Disk Wipe Utilities
This page describes how to reliably delete data from a disk you are disposing of for reuse or for scrap.
Modern hard disks can hold a huge amount of data, some of which is likely to be sensitive. In the wrong hands, this can be used in all manner of frauds and scams. It's therefore very important to ensure that it's put beyond recovery whenever a hard disk (or a computer containing a hard disk) leaves your possession, whether for reuse or for recycling.
- Before starting any data destruction process, double-check that you've copied off any valuable data you wanted to keep, and that it really is the right disk you're about to wipe!
Don't undervalue your data
People often say "I don't have any data on my computer that anyone would want to steal". You probably have.
Your browser may have stored login credentials to your bank, Paypal and eBay accounts, and shopping sites like Amazon. These are like gold dust to criminals, especially any sites which have your credit card on file. If, additionally, you use a token or security code sent by text message in order to access you bank or Paypal accounts, this will considerably reduce the risk, but may not completely eliminate it.
Email and social networking login details, too, are highly prized by criminals. By impersonating you to trusting friends they can work many kinds of scam, such as emailing them so say you've been mugged in Manila and need them urgently to send you money, or tricking them into installing malware which may encrypt their files and demand a ransom for the key, or abuse their Internet connection by sending spam emails or attacking websites, and at the least, slow their computer to a crawl with useless and obnoxious apps.
Your emails and files may reveal personal details of yourself and your friends which could be used to facilitate identity theft or cause embarrassment.
It's a jungle out there - be prepared!
Don't over-value your data
But you don't need to be paranoid. Files which are simply deleted are often easily recovered, even if you empty the recycle bin. However, faced with effective yet simple measures a criminal will quickly move on to the next potential victim, unless he has reason to believe you might be sitting on a fortune.
On the other hand, if you are a dissident living under a repressive regime or if you hold politically or commercially sensitive data that would be of interest to a state level intelligence service, then you will need to know that your deleted data really is gone for good. Even this is not difficult to achieve.
What NOT to do
- Don't let a disk out of your possession without doing anything - the data on it is probably more valuable than you think.
- Don't simply delete files. Even if you then empty the recycle bin, much of the data may nevertheless be easily recoverable from the free space.
- Don't imagine that reformatting your disk will erase your data - most of it will probably still be there in the free space.
- Don't trust disk erase programs to erase a solid state disk (SSD) or USB memory stick - because of the way they work it's almost impossible to be completely sure your data really is gone.
- Don't bother with multiple overwrites - they're a waste of time. (A controversial paper in 1996 suggested 35 passes might be needed. If it ever was, 2 passes is almost certainly overkill with today's drives.)
If the disk is destined for reuse
If you really don't want to have to reinstall the operating system, the least you should do is:
- Delete all user files
- In your browser, and in each browser if you've used more than one:
- delete stored passwords
- delete all cookies
- delete browsing history
- delete bookmarks
- delete anything else the browser lets you delete
- Check all applications for stored personal information or login credentials
- Finally, empty the recycle bin, then VERY IMPORTANTLY, erase free space. You can do this with CCleaner. Under Tools select Drive Wiper - Wipe Free Space Only.
A much safer option is to wipe the entire hard disk. There are several popular and reliable utilities for this:
- CCleaner has an option for wiping an entire disk, but this obviously won't work for wiping the system disk you're running from! If you can mount the disk to be wiped on another system, either as a second SATA disk or by using a USB-SATA adapter, this is probably the easiest way.
- DBAN (Darik's Boot and Nuke). This boots from a CD in order to wipe the hard disk.
- CMRR HDDErase. This is a DOS program that you can add to a DOS bootable CD or memory stick. It uses a secure erase function built in to all hard disks.
None of the above is guaranteed to wipe data from weak or faulty sectors which have been remapped to a spare, or from used but disused spare sectors. For a SSD, read also the later section on Solid State Disks and Memory Sticks.
For professional use or if you feel your life depends on it, Blancco is the preferred disk wipe product. An evaluation licence is available.
After wiping, you will of course have to reinstall the operating system and all applications.
For a Mac running OS X
For a Mac, the same principles. After emptying Trash, the Erase Free Space option in the OS X Disk Utility can be used instead of Ccleaner. This is can also be invoked from the repair partition or the install media. Both DBAN and HDDErase should work provided you can get them to boot. Even if not, you can remove the hard disk and temporarily install it in a PC to wipe it (taking great care not to wipe the PC's own hard disk by mistake!)
Yosemite and later support full disk encryption, which ideally you should enable before loading any sensitive data. A recovery key can be uploaded to iCloud or displayed so as to write it down for safe keeping. If you change the password to something random, destroy any temporary record of it, and ensure there is no hard copy or iCloud copy of the recovery key your personal data should be safe, but you can run DBAN or HDDErase as well if you like.
If your Mac has a SSD then read also the section later on Solid State Disks and Memory Sticks.
Smartphones and Other Gadgets
Smartphones may contain just as much personal information as a computer. Even a feature phone will contain many of your contacts and possibly email addresses and appointments. A GPS will contain your favourite places and details of recent journeys. Restoring to factory settings will hide these from an opportunist but much or all of the information may still be recoverable with forensic tools, which criminals may well be in possession of.
Later versions of iOS and Android include encryption, which you should enable from the start. Restoring to factory settings should then be effective, but even so, if you're worried you might want to finish the job with a hammer!
If the disk is scrap
If the disk is faulty and you can no longer read it, there are programs such as Spinrite which may still be able to recover it. Even if not, a professional data recovery firm might still be able to get most or all the data off it for a 3 or 4 figure sum.
Physical destruction is much the easiest and most effective way of ensuring the disk is unreadable even by a sophisticated attacker. Newer drives have platters made of glass. Slam the drive violently against a concrete surface, and if you can then hear pieces of broken glass rattling about inside it, your job is done. For older drives or if this doesn't work, smash it with a hammer until you're sure the disk platter inside has at least got bent. You can unscrew the cover to be sure (you may need a Torx screwdriver), though if you shatter a glass platter with the lid off there is a serious danger of injury from flying glass. Alternatively, for older drives with aluminium platters you can take a power drill and drill several holes right through the drive, so as to ensure that at least one has gone through the disk platter itself.
Solid State Disks and Memory Sticks
The only sure way to destroy data on a solid state disk (SSD) or memory stick is physical destruction by smashing it with a hammer. Try to ensure that the chips inside are smashed, and not just the circuit board they're mounted on, as otherwise they could possibly be removed from the board in order to read them.
If you want to reuse a memory stick or memory card and only need to protect your data against an opportunist adversary, you can do a reasonably good job by deleting all files and then running the Windows utility H2testw. Select the English language radio button (unless you speak German), select the target as your memory stick or memory card, and click Write+Verify. This will overwrite all free space, but even so, it is still possible that forensic tools could recover fragments of data.
A reliable way to sidestep the difficulty of wiping a SSD or memory stick for reuse is to encrypt it before you write any sensitive data to it. So for a SSD which is to be your system disk, install Windows (or your preferred operating system), then apply a whole disk encryption, and only then add any sensitive data. That way, there is no chance there might be vestiges of unencrypted sensitive data lurking. Some memory sticks come with an encryption utility, but there are many encryption utilities around. Most allow you to create an encrypted "vault", which you should make big enough to fill all available space, making it impossible to write data except to the encrypted vault.
To pass a device on for reuse (whether an SSD or memory stick), simply change the password to a long random string and immediately destroy any record of that string. However, if the device becomes faulty you may not be able to change the password, so the original one must be a good one.