Secure Data Destruction
Today we are covering an unusual topic that’s quite the opposite of what we’re usually writing about. In this article, we’ll discuss methods and issues of full, complete, secure and irreversible data destruction. Delete in a way that would make recovery impossible even using special programs and hardware solutions.
- Why Deleting a File Doesn’t Cut It
- Formatting the Disk: Still Not an Option
- Tools for Securely Destroying Information
- Throwing Away CD/DVD Discs
- Questions and answers
If you read articles previously published on this Web site, you already know that merely deleting a file in Windows means nothing. Whether you use the Recycle Bin or not, the actual content of the file is never destroyed (with the exception of SSD drives; more on that later). Instead, Windows simply marks a record pointing to that file as “deleted”, allowing other applications to claim disk space previously used by that file. However, while the newly released space has not yet been occupied by other data, one can easily recover the original file by using a fairly simple undelete tool (e.g. the very inexpensive Hetman Uneraser).
Thus, securely destroying information remains a vital issue for many organizations.
The very existence of tools such as Hetman Partition Recovery gives a pretty good hint that even formatting the logical volume is not irreversible. Indeed, formatted hard drives, USB flash devices and other storage media (with possible exception of SSD drives) does not destroy actual information stored on the disk. By using one tool or another, the user can reliably recover almost everything from formatted disks and partitions.
Of course, there are exceptions to this rule. For example, Windows Vista and Windows 7 will physically overwrite the content of the disk, filling sectors with zeroes if the user performs a full format operation. Earlier versions of Windows didn’t overwrite disk content even during the full format; instead, the format tool was merely reading the sectors in order to check for bad sectors.
In order to securely and irreversibly destroy information from the disk, it’s essential to overwrite the actual content of the file with new information. In fact, the entire issue is so big it’s impossible to cover in a single article, but generally there are tools that can shred files, wipe free disk space, or do both. Note, however, that simply filling data with zeroes (as in formatting the disk) is not considered secure by the US military security standards.
Typically, information is considered securely erased when the actual disk sectors containing the data are filled with random data generated in a cryptographically sound way. Military standards demand several passes of overwrites with different random data, but for most practical purposes a single pass is more than enough.
That said, you can easily destroy existing files with a multitude of free software tools known as “file shredders”. Search Google for “secure file delete” or similar, and you’ll get links to dozens, if not hundreds such tools.
Wiping free space can be done with similar tools. Most free file shredders won’t be able to do it, but there is no lack of utilities that can fill free disk space with random content.
It must be noted that such methods work only for traditional magnetic drives that make accurate addressing of physical drive space possible. In case of SSD drives, this principle doesn’t work and deletion of data on them is a separate and fairly unexplored topic.
If you’re about to throw away one or more optical discs such as CD, DVD or Blu-ray, you may be puzzled on what’s the best way to reliably destroy their content. Physically destroying the disc is the easiest and safest way so far. Many office shredders are capable of slicing CDs/DVDs into pieces. There are also dedicated DVD/CD shredders; Amazon.com is one place that has a great selection of such devices.
There are different types of shredders. Some will cut the discs into slices (for home and light office users four slices are secure enough; thinner cuts are available for those with major security concerns).
Other types of devices are drilling holes in CD/DVD media to make them unreadable. While you can repeat the process with a handheld drill, this is considered a less secure way to destroy information as the discs can still be partially read in specialized devices.
Thermal destruction (melting) is an efficient but rarely used in home/office conditions way to destroy optical media.
On a separate note, we’d like to mention the manufacturers of secure data storage devices. DataTraveler and Silicon Power offer USB drives that store data in an encrypted form. To make access to such data impossible, it is sufficient to delete the encryption key.
Finally, never ever try breaking the disk with your hands. While you can technically break it into pieces, you can cut yourself easily, and a multitude of small sharp pieces will spray around the floor.