Wednesday, March 10, 2010

Securely Erase Data From Storage Drives [Windows]

Identity theft from discarded hard drive and flash drive data is rampant, as shown by multiple studies (an example here). What can you do to protect yourself? Simply deleting a file is not enough, even if you empty the recycle bin, as it can be easily recovered from your drive with disk recovery tools.

Gizmodo just published an excellent article on the topic. It is however not totally easy to exploit, especially if you don't have good technical skills, due to the nature and choice of the tools the writer investigates. To make it a bit easier, we are selecting here the most usable tools to wipe data clean with the least possible pain, using free utilities - good ones are surprisingly hard to find for this application. The tool selection was optimized for ease of use and reasonable security: it is possible to use tools that result in a higher guarantee of secure disposal (check the resource guide at the end).

Remember that you cannot wipe the drive from which you are running your program, and that, because the process is long, you should run a laptop on wall power if you are using one... Also remember (I know some people who made that mistake) that, if you wipe your system disk, your computer will not be able to function until you have reinstalled the OS:-)

Simple utilities for data wiping

There are four primary uses for data wiping: periodic wiping of free space (to securely erase previosuly deleted files),  cleaning up a flash drive before using it for new purposes, wiping a whole hard rive clean before getting rid of it (or reusing it), and securely erasing selected files and folders. 

1. Periodically wiping free space in your disk drives: ccleaner

It is a good idea to periodically wipe securely the free space in your drives, so that obsolete, but still confidential data cannot be recovered. The commonly used utility ccleaner can wipe all the deleted files in free space.  Be aware of the (small) limitations listed  here, and of some user stories (it can take a while). Altogether, the use of ccleaner for periodic free space wiping appears safe.        

2. Wiping clean a flash orUSB drive: DiskWipe

DiskWipe by will totally wipe a flash drive and replace all data with zeroes or with random data. Be aware that you will need to reformat the flash drive after wiping. Gizmodo verified that the wipe was secure.

3. Wiping clean a full hard drive prior to reuse or disposal: Eraser, DiskWipe

Eraser is the only free based utility frequently mentioned in most data destruction policies for universities with prestigious software departments (all others. It provides mil-spec secure disposal. It can also securely delete existing files and folders. It is powerful and offers many choices.  DiskWipe mentioned above is another candidate, with less options (in particular no ability to dispose of files and folders), but simpler to use for the purpose of wiping a full drive.

4. Securely erasing files and folders: FileShredder

 File Shredder is a good simple choice for file and folder level disposal. 

What you need to know about secure data deletion on storage media

It is possible to easily recover previously deleted files, even after disposal of the recycle bin. The only way to get rid of data for good is by overwriting it with different data. 

There is some controversy about how many times you need to wipe it clean. While several DoD directives and policies prescribe multiple overwrites (the Gutman method asks for 35!), other reputable research centers, such as the Center for Magnetic Recording Research (CMRR) at UCSD, consider that a single overwrite is enough for almost all purposes. The single overwrite method as been validated by  many how-to sites, such as here and here, and is probably enough unless you have very specific reasons to fear the use of sophisticated forensics on your data.

Your hard drive includes a Secure Erase command. There is no general purpose utility to access this command for all drives. The CMRR Secure Erase utility discussed below accesses it for some drives.

All secure wiping methods take long stretches of time, except for one method recommended by the CMRR, which directly addresses a specific secure earse command on the drive. Unfortunately the CMRR does not maintain its utility any more (you can find it in the Resources section below). 

If you data is extraordinarily critical, be aware that physical destruction may not be enough, as bits and pieces of your drive platters may actually be readable (the CMRR, in some articles, mentions that they actually did so, but in some other articles assume that it is not practical). Degaussing (using a strong magnet) does not work on SSDs or Flash drives, and may not work in future generation drives. You probably should go to the next level in secure disposal (as opposed to what is presented above), using more powerful tools but with less ease of use. For this, the most frequently recommended utility (mentioned in practically EVERY relevant article) is  Darik's Boot and Nuke, which will require you to create a bootable CD from which to run your software.

SSD drives have special challenges, and we have no encountered a general solution for all of them.

More resources

The  Center for Magnetic Recording Research at UCSD has solid research that it quotes in its documents, and which can be trusted. It developed a Secure Erase utility, unfortunately no longer supported but still operational for many users. Robin Harris from ZDNet lists some issues with the CMRR  Secure Erase utility. 

A free command line utility provided by Microsoft, SDelete from MS, is also frequently referenced as a good way to wipe drives, although with some limitations. Another free utility, recommended by some, but that we were not able to validate in the security literature, is HDD Wipe Tool  from It is however possible for you to validate the cleanliness of a wipe by any utility, by using the simple winhex, which reads the sectors of your drive to verify erasure. The excellent Darik's Boot and Nuke (DBAN), already mentioned above, is a part of the excellent freeware ultimate boot CD (UBCD), which also comes with many other diagnostics utilities, and which may be an easier path (it still requires you to create a Boot CD). An alternative to DBAN or UBCD, also requiring a Linux boot CD, is an old, but still interesting, engadget how-to.
There are some excellent commercial utilities to do mil-spec data wiping, which cost form $30-$60 for home use. The most commonly mentioned are  BCWipe (free trial) and WipeDrive. KillDisk also appears highly rated, but its web site does not inspire confidence. 

There are many other interesting reviews of wiping software. Some examples are TechSupportAlert and TheFreeCountry. Bruce Schneier, with a data security blog, is one of the recognized security experts who discuss this topic. Finally, it is interesting to see what universities with good software engineering programs practice and recommend, and here are some of them:
Gizmodo's article which inspired this post

No comments:

Post a Comment