My questions concern permanent deletion of files from both kinds of media.
I'm aware that in order to truly remove things from a hard disk drive you need to somehow overwrite the data as erasing it doesn’t actually get rid of it but just marks the space as free. I also know that even overwriting it once may nto be enough, depending on the grade of data recovery tool used.
Once upon a time I had a program run from a floppy (yeah that old) that would format and write zeroes over and over again for about 8 hours (on a 20 gig drive) but from what I see on Google there are programs that will basically do that without a full format, they'll just wipe the data for the file(s). So I’m wondering for one if this really works and if you have any recommendations. I'm hoping for something free and while doing the low-level format is an option, I'd rather not - I'd rather just clean it up and know that all the data I don’t' want in someone else's hands is gone.
Secondly, I have some solid state media (SD cards, USB drives and an SSD) that I want to erase as well. I haven't really found anything conclusive about SSDs and whether or not the data on them can be recovered or not. It seems like it's harder but still possible and I want to make it not possible. Since solid state media has a limited number of write cycles on it I wouldn’t think that the zero-writing process would be a good idea. Seems like it would burn out the drive faster but again, I don't want there to be data that someone savvy can pull off this gear.
In both cases I’d like it to be literally impossible by any mortal means (short of a Wish, Limited Wish or Miracle)to recover the data from these devices. I've got a bunch of stuff I’m getting rid of as I upgrade the office and I don't my company information, customer credit card information, personal information or anything else for that matter to be recoverable by whomever gets this equipment.
Posts
http://eraser.heidi.ie/ is what I use at work.
Keep in mind, the more you use a drive, the shorter its lifespan becomes. Theoretically a single pass should wipe out the data.
Just get a USB adapter for hard drives and go to town.
However, academically, the only way to truly remove data is physically destroying the drive and completely destroy the platter surfaces. Even after multiple zero / random fills, there are techniques that skilled forensic technicians with the right equipment can use to recover data. It would be incomplete / garbled, but there probably would be enough to match something like a deleted document / image to a reference document / image.
Basically, each bit on a drive is a tiny magnetized area. The orientation of the magnet determines if the bit is a 0 or 1, but the idea of a 0 or 1 is an approximation - the bit is the average magnetism of that area, which is close enough for our purposes. If a bit is written to (1) and then you do a zero wipe, there will be some residual magnetism compared to a bit that was never written to, and that can be detected with very precise and sensitive tools.
Additionally, the heads don't always align perfectly with the platters, and sometimes will write to the areas in between tracks / sectors, or portions of other sectors. Normally you can't do much with these areas using system tools and the hardware alone, but a forensic expert can also use certain tools to read the platters and recover data.
But unless you're an FBI Most Wanted, in Al Qaeda, or a KGB spy, a single zero fill should be more than enough.
Removing the platters and melting them into a puddle is your only real chance at destroying magnetic drive data reliably.
I've purchased equipment from office environments before, and it's not unusual for it to be sold without hard drives due to security reasons.
The safest way is a zero write followed up by a power drill. Three to four holes directly through the casing and platters will annihilate any future use of the drive. The nuclear option is to remove the casing of the drive itself and use sandpaper on the platters.
The downside is you lose the value of the hard drives and your equipment will see a slightly lower resale amount as a result, but conventional hard drives are cheap these days, and the upside is you'll never have to worry about your customer data being compromised and you'll get some cool magnets as a result.
Honestly though, unless the person you're worried about works for the NSA and has access to a cleanroom environment and extremely specialized equipment you won't have to worry about your data falling into the wrong hands after a zero write.
I'm not worried about the NSA, just people who might think they can pull data off of a company's drives and score credit card info or something.
All this has gotten me thinking more about encryption and security on my own systems though. I did a little digging around on my own and TrueCrypt seem pretty solid but it makes a fully encrypted volume. I'd rather be able to encrypt individual files or folders so I can put them off site, or on a USB drive or something. Anyone got any recommendations?
A format won't erase data, just that table.
So a smart enough program can go sector by sector and reassamble pretty much every file that still existed in the empty space.
Or you can do whole drive encryption if you want.
I'm just starting to wrap my brain around the whole encryption thing.