Hello, I have some old electronics that I plan on selling and/or trading in and want to insure that all of my data is securely off before doing so. I know that people often purchase used electronics with the intent of extracting hard to reach data that the previous owner thought was permanently deleted. I have factory reset all of the devices, but I know that simply doing that is not enough to prevent a motivated thief with forensic tools from extracting some data. What are the tools and techniques you deploy when in this situation? My devices range from PC's to Android Phones and Tablets. An article I read recommended Cybercide, Eraser, DeleteonClick, or KillDisk. I have also read about Privazeer on this forum. Thank you for your help!
Use plain old Unix command (it is present in Gnu/Linux, *BSDs and maybe macOS) dd to wipe you HDD/SSD. You only need one, complete pass of overwriting to delete everything you can. SSDs are reallocating a lot of data, but you don't have access to cells marked as wear out anyway. Maybe secret services have modified firmware for SSD to extract that data. If your adversary is some secret service, it is better to phisycally destroy HDDs, SSDs. Code: # dd if=data_source of=/dev/sd"X" bs=sector_size On Arch Gnu/Linux wiki you can read more, but IMHO they recently slightly overcomplicated that article. https://wiki.archlinux.org/index.php/Securely_wipe_disk
I appreciate your response and the wiki. The information is slightly above my level of understanding and I do not use Linux/Unix yet. Ill graduate to it sooner or later but in the meantime I use Windows & Android OS. I'm looking for a recommendation of a user friendly program designed for Windows that will keep my data safe from would be ID thief's. I'm not worried about adversaries beyond that.
Just keep in mind overwriting several times the same place on HDD, SSD is a waste of time. In SSD case it wears out cells reducing it's lifespan without any benefit.
HDDs on PCs are easiest to deal with. Just overwrite the entire disk with garbage. There are Windows tools for doing that. Sure, determined adversaries could maybe read data from inter-track space. And there could be hidden areas. But not likely. SDDs on PCs are harder. Because of all the background block rotation to balance wear, and the swapping of bad blocks for spare ones. HDDs do stuff like that, but it happens rarely. And for SDDs, it's part of normal operation. So once blocks are no longer in active use, there's no way to erase them. So determined adversaries, with tools for low-level access to NAND chips, could extract some data from an overwritten drive. With iOS, the best approach is probably setting the device's password, and forgetting it. Then reinstall the OS. Any iCloud backups would be associated with the account, not the phone, right? Is that a workable solution for Android devices? I presume that there are apps for that. Maybe better if you root the device first. But then there's the risk of bricking it, so OS can't be reinstalled. Or at least, I've managed to brick Android devices
I didn't seen any evidence of reading from inter-track space on modern HDDs. Maybe even NSA don't have tools for that after one pass of overwritting data. Because of bad blocks there are reallocation mechanisms on the HDD, too. I think this reallocation is the only valid concern. Fortunately reallocation occurs at the much lower (orders of magnitude) rate than SSD. If somebody wants to put sensitive data on HDD and then be able to sell HDD without that data being recoverable even for NSA - encrypt all HDD before putting sensitive data. Use HDD for several years. Then overwrite all data - it can be just one pass. Congratulations you can securely sell your HDD to NSA. Even reallocated data are not recoverable at this point - at least if you do not shared encryption/decryption key online.
Thank you @mirimir for your contributiion. Helpful as always! I didn't know SSD's had such a hard time erasing data. It kind of makes sense though because to properly wipe anything , whether it's a drive or a desk you're going to need some movement. If it's my dirty desk were speaking of then even more is required - elbow grease!
It's rather like the fundamental storage layer in SSDs is so flaky that they have this elaborate system to make sure that nothing gets lost. With lots of extra space. Like 40% for quality SSDs, as I recall. So it's hard to delete everything.
Yes. They're obviously faster. And more reliable, it seems. But they're also harder to wipe completely.
I'd heed the suggestion to encrypt from the outset, it sidesteps so many problems, and sometimes, you can't erase downstream because of device failure. One thing that really peeves me is that modern operating systems - including Linux - refuse to delete things - I see no reason at all why deleted files should not be shredded in the background for example, if you toggle a setting. I realise there are tools for such, and privacy involves way more than that, but even so.
Even if OS would shred file, you can't be sure there is not another copy of that. Programs use cache, tmp directiories. OS use swap files, swap partitions (yep, they can be encrypted). Performance degradation (especially on HDD), much more wear out (especially SSD) sectors/cells without being certain it is going to help. Encrypt or overwrite all data on device or even better do both.