Securely erase individual files

As I might have previously mentioned1) 2), pressing “delete” in Windows (or on Linux or Macs) does not remove the file from the hard drive. The only thing that happens is that in the big list of files, the entry for that file is removed, so that the operating system knows that if it wants to, it can go ahead and write to the place on the hard drive where that file used to be stored. Now, you can wipe the entire hard drive if needed, but is there any way of securely removing individual files?

Short answer: No.

For the long answer, read on below.

Long answer: Nooooooooooooooooooooooooooooooooooooooooooo.

The problem with most operating systems is that they are generally designed with eye candy, simplicity, ease of use, robustness or speed in mind. Security has never really been prioritized1)

There ARE tools for the secure deletion of files. Eraser is one such tool (and there are many more). Eraser wipes the blocks that your file occupies multiple times.

The problem is that your data may well live in other places aside from the designated blocks on the hard drive. If the data was read by a process that is paged, your page file may contain a copy of the data. If the filesystem layer decided to move your data around on the physical disk for some reason then the original location will not be overwritten. If you’re using a journaling file system, your data was probably written to the journal before going to the final blocks. If you’re using an applications such as MS Word, multiple temporary doc-files may be spread out all over your disk. These temp-files are never overwritten, only “deleted”. Many temp-files are also never even deleted automatically.

Wiping the “empty space” is a first step. Eraser has such an option. But wiping empty space will only remove deleted temp-files and moved files. Your information might still be in the page file, in your Journal or even in temp-files that have never been deleted.

There is no 100% guarenteed method to delete individual files. There are good methods and not-so-good methods but none that are NSA-proof. The only way to be sure is to take off and nuke the entire site from orbit.

1)  Yes, there are operating systems that are more focused on (different aspects of) security than others. Like Windows Vista, for example – the most secure operating system ever! Seriously, though, the i5/OS comes to mind. So does Anonym.OS (although it leaves much to be desired regarding stability). And OpenBSD isn’t crappy either.

Advertisements

1 Comment

Filed under hard drive wiping, NSA, operating systems, security, software, Windows Vista

One response to “Securely erase individual files

  1. Bill Adler

    We have had great success with the CyberScrub line of file deletion and hard drive erasure and sanitization products for wiping and overwritting our data http://www.cyberscrub.com

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s