Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

How do I securely delete email?

Question:

When I delete stuff out of my recycle bin, I can go and find it and do a DOD
wipe to remove all evidence of it ever having existed. However, what happens to
the stuff I delete from my e-mails, where does this go when it is deleted? Is
it deleted also when I use REVO Uninstaller to remove “evidence” from my
computer? If not, how can I delete the stuff then? I have to sometimes download
and print bank statements and other documents, this is the premise behind the
question.

This is actually a fascinating question. One would think that deleting email
behaves similarly to deleting files on your hard drive – and it does, to a
point.

And of course securely deleting data is beyond that point.

The real answer, as usual, is “it depends” – it depends on your email
program, and how you use it.

]]>

Secure Delete

I’ve discussed secure delete before, but quickly the concept is this: when you delete a file “for real” (by emptying your recycle bin, or using a delete that bypasses the recycle bin), the data is actually left on the hard drive. The area of the hard drive that the data is on is marked as “empty”, and will not actually be overwritten until another file is written to the disk that ends up taking that same placement on the hard drive.

That could be fractions of a second later.

“Much like Windows, when you delete an email these programs simply mark the email as deleted, but otherwise leave it alone.”

Or it could be years later.

It all depends on how all the data on the hard disk is laid out, and what kind of disk activity happens after the file’s deleted.

A secure delete (or a “DOD wipe” as in your question, relating to a U.S. Department of Defense security standard) is an extra step that actually goes out and actually erases the data from the disk areas formerly occupied by the file you just deleted. Options typically exist to securely wipe all free space on the drive, ensuring that all deleted files are unrecoverable, and to perform that secure wipe multiple times so that even the most advanced data forensics tools would be unable to recover it.

Depending on your data, it can be an important tool to maintaining data security.

Email Delete

We need to address the two different approaches used by most people when it comes to email: web and PC-based email.

Web-Based Email

When you delete an email via a web based interface such as Hotmail, Gmail and the like, this has little to do with your own computer. The deletion is happening on their server, and there’s no way to know whether the delete is secure or not. Not that it really matters, since there’d be nothing you could do about how they keep your email on their hard disks anyway. And not that that really matters since a) their servers are busy and your data is likely to be quickly overwritten, and b) someone wanting to recover your deleted email would have to have physical access to the specific hard drive it was stored on out at those services, which isn’t very likely.

However…

Your browser has a cache, and that cache is kept on your hard drive. It’s possible that images of the pages you’ve visited are cached and kept on your hard drive. (Technically https pages aren’t supposed to be cached, but not everything is https, and I’ll choose not to trust all browsers to handle this properly.)

The solution here is simple: when you want to make sure that things are securely removed from your computer after using web mail:

PC-Based Email

When it comes to email on your computer it really depends on how your email program stores your email.

They typically fall into two camps.

Aggregate Data Stores – this is where the email program stores multiple email messages in a single file. Most email programs, including Outlook, Outlook Express and Thunderbird all fall into this category. While the actual file formats vary dramatically, the concept is the same – multiple emails stored within a single file.

Much like Windows, when you delete an email these programs simply mark the email as deleted, but otherwise leave it alone. It’s not until they “compact” your email that the message is physically removed.

And therein lies the solution: empty your email program’s recycle bin if it has one, compact your email (you should see these files get smaller when the compaction is done), and then once again: secure delete to wipe your free space.

Exactly how one compacts email files also varies quite a bit depending on the program you’re using – check the documentation. Most compact periodically, but that may not be enough to ensure complete security.

Individual Data Stores – as it’s name implies, some email programs store email messages as individual separate files. I believe Windows Live Mail may fall into this category.

Here things get simpler.

Delete your mail, empty your recycle bin, and run your secure delete.

Sometimes Both

It’s worth mentioning that some PC-based email programs will use your web browser to display email, or use the browser’s cache to store attachments and other files.

In other words, for extra security it’s probably a good idea to check the cache, or just clear it as well before doing that secure wipe, even when you use a PC-based email program.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

4 comments on “How do I securely delete email?”

  1. I’ve downloaded secure delete. Does anyone know how this program works because it seems to do nothing than open a prompt command window for a second or two and then automatically close. Help appreciated. I was wondering if it works with XP service pack 3

    Regards

    I believe if you read the documentation on the download page it shows how to run it. You need ot run it within a Windows Command Prompt – try this article: When I use Start-Run and type in a command, why does a window just flash and disappear?

    Leo
    19-Sep-2010

    Reply
  2. AFter you download and extract the sdelete.exe copy it to c:\ then click Start > Run > type in CMD and press Enter. you will then be at the DOS prompt. If you are not at the root folder type in c:\ and press enter. Then type in your requirement. eg sdelete -s -z and press enter.

    Reply
  3. If you are printing out copies of your bank statements as well as emails, I’m told you need to be concerned about the printer keeping a copy on it’s “disk.” I haven’t heard how one might delete this information from the printer, but it is an even bigger concern since most printers end up as e-waste, indiscriminately discarded along with the information they contain. Hard drives get much more attention as a security issue.

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.