Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Secure Delete: what is it, and do I need it?

Question:

Although there are many software utilities that claim to be able to delete
data files from hard drives securely and thoroughly, can’t you accomplish the
same thing simply by overwriting sensitive files with large, non-sensitive
ones?

To be honest, it depends on your level of paranoia. I suppose that also
depend on the level of sensitivity of your data.

But you are correct in the implication that a plain old “delete” isn’t
nearly enough.

Let’s look at that, and how far you might need to go.

Become a Patron of Ask Leo! and go ad-free!

As you may already know, deleting a file in Windows doesn’t actually delete
the data. In fact, it doesn’t really even delete the file – in Windows Explorer
if you delete a file it just gets moved to the recycle bin. The file’s not
really deleted until the recycle bin gets too full, or until you empty it
yourself.

Naturally it’s trivial to go digging around in the recycle bin to see what’s
been “deleted”, and recover it intact.

“Because of the way magnetic material on hard disks
works, it might be possible to actually recover data that has been
overwritten.”

Even a “permanent” delete after, or bypassing, the recycle bin doesn’t
really delete the data. In a sense, it just tells Windows “This space over here
where there used to be a file? You can put something else there, if you
like.”

It’s kind of like moving out of an apartment by only taking your name off of
the door. Until someone moves in and replaces with their own, all your stuff is
still inside and available to anyone who knows how to look for it.

That’s where the concept of “secure delete” comes in. A secure delete
overwrites the data in the file when the file is deleted. This takes longer, of
course, as it has to actually go access the entire file, but it ensure that the
data is no longer accessible to the casual observer. It’s kind of like making
sure your apartment is empty – or at least full of stuff that isn’t yours –
before leave.

Unfortunately simply overwriting one file with another does not do this. The
problem is that you can’t control where the operating system is going to write
the data. Depending on how the copy is implemented it may copy the data to a
new file on the hard disk, delete your old file, and then rename the new file
to the old file. (A very common technique.) Note the “delete” in the middle –
that’s not a secure delete. Your data is still out on the hard disk.

The bottom line is that, yes, a secure delete utility is probably what you
need. It will ensure that the actual sectors on the hard disk that your file
occupied are overwritten with other data.

Our friends over at SysInternals have such a utility for free: SDelete.

Alternately, there are also “free space wipers” that will simply write data
to all the free space on your hard drive. This removes the data from any and
all files that have been permanently deleted. As it turns out, SDelete will do
this as well.

Now, there’s one more step we need to look at before we say we’re done, and
this is where your level of paranoia, and the sensitivity of the data, come
into play.

Because of the way magnetic material on hard disks works, it might be
possible to actually recover data that has been overwritten. It’s most
definitely not trivial, and often requires special tools and techniques (and
often a fair amount of money), but it sometimes can be done.

The solution is to ensure that the secure delete utility has the option to
overwrite the data multiple times. (It can actually involve much more than
that, based on things like physical disk configuration and disk head movement.)
By writing over those soon-to-be-free sectors multiple times, the original data
is well and truly gone.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

19 comments on “Secure Delete: what is it, and do I need it?”

  1. Yes it is definitely necessary to use some sort of software or encryption to protect and or completely erase your data. Especially since recent studies show that you can run into a lot of trouble if proper deletion of data does not take place when recycling old hardware. You can read more about it here:

    http://www.techknowbizzle.com/2006/08/reduce-reuse-recycle.html

    There’s also new technologies that are being developed so that secure disposable of products can be done from home, from the office, and even on the battleground. http://www.darkreading.com/document.asp?doc_id=98819

    Reply
  2. Aloha Leo….I read the “Secure Delete” article. I’m a little confused (Not unusual for a 65 yr.old). I utilize System Mechanic – it has a function that evaluates the hard drive & lets me know that I have “alot” of duplicate files – taking up alot of hard drive space. My Question: If I get rid of the “duplicate files” will it give me more disk space? (Big Bang Enterprises has “Double Killer” – a software program that “searches the Hard Drive for identical Files (Duplicate Files) there’s a “Free” & a “Pro” ($14.95); that gives instructions on how to remove the files, etc. What’s your recommendation? Your Advise? I’m a little leary about removing the files…if it’s not necessary…but if necessary, I’m willing to purchase the “Pro” version. Thank You, for all your Excellent Advise & your concise & informnative Newsletters!! Greatly Appreciated! (& it’s been my pleasure to “buy you some coffee”!!) Keep Up the Good Work! Aloha, Sebastian

    Reply
  3. Hi Leo
    Do you have a BAT file that will automatically start sdelete? If not can you explain more about how to set up sdelete, select the various option?
    Gordon

    SDelete’s options are covered quite well on it’s download page.

