Secure deleting files: how about this method?

Discussion in 'privacy technology' started by wiwul, Jul 10, 2017.

  1. wiwul

    wiwul Registered Member

    Joined:
    Aug 9, 2008
    Posts:
    138
    Normally, secure deleting a lot of (large) files, even 1 pass, takes much time.
    Many hours, in case of a entire HDD.

    Below is what I have been thinking of... probably a little less secure, but non-technicians/non-experts, it probably will be difficult to recover files. However things are much faster..

    1. select all files only (no folders)
    2. rename them randomly
    3. move all these files to rootfolder
    4. wipe/secure delete the source folders (i.e. where the files came from)
    5. delete all those renamed files (in the rootfolder)
    6. format

    =
     
  2. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,417
    Location:
    Slovakia
    Of course, because you are not securely deleting anything.

    You are not moving files on HDD, just changing their address, therefore steps 1-5 make no sense at all and you could just simply format.
     
  3. wiwul

    wiwul Registered Member

    Joined:
    Aug 9, 2008
    Posts:
    138
    Yes, you are right indeed: it is not 'secure' in the way that shredder tools are doing it. I agree.

    Shredder/wiping tools definitely make the files unrecoverable. Some days ago I wanted to shred all files of 2TB external drive.
    The tool calculated it would take some 10-13 hours.
    I am not an expert, but my idea is that when files are randomly renamed, folders same way and empty folder be wiped.
    I guess(!) that for the non-expert it is close to impossible 'recreate' the original filenames.
    I heard there are 'unformat' tools available - reason why I thought of the random filenames.

    But again, you are right, it is definitely not the same as wiping tools. I was trying to figure out faster, though less secure, way.
     
  4. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,836
    Location:
    the Netherlands
    In Windows XP and earlier versions of Windows, the format command does not write zeros to the whole disk when a full format is performed. 'Unformat' tools could re-built the volume.

    However, by default in Windows Vista and later versions of Windows, the format command writes zeros to the whole disk when a full format is performed. N.B. Note: full format, not quick format.
    Writing zeros to the whole disk is sufficient, and 'unformat' tools will not be able to recover information.

    Sources:
    Microsoft support: Change in the behavior of the format command in Windows Vista and later versions
    The Urban Legend of Multipass Hard Disk Overwrite
     
  5. wiwul

    wiwul Registered Member

    Joined:
    Aug 9, 2008
    Posts:
    138
    Thanks.
    Yes, I know about the full format but eh .., one might take a long weekend off as well when doing that :)
    It is amazing that in all these years nothing has been found to speed up these things. Except using a hammer or the like... Some manufacturer tool that can be started and the drive will be erased, whilst the pc is switched off.

    Well, it is as it is I guess.
    Anyway, thanks again.
    =
     
  6. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    Remember back in the day when you could LOW level format a HD using the BIOS?
     
  7. brians08

    brians08 Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    102
    The best solution to this dilemma is to start with encrypted data. If your disk is encrypted with Bitlocker or similar a quick format will erase any data that could be used to decrypt the data. Maybe some command to erase the TPM data as well (if you are using it).
    Next fastest is to pull the hard drive and smash with a large hammer.
    Another option might be to use an erase toot that does an overwrite by decimation. For example, erase sectors 1, 100, 200, etc.. then 2, 102, 202, etc... At least that way you would be erasing part of most files in a few minutes.
     
  8. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,812
    Smashing it with a hammer won't help. You can take the platter out of damaged hard drive, if it is physically broken it is possible to carefully reassemble it and retrieve some data from it.
     
  9. wiwul

    wiwul Registered Member

    Joined:
    Aug 9, 2008
    Posts:
    138
    I don't know as I never tried it... don't have an empty drive to test it,
    but what would happen if a drive is formatted using different filesystems.
    say NTFS->exFAT->Ext3->exFAT->NTFS

    =
     
  10. CHEFKOCH

    CHEFKOCH Registered Member

    Joined:
    Aug 29, 2014
    Posts:
    395
    Location:
    Swiss
    Using CCleaner or another tool and overwrite them 1x it's enough.

    But - there is a big issue with flash drives when erasing by overwriting. The problem is the "wear leveling" methods used on solid state drives, which writes in a different place each time you add or replace data. There is a full explanation and discussion at Erasing USB key Drives.

    As a workaround most tools providing a 'open space' or 'wipe free space' option.
     
  11. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    Those must be some huge files, because whenever I use CCleaner, secure file deletion/1 pass it doesn't take long at all. Of course you should uncheck "Wipe Free Space" and only do that once in awhile.

