Difference between revisions of "Disk Wipe Utilities"

From Restart Wiki
Jump to: navigation, search
(Solid State Disks and Memory Sticks)
Line 6: Line 6:
 
===Safety===
 
===Safety===
 
[[File:Warning03.png|30px|left]]
 
[[File:Warning03.png|30px|left]]
::Before starting any data destruction process, double-check that it really is the right disk, and that you've copied off any valuable data you wanted to keep.
+
::Before starting any data destruction process, double-check that you've copied off any valuable data you wanted to keep, and that it really is the right disk you're about to wipe!
  
  
 
==Don't undervalue your data==
 
==Don't undervalue your data==
People often say "I haven't got any data anyone would want on my disk". You probably have.
+
People often say "I don't have any data anyone would want on my disk". You probably have.
  
Your browser may have stored login credentials to your bank, Paypal and eBay accounts, and shopping sites like Amazon. These are like gold dust to criminals, especially any sites which have your credit card on file. If, additionally, you use token or security code sent by text message to access you bank or Paypal accounts, this will considerably reduce the risk, but not completely eliminate it.
+
Your browser may have stored login credentials to your bank, Paypal and eBay accounts, and shopping sites like Amazon. These are like gold dust to criminals, especially any sites which have your credit card on file. If, additionally, you use a token or security code sent by text message in order to access you bank or Paypal accounts, this will considerably reduce the risk, but may not completely eliminate it.
  
Email and social networking login details, too, are highly prized by criminals. By impersonating you to trusting friends they can work many kinds of scam, such as getting your friends to install malware which may encrypt their files and demand a ransom for the key, or abuse their Internet connection by sending spam emails or attacking websites, and at the least, slow their computer to a crawl.
+
Email and social networking login details, too, are highly prized by criminals. By impersonating you to trusting friends they can work many kinds of scam, such as emailing them so say you've been mugged in Manila and need them urgently to send you money, or tricking them into installing malware which may encrypt their files and demand a ransom for the key, or abuse their Internet connection by sending spam emails or attacking websites, and at the least, slow their computer to a crawl.
  
 
Your emails and files may reveal personal details of yourself and your friends which can be used to facilitate identity theft or cause embarrassment.
 
Your emails and files may reveal personal details of yourself and your friends which can be used to facilitate identity theft or cause embarrassment.
Line 27: Line 27:
 
==What NOT to do==
 
==What NOT to do==
 
* Don't let a disk out of your possession without doing anything - the data on it is probably more valuable than you think.
 
* Don't let a disk out of your possession without doing anything - the data on it is probably more valuable than you think.
* Don't simply delete files. Even if you then empty the recycle bin, much of the data may easily recoverable from the free space.
+
* Don't simply delete files. Even if you then empty the recycle bin, much of the data may nevertheless be easily recoverable from the free space.
 
* Don't imagine that reformatting your disk will erase your data - most of it will probably still be there in the free space.
 
* Don't imagine that reformatting your disk will erase your data - most of it will probably still be there in the free space.
 
* Don't trust disk erase programs to erase a solid state disk (SSD) or USB memory stick - because of the way they work it's almost impossible to be sure your data really is gone.
 
* Don't trust disk erase programs to erase a solid state disk (SSD) or USB memory stick - because of the way they work it's almost impossible to be sure your data really is gone.
* Don't bother with multiple overwrites - they're a waste of time. (A controversial paper in 1996 suggested 35 passes might be needed. If it ever was, with today's drives, 2 passes is almost certainly overkill.)
+
* Don't bother with multiple overwrites - they're a waste of time. (A controversial paper in 1996 suggested 35 passes might be needed. If it ever was, 2 passes is almost certainly overkill with today's drives.)
  
 
==If the disk is destined for reuse==
 
==If the disk is destined for reuse==

Revision as of 14:52, 4 September 2015

This page describes how to reliably delete data from a disk you are disposing of for reuse or for scrap.

Summary

Modern hard disks can hold a huge amount of data, some of which is likely to be sensitive. In the wrong hands, this can be used in all manner of frauds and scams. It's therefore very important to ensure that it's put beyond recovery whenever a hard disk (or a computer containing a hard disk) leaves your possession, whether for reuse or for recycling.

Safety

Warning03.png
Before starting any data destruction process, double-check that you've copied off any valuable data you wanted to keep, and that it really is the right disk you're about to wipe!


Don't undervalue your data

People often say "I don't have any data anyone would want on my disk". You probably have.

Your browser may have stored login credentials to your bank, Paypal and eBay accounts, and shopping sites like Amazon. These are like gold dust to criminals, especially any sites which have your credit card on file. If, additionally, you use a token or security code sent by text message in order to access you bank or Paypal accounts, this will considerably reduce the risk, but may not completely eliminate it.

