How to programmatically really clean Delete files?

views:

451

answers:

+5 Q:

How to programmatically really clean Delete files?

So you are about to pass your work-computer to some of your colleague. How do you make sure you really delete all your personal data?

Re-formatting, Re-installing OS will not really solve the problem.

I searched around and found some programs does "Wipe out" disks.

This caught me thinking how does those programs work? I mean, What algorithms they use and how low level those implementations go?

Any ideas?

As far as I know most tools do this with X writes and deletes, where X is some suitably large number. The best way to do this is probably to interface with the hardware at some level, although a cheap and easy way would be to create files until the disk is full, writing random data, delete them, create new files and repeat.

Its all paranoia anyway. Just deleting a file is usually much more than enough...

jheriko 2009-04-28 15:06:34

+6 A:

Most of those programs do a "secure delete" by overwriting the file bits with random noise.

The biggest problem has more to do with the actual implementation of hard drives and file systems than anything else. Fragmentation, caching, where the data actually is that you're trying to overwrite: that's the big problem . And it's a very low-level problem -- driver level, really. You're not going to be able to do it with Python, C#, or Java.

Once that problem is solved, there's the one of physical media. Because of the nature of magnetic media, it's very frequently possible to read the previous bits that were once on the hard drive -- even if you overwrote them with a different bit. "Secure delete" programs solve this problem by overwriting several times -- preferably a random but suitably large number of times.

Further Reading:

Data Erasure
Data Remanence
The Great Zero Challenge (provided by @Stefano Borini -- vote him up!)

Randolpho 2009-04-28 15:08:01

You might not be able to destroy certain parts of the data on the HDD (e.g. boot sector) with no driver access, but certainly writing huge files across the whole disk is possible with something like C# or Java to get the same effect... or am I missing something?

jheriko 2009-04-28 15:10:45

That might be a cheap way to do almost what's needed, but unless you go down to the driver level, you can't guarantee that all of the files will actually be written to disk -- especially if you immediately overwrite a file again. The HD might cache the reads and writes in volatile memory.

Randolpho 2009-04-28 15:16:58

Are there any real references that writing over the sector only once, with with a predictable pattern (such as only zeroes), is insufficient?

Albert 2009-04-28 15:18:29

I'd read up on Data Remanance on Wikipedia. There are a lot of links that should answer your questions. I'll add the link in my original post.

Randolpho 2009-04-28 15:23:04

@Albert -- according to @Stefano's link, no. You should read that, too.

Randolpho 2009-04-28 15:32:32

The articles you've linked indicate that you don't need multiple overwrites to prevent data recovery. I think the last paragraph of your answer spreads misinformation.

Albert 2009-04-28 17:09:18

@Albert: Misinformation? That's pretty harsh. Call it contested, perhaps. I thought I was clear that it was contested with my inclusion of The Great Zero Challenge in the further reading section.

Randolpho 2009-04-28 17:58:50

+4 A:

Safe delete programs overwrite the file multiple times with random patterns of data, so that even residual magnetization cannot be picked up and is lost in the noise. However, assuming that the great zero challenge has some truth in it, I think you can just fill the file/disk with zeros and call yourself happy, as this residual magnetization is practically impossible to pick even with professional setup.

Stefano Borini 2009-04-28 15:15:09

I'd never heard of the Great Zero Challenge. Thanks for the link! +1

Randolpho 2009-04-28 15:25:10

of course, it is not known if the CIA/NSA can actually do it :)

Stefano Borini 2009-04-28 15:50:09

I know some people at a data recovery firm. Perhaps I can talk them into taking the challenge.

Randolpho 2009-04-28 17:59:44

As far as I understand it, you need a very sensitive and special instrument to pick the residual magnetization, and in any case, when you actually do it, the residue will be dependent not only on the last magnetic status, but on all the previous statuses that cluster had. This introduces a lot of noise, making a full recovery IMHO impossible. Even if you recover only bits of it, you have to be lucky to recover exactly the part that you need (as from the filesystem structure). So, I personally think that zeroing is enough, but I would not bet on it, and welcome being proven wrong.

Stefano Borini 2009-04-28 18:26:43

I asked a similar question. You can find some answers here:

How do I get rid of a hard disk without exposing my source code?

Gulzar 2009-04-28 15:52:54

ansaurus

tags:

views:

answers:

How to programmatically really clean Delete files?

related questions