    – Leo
    09-Aug-2007
    Reply
  4. well I have downloaded it, unzipped it but still have no idea how to make it work. All I get is an icon which doesn’t open or apparently do anything.

    a) it’s a program you run in a windows command shell, and b) the usage instructions are on the page you downloaded it from.

    – Leo
    16-Jan-2009
    Reply
  5. I use a free program called Eraser. It will securely wipe the free space on your media or a single file or folder or mulitple files/folders. Plus it has a shell context menu. So you can right click on the file or folder and erase it. It also has a scheduling feature. You can choose your erase method from 1 pass to 35 passes or create your own method. It works on XP and Vista and comes in a 32 bit or 64 bit version.

    Acronis True Imgage Home also alows you to securly “wipe” your files.

    I have one question though. Generally speaking which erase method should a person use? There are so many out there from the US DOD 7 pass to Gutman’s 35 passes. Which would be the best one to use?

    Thanks in advance to everyone who answers the question.

    Reply
  6. To everyone that requires secure delete use a much better software as KILLDISK or Erasedisk to achieve the results you want.

    Reply
  7. Ever since I had a computer I have used a utility KiilDisk to run a series of zeros over the whole drive. This can be done automatically any number of times

    Reply
  8. And if you really want to git rid of everything from your hard drive simply do an MBS format!!! “master boot sector” I use Super F Disk Bootable CD.. Should be easy enough for those to find who are in need of this CD. Download it “for free” and burn it to a CD…. Its really simple!

    Reply
  9. Does defragging help, or do those deleted files still sit out there somewhere?

    Yes and no. Defragging can make it more difficult to recover deleted files, but it’s not guaranteed to do so by any means. If you need to securely delete, then use some kind of secure delete utility.

    Leo
    26-Nov-2009

    Reply
  10. Well if they’re banging down your door and you’re an Israeli spy in Iran, chuck the hard drive in the microwave and turn it on high for as long as possible. If you have time, unscrew all the fittings and get as close to the platen as possible and just put the recordable surface in the microwave. If the microwave eventually spontaneously combusts, then I suggest your data is probably unrecoverable as required. Mission accomplished?

    Reply
  11. Wouldn’t it be easier to encrypt the file first, then delete?

    No. I don’t see how that would help anything – unencrypted but deleted copies may still be on the hard disk – perhaps even the result of the encryption process itself.

    Leo
    26-Nov-2009

    Reply
  12. -Spybot Search and Destroy has a Secure Shredder tool that can be set to as many as 35 passes.
    -CCleaner has a Wipe Free Space option.
    -System Mechanic includes an Incinerator that can be configured to use DOD 5220.22M.
    -Malwarebytes Anti-Malware includes a FileASSASSIN tool that can delete locked files.
    -WinRAR includes a method to “Wipe files:
    Before deleting file data are overwritten by zero bytes to prevent recovery of deleted files.”
    -See the Wikipedia article “Data remanence”.

    Reply
  13. My computer was wiped clean of XP and set back up with Win7. Can I assume that everything from the past was completely deleted?

    I can’t say without knowing exactly what was done. Short answer would apparently be: no, you can’t assume.

    Leo
    28-Nov-2009

    Reply
  14. For years the Cygwin utilities have contained shred.exe with, a.o., following options which may inspire:
    – change permissions to allow writing if necessary
    – Overwrite N times instead of the default (25)
    – get random bytes from FILE (default dev/urandom)
    – shred this many bytes (suffixes like K, M, G accepted)
    – truncate and remove file after overwriting
    – add a final overwrite with zeros to hide shredding

    Reply
  15. ComputerWorld reports (March 7, 2011) that recovering data from both SSD drives and flash drives is incredibly easy even after being overwritten.

    This article requires you to sign up. But it is harmless to do so. Remove the check marks from both boxes and you will not get any additional mailings. At least that is my experience.

    This article is scary and should be required reading.

    http://www.computerworld.com/s/article/355159/SSD_Security_Issues_Surprise_Experts

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.