someone - law enforcement, an industrial competitor, an estranged spouse even - wants to know what those files you deleted were, then money may not be an issue for them even if it is for you.
Doctor Peter Gutmann of the University of Auckland wrote the definitive research paper on shredding some ten years ago. His analysis of the issues involved and how one goes about securing data on hard drives stands to this day. United States Department of Defense Orange Book standards are not enough, says Gutmann. He sees them as 'red herrings' and many of these standards were designed for computer memory chips and not hard drives. And there's a world of difference between the one and the other.
Without getting too technical, it's important to point out that overwriting your data 'with all zeroes' is meaningless. There's no such thing in the world of hard drives. If you're brave enough to try to study Doctor Gutmann's research paper, great. Otherwise just trust his research results and always choose a disk shredder that offers 'Gutmann shredding'.
To make sure your files are really deleted, to save time, and to be as effective as possible, first delete your unwanted files without shredding. Restart your computer without starting additional software, and 'defragment' your hard drive. Data remaining on your hard drive will get moved around and your directories will get optimized. Then reboot again and use a good disk shredder to take care of your unused hard drive space. Congratulations! You've just learned how to make sure files are deleted, for good.
Source:
E3 Security Kit disk shredder
Secure Deletion of Data from Magnetic and Solid-State Memory (ftp)
Peter Gutmann
Department of Computer Science University of Auckland
First published in the Sixth USENIX Security Symposium Proceedings, San Jose, California, July 22-25, 1996
20 pages, annotated, 228,034 bytes
Published by Sydney Ellis
Sydney is a former training specialist who now spends her time in HR consulting, traveling, and writing more words than are necessary. View profile
- Recovering Deleted Files on Your ComputerAccidentally deleting files on your computer is nothing to get upset about. These files can actually be recovered. Most people assume that deleting a file or emptying it from your recycle bin will completely remove...
- Recovering Your Lost or Deleted Files: How I Entered the Data Recovery WorldI Recently faced one of my worst computer nightmares. I accidentally deleted a folder stuffed with really important files and then I immediately cleaned the contents of my recycle bin. Minutes later I discovered the b...
- Recover Deleted Data and Video Files in 5 Minutes!Don't lose critical files on your computer just because you accidentally deleted them. It is very simple to recover deleted files and restore them. Or If you don't feel like doing it yourself, there are file recovery...
- Recovering Lost Computer FilesHave you ever accidentally deleted an important computer file? The fact of the matter is that many deleted files can be retrieved, depending on how long ago the file was deleted.
When is Deleted Data Not Recoverable?Here's an explanation of what happens when a file is deleted, and what data recovery software is and isn't able to do.
- How to Securely Delete Files on a Hard Drive
- Recovering Deleted Files from Your Hard Drive
- How to Delete Single Files Completely and Securely
- How to Recover Accidentally Deleted Files
- How to Load New Programs on Your Computer
- Recovering Lost and Deleted Files
- How to Recover Deleted Songs from an iPod