Summary: Secure Delete is a way to make sure that when you delete a file it cannot be recovered. Understanding Secure Delete is important to protect sensitive data properly.
Although there are many software utilities that claim to be able to delete data files from hard drives securely and thoroughly, can't you accomplish the same thing simply by overwriting sensitive files with large, non-sensitive ones?
•
To be honest, it depends on your level of paranoia. I suppose that also depend on the level of sensitivity of your data.
But you are correct in the implication that a plain old "delete" isn't nearly enough.
Let's look at that, and how far you might need to go.
•
As you may already know, deleting a file in Windows doesn't actually delete the data. In fact, it doesn't really even delete the file - in Windows Explorer if you delete a file it just gets moved to the recycle bin. The file's not really deleted until the recycle bin gets too full, or until you empty it yourself.
Naturally it's trivial to go digging around in the recycle bin to see what's been "deleted", and recover it intact.
Even a "permanent" delete after, or bypassing, the recycle bin doesn't really delete the data. In a sense, it just tells Windows "This space over here where there used to be a file? You can put something else there, if you like."
It's kind of like moving out of an apartment by only taking your name off of the door. Until someone moves in and replaces with their own, all your stuff is still inside and available to anyone who knows how to look for it.
That's where the concept of "secure delete" comes in. A secure delete overwrites the data in the file when the file is deleted. This takes longer, of course, as it has to actually go access the entire file, but it ensure that the data is no longer accessible to the casual observer. It's kind of like making sure your apartment is empty - or at least full of stuff that isn't yours - before leave.
Unfortunately simply overwriting one file with another does not do this. The problem is that you can't control where the operating system is going to write the data. Depending on how the copy is implemented it may copy the data to a new file on the hard disk, delete your old file, and then rename the new file to the old file. (A very common technique.) Note the "delete" in the middle - that's not a secure delete. Your data is still out on the hard disk.
The bottom line is that, yes, a secure delete utility is probably what you need. It will ensure that the actual sectors on the hard disk that your file occupied are overwritten with other data.
Our friends over at SysInternals have such a utility for free: SDelete.
Alternately, there are also "free space wipers" that will simply write data to all the free space on your hard drive. This removes the data from any and all files that have been permanently deleted. As it turns out, SDelete will do this as well.
Now, there's one more step we need to look at before we say we're done, and this is where your level of paranoia, and the sensitivity of the data, come into play.
Because of the way magnetic material on hard disks works, it might be possible to actually recover data that has been overwritten. It's most definitely not trivial, and often requires special tools and techniques (and often a fair amount of money), but it sometimes can be done.
The solution is to ensure that the secure delete utility has the option to overwrite the data multiple times. (It can actually involve much more than that, based on things like physical disk configuration and disk head movement.) By writing over those soon-to-be-free sectors multiple times, the original data is well and truly gone.
Related:
-
I deleted a file by mistake - can I get it back? It is sometimes possible to recover an file deleted by accident. Stop using the disk, check your recycle bin, and perhaps pull out an undelete utility.
-
Why can't I delete this file? Sometimes a file cannot be deleted because it has invalid characters in its filename. There are techniques and tools to force the delete anyway.
-
Recuva - A free, easy to use undelete and file recover tool Even with the Recycle Bin to protect you, it's not uncommon to need to recover files that have been "permanently" deleted. Recuva gives you a chance.
Article C2766 - August 23, 2006
Wouldn't it be easier to encrypt the file first, then delete?
26-Nov-2009
Posted by: jpChris at November 25, 2009 12:04 PM
-Spybot Search and Destroy has a Secure Shredder tool that can be set to as many as 35 passes.
Posted by: Robert at November 25, 2009 10:19 PM-CCleaner has a Wipe Free Space option.
-System Mechanic includes an Incinerator that can be configured to use DOD 5220.22M.
-Malwarebytes Anti-Malware includes a FileASSASSIN tool that can delete locked files.
-WinRAR includes a method to "Wipe files:
Before deleting file data are overwritten by zero bytes to prevent recovery of deleted files."
-See the Wikipedia article "Data remanence".
My computer was wiped clean of XP and set back up with Win7. Can I assume that everything from the past was completely deleted?
28-Nov-2009
Posted by: Tony at November 27, 2009 6:59 PM
For years the Cygwin utilities have contained shred.exe with, a.o., following options which may inspire:
Posted by: Roger at December 5, 2009 12:45 PM- change permissions to allow writing if necessary
- Overwrite N times instead of the default (25)
- get random bytes from FILE (default dev/urandom)
- shred this many bytes (suffixes like K, M, G accepted)
- truncate and remove file after overwriting
- add a final overwrite with zeros to hide shredding
Thanks for sharing
Posted by: kbman at January 13, 2010 12:27 AMPS: it's always good to have alternative so if it didn’t worked you can give a try SafeDeleter tool - i was using it for some time
http://www.safedeleter.com