Hard-core readers of this column may recall one I wrote back in 2005 titled Computer Forensics 101 (it’s on my website). In it, I described how difficult it can be to truly erase a file from your computer. Simply “deleting” a file and emptying the “Recycle Bin” will not get the job done. The files are still there.
Doing a thorough job of physically destroying a computer’s internal hard drive (shredding, melting, chopping, shooting, burning in thermite) can be a somewhat effective way of deleting files, but it’s messy work. It also renders the drive useless for future use, which is a silly thing to do. But, if you really, truly have to know beyond a shadow of a doubt that your files have been destroyed, take a look at the DiskStroyer kit at diskstroyer.com. It’s only $30 and it’s pretty cool.
There are, however, cleaner and easier ways.
The need to “sanitize” an old computer before selling, giving or throwing it away should be obvious; you don’t want files containing personal information (financial account numbers, medical information, etc.) falling into the wrong hands. In order to enhance security and your own peace of mind, you may also wish to sanitize the computer that you currently use. If you have no idea what I’m talking about, visit my website and read the above-mentioned article.
Typical file deletion procedures involve “deleting” the file and emptying the “Recycle Bin.” These procedures are akin to taking a book and using a permanent marker to obscure a chapter name in the table of contents. From looking at the table of contents, the chapter doesn’t seem to exist. However, the chapter is still there and if you thumb through the book, you’ll find it.
It’s the same thing with a computer. When you delete a computer file, its name is simply removed from the table of contents. Until overwritten by other data, the file still resides on the hard drive, and if you use the right techniques, you’ll find the file.
To solve this program, smart programmers have invented file deletion and “shredding” programs. These programs start to actually erase “deleted” files by physically overwriting the hard drive space that the files occupy with various patterns of the digits zero and one (0 and 1). Because hard drives are a magnetic media built of rust and rocks (metal oxides and magnets), shredding programs will overwrite deleted files numerous times in order to ensure that the file’s magnetic bits become completely scrambled.
One round of erasing (called a “pass”) will keep most snoopers and bad guys at bay. The Department of Defense (DOD) standard is three passes; the NSA (National Security Agency) recommends seven passes. For the uber-paranoid, some shredding programs offer the painfully slow “Gutmann” method, which is 35 passes. It was computer brainiac Peter Gutmann’s research that brought the file deletion dilemma to light back in 1996.
I pick the three to seven pass methods, myself. I tried the Gutmann method once, just to see what it would be like; it took a week to finish. Even Gutmann, in his later research, indicated that 35 passes was excessive. Maybe the CIA or the FBI can still recover data from a 3-7 wipe erasing job, but I doubt it. Still, if those guys are after you, I can’t help you, anyway. Our greatest present concern is protecting our hard drives from dumpster divers, thrift store shoppers and criminal computer hackers; this we can do.
After years of experimenting with file erasing/shredding programs, I have settled on one very simply solution: it’s a nifty little program called CCleaner, found at piriform.com.
CCleaner is widely used for general computer maintenance, but many people don’t know that it also has a secure file deletion feature. Once you have “deleted” your files and emptied the Recycle Bin in the conventional way, run CCleaner and click the “Cleaner” tab. At the bottom of the list on the left, check the “Wipe free space” box. Then, click the Options tab and go to Settings. In Settings, pick the “Secure file deletion” option and pick your file deletion method (1-35 passes). Pick which drive to wipe the free space on and check the “Wipe MFT (Master File Table) free space option.”
Then, go back to the Cleaner tab and click “Run cleaner.” It’s that easy. Happy shredding!