Email and social networking login details, too, are highly prized by criminals. By impersonating you to trusting friends they can work many kinds of scam, such as emailing them so say you've been mugged in Manila and need them urgently to send you money, or tricking them into installing malware which may encrypt their files and demand a ransom for the key, or abuse their Internet connection by sending spam emails or attacking websites, and at the least, slow their computer to a crawl.

Your emails and files may reveal personal details of yourself and your friends which can be used to facilitate identity theft or cause embarrassment.

It's a jungle out there - be prepared!

Don't over-value your data

But you don't need to be paranoid. Files which are simply deleted are often easily recovered, even if you empty the recycle bin. However, faced with simple but effective measures a criminal will quickly move on to the next potential victim, unless he has reason to believe you might be sitting on a fortune.

On the other hand, if you are a dissident living under a repressive regime or if you hold politically or commercially sensitive data that would be of interest to a state level intelligence service, then you will need to know that your deleted data really is gone for good. Even this is not difficult to achieve.

What NOT to do

  • Don't let a disk out of your possession without doing anything - the data on it is probably more valuable than you think.
  • Don't simply delete files. Even if you then empty the recycle bin, much of the data may nevertheless be easily recoverable from the free space.
  • Don't imagine that reformatting your disk will erase your data - most of it will probably still be there in the free space.
  • Don't trust disk erase programs to erase a solid state disk (SSD) or USB memory stick - because of the way they work it's almost impossible to be sure your data really is gone.
  • Don't bother with multiple overwrites - they're a waste of time. (A controversial paper in 1996 suggested 35 passes might be needed. If it ever was, 2 passes is almost certainly overkill with today's drives.)

If the disk is destined for reuse

If you really don't want to have to reinstall the operating system, the least you should do is:

  1. Delete all user files
  2. In your browser, and in each browser if you've used more than one:
    1. delete stored passwords
    2. delete all cookies
    3. delete browsing history
    4. delete bookmarks
    5. delete anything else the browser lets you delete
  3. Check all applications for stored personal information or login credentials
  4. Finally, empty the recycle bin, then VERY IMPORTANTLY, erase free space. You can do this with CCleaner. Under Tools select Drive Wiper - Wipe Free Space Only.

A much safer option is to wipe the entire hard disk. There are two popular and reliable utilities for this:

  • DBAN (Darik's Boot and Nuke). This boots from a CD in order to wipe the hard disk.
  • CMRR HDDErase. This is a DOS program that you can add to a DOS bootable CD or memory stick. It uses a secure erase function built in to all hard disks.

Neither of the above is guaranteed to wipe data from faulty sectors which have been remapped to a spare, or from spare sectors. For professional use or if you feel your life depends on it, Blancco is the preferred product. An evaluation licence is available.

After wiping, you will of course have to reinstall the operating system and all applications.

If the disk is scrap

Even if the disk is faulty and you can no longer read it, there are programs such as Spinrite which might be able to recover it. Even if not, for a 3 or 4 figure sum, a professional data recovery firm might still be able to get most or all the data off it.

Physical destruction is much the easiest and most effective way of ensuring the disk is unreadable even by a sophisticated attacker. The simplest and quickest way is to smash it with a hammer until you're sure the disk platter inside has at least got bent. If you unscrew the cover first (you may need a Torx screwdriver) you can be quite sure, though should the disk platter be made of glass you will have to take care of dangerous shards. Alternatively, take a power drill and drill several holes right through the drive, so as to ensure that at least one has gone through the disk platter itself.

Solid State Disks and Memory Sticks

The only sure way to destroy data on a solid state disk (SSD) or memory stick is physical destruction by smashing it with a hammer. Try to ensure that the chips inside are smashed, and not just the circuit board they're mounted on, as otherwise they could possibly be removed from the board in order to read them.

A reliable way to sidestep the difficulty of wiping a SSD or memory stick for reuse is to encrypt it before you write any sensitive data to it. So for a SSD which is to be your system disk, install Windows (or your preferred operating system), then apply a whole disk encryption, and only then add any sensitive data. That way, there is no chance there might be vestiges of unencrypted sensitive data lurking. Some memory sticks come with an encryption utility, but there are many encryption utilities around. Most allow you to create an encrypted "vault", which you should make big enough to fill all available space, making it impossible to write data except to the encrypted vault.

To pass a device on for reuse (whether an SSD or memory stick), simply change the password to a long random string and immediately destroy any record of that string. However, if the device becomes faulty you may not be able to change the password, so the original one must be a good one.