Securing Non-Critical Data by Manually Filling HD

Apologies if this question has already been answered. I did spend some time looking for it, but couldn't see it (either here or via google).

I need to take my computer to an engineer for some repair work, but don't want him prying into my private files. I understand that if I just move the files to an external hard drive (which I have done), it will still be possible to view my data on the computer. Given that I only need a cheap and cheerful solution, can I just fill the hard drive of my computer with non-private stuff and then delete most of that?

Thanks in advance for your help!

 

you can use ccleaner (if you have windows) and just overwrite the empty space with it after you have deleted private data.

 

Try Eraser or as mentioned CCleaner. Both work great. I use a DOD - 3 pass wipe but that is technically over kill as on modern hard drives there is NO way to recover data after a Zeroing out. I like to "future proof" my wipe though in case 5 years from now it's not enough. I also (working in the private sector) have to adhere to FIPS standards.

 

I have always been confused with that myself!

If a disk is formatted,HOW CAN ANYTHING BE RECOVERED

All the track and sectors have been wiped clear!


For example when i format my commodore64 disk,all the sectors are set to

"Kaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"

255 Bytes per sector..... Its gotta be the same on any disk format right?


HOW IS STUFF STILL ABLE TO BE GOTTON??

 

According to some researchers, ones and zero's, after having been wiped to zero's, can be retrieved.
For instance; '0-1-1-1-0-1' will be zero'd into (surprise!) just zero's; '0-0-0-0-0-0'.
However, researchers have claimed that the zero's that used to be ones aren't exactly 0 but can be read more like 0.001.
So that the previous pattern could be read like '0-0.001-0.001-0.001-0-0.001'.

Using a 'magnetic force scanning tunneling microscope', it's possible to 'record' these not-exactly-zero's.
Thus you would be able to have an image of 0's and 0.001's, which would in turn allow you create a file of ones and zero's which then can be 'reverse-calculated' against all the different erasing techniques (and multitude of possible outcomes) which in turn should allow you to see a/the original pattern of zero's and ones.

But that's according to some researchers.
And based on HDD's from medieval times when 100 MB was A LOT.
Modern HDD's have much higher density (compare 100MB to 500GB) which increases the difficulty of reading overwritten data enormously.
So, it's very doubtfull that it's even feasible with modern HDD's and anyway, you would need a bloody expensive microscope and a super-computer for calculations.
But read about it in a paper from Gutmann (who coined the Gutmann 35-pass); link
And read this article that says recovering 6 bits (6 BITS!), isn't exactly the same as recovering a HDD; link.

 

Also like to note that to use magnetic force scanning tunneling microscope you have to recover each bit individually. This means that recovering one character (2 bits) is twice as hard. This also means that if even one bit is off you have an entirely different character. If you use full disk encryption even one wrong character changes everything meaning the data could NEVER be recovered even with the key/password.

Zero if you need a quick secure wipe, use NSA 7 pass or Guttman if you have time for it. If using DBAN I would use the PRNG Stream with 10 passes. It's even more secure than guttman at that setting. (The data is more random as guttman uses uses a scheme like NSA and DOD.)

 

Just to insert a bit of perspective here...
Unless the computer technician is a NSA agent, he won't be taking Phil's hard drive apart and scanning it with AFM.

The main issue here is that it is impossible to remove 100% of your private data from a windows computer without formatting and reinstalling the OS.
You can use things like CCleaner etc. but there will always be some unique data scattered around the file system that could be used to learn something about the user.
If you are paying someone to work on your computer, why not wipe the drive and have him reinstall the OS? A reputable computer repair shop should include the clean OS install in the price.

 

Law Enforcement has been using these techniques on Disks for years. No repairshop technician would have the money for one though.

Technically speaking: Zeroing out data IS enough. The likely hood of being able to recover anything even with advanced Force Microscopy is slim. If you are paranoid or want to future proof it than use DOD or NSA (or PRNG Streams). This makes it truly impossible to recover data with our current level of technology.

 

I think if your able to access the disk itself AND WIPE A MAGNET OVER IT that might clear everything also.... (Then just reformat)

I have cleared my C64 disks this way.....

 

C64? You mean Commodore 64
You can't erase a modern hard disk with a hand held magnet. The magnetic field strength required is like 1000 times stronger than any magnet you could find. You would need a MRI machine with a superconducting magnet coil.

 

If you remove the magnetic shielding I think it would be enough.

 

Hey thanks for all the replies guys. I didn't think I had any replies because I thought I had posted the message so that I would be informed of replies via email, but obviously not because I've just logged in and seen all this insightful wisdom. I'm going to try CCleaner.

 

When you format it it just deletes the index entry pointing to the files. The data is still there. A quick recovery of the index.dat file with ptd and everything is back under 10 min.

OP use DBAN wipe it

bad idea

 

To receive emails, go to Thread Tools > Subscribe to this Thread.

 

What's bad about CCleaner? Or are you referring to wiping the whole disk? In which case I agree DBAN it.

 

Finally got some free time, so I downloaded Ccleaner and ran it (didn't want to use DBAN because there is non-personal data that I do not want to delete, along with various programs I want to keep). Am I right in assuming, however, that Ccleaner has not done anything about the personal data that I previously moved off the drive and that this will still be very easy to browse by tech person who is feeling nosy (just as if I had simply deleted the files from the drive and emptied the recycle bin)?

Thanks Phil