How To Delete a File ... For Good

By Ronald Pacchiano | Posted February 24, 2009

Q: I am the office manager for a small accounting firm in New Jersey and we have 10 PCs that are about to be replaced with newer hardware. We've recently made arrangements to donate these old systems to a local school. In preparation, I've backed up all data on these machines and reformatted their hard drives to remove all client and company information. The hard drives are now blank, but I've read that it's possible for someone to recover the data previously stored on such drives if they were so inclined.

In light of all the cases of identity theft and the potential liability associated with this data, I need to be sure that these systems' hard drives are truly empty before sending them to the school. I thought I took the appropriate steps, but now I'm not sure. Is reformatting a drive really enough to keep someone from recovering the data? If not, how do I go about ensuring that data is permanently deleted?

A: This is a good question, and raises an issue that many PC users don't fully understand: Deleting a file from your system does not permanently remove it from your hard drive.


When you delete a file in Windows, it gets moved into the Recycle Bin -- a sort of second drive reserved for deleted files, from which documents can be easily recovered. Once you're sure files are no longer needed, you can empty the Recycle Bin to make them unrecoverable by Windows -- but in truth, they're still ripe for recovery.

Fact is, when you delete a file or folder, it isn't erased from the disk media: Instead, the operating system simply removes the reference to the file from the file system table, marking its space as free to be occupied or overwritten by another file. And even after a new file is created over it, it's still possible to recover the original data by analyzing the magnetic fields on the disk surface.

The only way to truly eradicate your data is to have the system overwrite old files' sectors of the hard drive with new data -- and then do it again and again. In fact, modern recovery technology is so through that even when you employ extreme measures such as reformatting the drive or removing the system partition, experts can still salvage the data.

Out, Damned Spot

Fortunately, nothing is indestructible. Options available to you range from physical destruction to the same extra-strength scrubbing methods used by the U.S. Department of Defense and other tight-lipped government agencies.

Generally speaking, you have two options. The first applies to systems that are headed for the scrap heap (or, much better, raw-materials recycling); the other is for PCs that are going to be sold or donated, like the ones you're giving to the school.

If you have a PC that's too old for reuse, the quickest, most efficient, and arguably most entertaining way to deep-six its data is to simply remove the old hard drive and drill a few holes directly into its platters. It only takes a few minutes per drive, and doesn't tie up the PC for hours or days as a painstaking software solution can.

The benefit of this approach is that the likelihood of anyone recovering any data from a destroyed drive is slim to none. (By destroyed, however, we mean dematerialized; data salvage outfits such as Drive Savers routinely rescue files from merely burnt, drowned, or run-over systems.)

The con, of course, is that the drive can no longer be used. For this reason, I'd recommend doing this only with drives that are smaller than 4GB or that contain data that would be devastating in unauthorized hands.

Since you're donating your PCs to new users, physical carnage isn't a choice. What you need is a strong disk-wiping utility. Many are available, but one of the best is Darik's Boot and Nuke.

Wiping Out Ones and Zeroes

Darik's Boot and Nuke (DBAN for short) was developed by Darik Horn and works on IDE, SATA, and SCSI hard drives -- not, we should note, on USB or FireWire drives or any removable media. Once DBAN has finished with your hard drive, its master boot record, partition table, and every single sector will have been overwritten in accordance with the most stringent industry guidelines.

Be warned, however, DBAN should not be used impulsively: When it's finished, nothing short of an electron microscope and a team of computer forensics specialists will stand a chance of recovering any data. So be sure you've gotten everything you need from it beforehand.

As for cost, DBAN is 100 percent free for the download at www.dban.org/download. Two versions of the program are available. The easier option is to download the available ISO file and use it to create a bootable CD which will automatically launch the program. Please refer to your CD burning software for instructions on how to create a CD using the ISO file.

Alternatively, the program can be installed on a floppy disk or USB flash drive (sometimes called a thumb drive). You'll also find a beta of version 2.0, which offers better performance if your PC is equipped with an Intel Core 2 Duo processor.

DBAN makes use of the industry's leading drive-sanitizing algorithms (see table). These include both full and short versions of the U.S. DoD 5220.33-M; Gutmann; and Pseudo Random Number Generator (PRNG) Stream, a popular method for dealing with modern hard drives. Whichever method you choose, the more thorough the cleaning, the longer it will take to complete. As a general rule, DBAN's default erasure method, which employs the short DoD approach, will provide you with a good balance of speed and security.

DBAN Erasure Algorithm Security Level Overwrite Passes Summary
DoD 5220.33-M Medium 7 (Full), 3 (Short) Based on the U.S. Department of Defense standard
RCMP TSSIT OPS-II Medium 8 Based on the Royal Canadian Mounted Police Technical Security Standards for Information Technology in Appendix Ops-II: Media Sanitation
Gutmann High 35 Based on security expert Peter Gutmann's 1996 paper "The Secure Deletion of Data from Magnetic and Solid-State Memory"
Pseudo Random Number Generator (PRNG) Stream Medium/High 4 (Medium), 8 (High) Considered the best option for modern hard drives
Quick Erase Low 1 Quickest and least secure, best used for drives being redeployed internally

To start the process, simply insert the DBAN CD you created into your system and boot it up; at the command prompt type autonuke and press Enter. This will initialize the process leaving you with nothing else to do but wait for the procedure to complete. Although we did not run the process through to completion, DBAN estimated that our test system's 250GB SATA hard drive would take approximately four and a half to five hours to deep-clean. If you would prefer to use one of the other algorithms, simply press the F2 key at the boot command prompt and follow the instructions.

Other Ways To Ultra-Erase

If the command-line-driven interface of DBAN seems a bit intimidating to you, there are numerous alternatives. Along with a friendlier point-and-click interface, Acronis Drive Cleanser 6.0 supports many of the same wiping algorithms as DBAN as well as a few others. A free trial is available so you can sample the utility before paying its $50 price; the download link is here.

You should also be aware that if you don't need to erase an entire disk, there are file- and folder-wiping utilities that employ the same algorithms to leave you confident that documents have been destroyed beyond resurrection. Heidi Computers Ltd. offers a free open-source tool called Eraser that uses the Gutmann, Pseudo Random, and U.S. DoD methods.

Another popular program, BCWipe, offers an easy-to-use interface that, like Eraser, includes the option to obliterate a file via Windows Explorer's right-click menu. This program is shareware, which means you can download and use it for free during its 30-days trial period. To keep using it afterwards will cost you $39.95.

One final word of advice: Depending on the type of business you're in or the type of data stored on your drives, certain government bodies might have very specific guidelines with which you'll need to comply when destroying data. This is especially true for the medical industry which is governed by the Health Insurance Portability and Accountability Act (HIPAA). Severe penalties can be imposed for noncompliance, so it's a good idea to check with your local representative.

Ronald V. Pacchiano is a regular contributor to SmallBusinessComputing.com.

Your White Papers Search Results

Comment and Contribute


     

    Explore our site

    Get free tips, news and advice on how to make technology work harder for your business.

    Submit
    Learn more
     
    You have successfuly registered to
    Enterprise Apps Daily Newsletter
    • webcast video
      Microsoft Publisher Tips This video shows you how to create great-looking business brochures with Microsoft Publisher 2003.
    • webcast video
      Photoshop Tips In this video, we show you how to improve on or eliminate ugly and unwanted backgrounds.