    When formatting an entire HD I use a tool "Western Digital Data Lifeguard". It works on all HD's... at least all I've tried it on, even Samsung mSATA SSD's. Even when choosing to write zeros to every sector of the drive it doesn't take more than a half hour on a 512 GB drive. I don't keep most of my data on my local HD's, just on external drives. I don't like to clutter my local HD as it slows the performance I've found. A 256 GB HD is even more than enough for me, as I have plenty of free space even with that.
     
  12. brians08

    brians08 Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    102
    Physically possible is far from reasonably practical. The only tools capable of extracting data from a broken HD platter (I'm assuming glass disk) are either scanning force or scanning electron microscopy. Both are very expensive and very slow. Unless your secrets are worth millions, it's not going to happen. If the platters are aluminum, even worse because scanning a bent and dented surface is even harder for these tools.
     
  13. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,812
    Anything is practical if there is enough incentive to do it and incentive does not always have a dollar sign next to it.
     
  14. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    I wonder why would people use all that effort to make that big of a mess for something not better than shredding. Maybe if shredding terabytes of data takes too long for some reason, but do you really need to erase all of that? Maybe if you deleted something normally in the first place, and didn't wipe free space then (or use Recuva's secure file deletion). HDD recycling centres are another story.
     
  15. brians08

    brians08 Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    102
    If you are worried about your data then Encrypt the entire HD with bitlocker, truecrypt, veracrypt, etc... Sure this takes a while but it runs in the background so you won't even notice. Delete the boot sector or volume header (takes less than a second) and the data is gone forever.
     
  16. Keatah

    Keatah Registered Member

    Joined:
    Jan 13, 2011
    Posts:
    1,029
    ..until a new unheard-of-today technology is developed.
     
  17. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499

    Wow I am way out of the loop and I did electronics for most of my life. though all hard drives were magnetic, except for the SSD's. This meant all info was stored via ones and zeros via magnetism. This meant any strong electromagnet would destroy any info on the drive. They can't use aluminum disks in a hard drive because they are not magnetic.
     
  18. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    I am not sure that is true. If you delete the 1st two sectors, all the other is intact, and even those 1st two sectors are also stored at the end of the partition and can be recovered.
     
  19. brians08

    brians08 Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    102
    Then delete the last 2 sectors as well. Even if you don't delete anything, you used a really good password right? So the only way someone will get it is to beat you with a rubber hose until you give it up...:thumb:
     
  20. brians08

    brians08 Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    102
    Yep you are out of the loop. Magnetic layer on disk platters is only a few microns thick, made of exotic elements. Most substrates are now made of quartz. That's why smashing with a hammer is so effective. The platters break into thousands of pieces making reconstruction difficult.
    As for erasing the data with a magnetic field, you would need a very strong field to erase a disk. The field strength at the tip of a write head is many times stronger than the strongest permanent magnetic you have ever had your hands on.
     
    Last edited: Aug 23, 2017
  21. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Interesting statement.

    On one of my hobby searches last year I purchased a mild strength Neodymium Magnet and it busted into slivers when too close to a metal door.

    So I went for an even stronger one and that thing attached itself to the metal of my sofa and I like to never pulled that thing off.

    Needless to say it's kept wrapped multiple layers of insulation and stored in a corner as though it's radioactive. If that magnet ever gets close to metal it's like a weld. While it occurred to test it on a HD I decided against that since it would likely throw any mechanical moving parts into permanent chaos.
     
  22. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    So you've deleted the boot stuff, but all the data is still on the drive and can be recovered. Why bother.
     
  23. brians08

    brians08 Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    102
    Not boot stuff but encryption headers. Assuming you are using a good encryption program such as TrueCrypt or Bitlocker, the header contains the 256 bit master key. If this is deleted there is no way to decrypt the data. The data is still there but it can be proven using the laws of physics that it is impossible to build a computer that is big enough or fast enough to brute force a 256 bit password.
     
  24. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    Like this article ? https://www.kjmagnetics.com/blog.asp?p=hard-drive-destruction

    Back in the day when people had cathode ray tubes in their TV's we used to use degassers to get ride of the colorful screen left behind when kids or grownups sat speakers too close to their TV screens.
     
  25. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Yeah I've run lesser magnets on those tube TV's before too. Weird stuff. But rare-earth Neodymium magnets pack a whallop.

    No doubt way too much for computer HD erasing because it would lift the data alright but also everything else in it too if you wanted to reuse it.

    What I always wanted to do was set (2) extra strength magnet discs into a large circular plastic tube and test how much weight in lbs it could support from opposing poles in that tube. Maybe still will at some point.

    Magnets are Super-tight if you get the right ones.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.