Why Wipe Data Securely?

Whether you are preparing to reuse a hard disk for another operating system, clear off your junk shelves by passing along outdated drives to a friend or relative, donate an old PC to a charity or school, discard a too-small USB drive or flash memory card, or repurpose an SSD, you don’t want to leave any information on the storage device. With stories abounding of identity theft aided by information lifted from discarded storage devices, you want devices you no longer plan to use to have no usable information when they head out the door.

Why Erasing Files Is Not Enough

Sure, you could erase the contents of the drive, but keep this in mind: the act of erasing a file does not remove it from a storage device.

When you erase/delete a file from your computer, it’s not really gone until the areas of the disk it used are overwritten by new information. If you use the normal Windows delete function, the “deleted” file is sent to the Recycle Bin until the space it uses is required by other files. If you use Shift-Delete to bypass the Recycle Bin, the space occupied by the file is marked as available for other files. However, the file could be recovered days or even weeks later with third-party data recovery software. As long as the operating system does not reuse the space occupied by a file with another file, the “deleted” file can be recovered.

With SSDs, the erased file situation is even more complex. SSDs store data in blocks rather than in sectors as with magnetic storage. Overwriting a block was previously used involves copying the contents of the block to cache, wiping the block’s contents, delete the block to be overwritten from cache, writing the new data to cache, and rewriting the block with the new data. As an SSD is used with files that are deleted or changed frequently, the performance can drop unless the drive (and operating system) support a technology called TRIM that wipes out deleted data blocks as soon as the file using the blocks is deleted. TRIM is supported by Windows 7 and by some late model SSDs, but not by older Windows versions. So, disk wiping can be both a security feature and a performance improvement strategy.

Data Wiping Versus File Erasure

While erasing files simply marks file space as available for reuse, data wiping overwrites all data space on a storage device, replacing useful data with garbage data. Depending upon the method used, the overwrite data could be zeros (also known as “zero-fill”) or could be various random patterns.

Products that can be used for wiping hard disks might not be suitable for wiping other types of drives. In this article, we will look at methods for securely wiping hard disks, USB flash memory devices, flash memory cards, and SSDs.

Zero-Fill a Hard Disk

Time Needed: several hours (varies with size and speed of drive)
Software: Hard disk utility software from your drive vendor
Media: blank CD or floppy disk

Although writing zeroes across the entire hard disk surface (aka “zero-filling”) is not sufficient to meet government data sanitation (disk wiping) standards such as DoD 5220.22-M or the more comprehensive Standards and Technologies (NIST) Special Publication 800-88, overwriting the entire hard disk prevents most types of data recovery from being successful.

Here’s where to get zero-fill software from hard disk vendors:

Hitachi
Drive Fitness Test (see website for specific models supported)
http://www.hitachigst.com/hdd/support/download.htm#DFT
Select the Erase Drive feature to zero-fill your hard disk

Samsung
HUtil (see website for specific models supported)
http://www.samsung.com/global/business/hdd/support/utilities/Support_HUTIL.html
Use Tool, Erase HDD to zero-fill your hard disk

Seagate (including Maxtor)
SeaTools for DOS (see website for specific models supported)
http://www.seagate.com/www/en-us/support/downloads/seatools
Use Full Erase to zero-fill your hard disk

Western Digital
Data Lifeguard Diagnostics (select drive model for specific version recommended)
http://support.wdc.com/product/download.asp?lang=en
Use Write Zeros to drive to zero-fill your hard disk

1.    Determine the brand and model of hard disk you want to overwrite.
2.    Download a CD ISO image or a floppy disk image (depending upon your equipment) and use the image to create bootable media. The floppy disk image is self-contained: run it, insert a blank floppy disk when prompted, and the image is created on the disk. You will need to use a CD burning program that works with ISO images to convert the ISO image into a bootable CD.
3.    Restart your computer with the bootable media you created in Step 2.
4.    Select the hard disk to zero-fill when prompted.
5.    Choose the option to zero-fill the hard disk.

6.    When the program is finished, follow the on-screen instructions to shut down or restart your computer.
7.    Remove the wiped hard disk; you can now reuse or recycle the hard disk.
Secure Wiping a Hard Disk

Secure wiping goes beyond zero-fill operations, and provides an extra level of security. Most secure wiping programs are designed to meet DoD 5220 standards, which require three passes of overwriting with a special numeric pattern and verification. More information about this and other secure standards are available from the DataErasure website.

(Note that the 2007 revision of the Defense Security Service, Updated DSS Clearing and Sanitization Matrix (June 28, 2007)  now recommends degaussing or drive destruction for maximum protection.

Stanford University's Disk and Data Sanitization Policy and Guidelines, a must-read for understanding data wiping issues, recommends Darik's Boot and Nuke (DBAN) for secure hard disk wiping.

Secure Wiping a Hard Disk with DBAN

Time Needed: several hours (varies with size and speed of drive)
Software: Darik's Boot and Nuke (DBAN); available from http://www.dban.org/
Media: blank CD (all versions) or floppy disk (version 1.0.7 and older versions)

1. Download the DBAN boot image ZIP file (we used version 1.0.7 and beta version 2.0 for this article); we downloaded the ISO image for CD burning, but a floppy disk builder is also available
2. Extract the contents of the compressed file.
3. Burn the ISO image file extracted in Step 2 to CD; see our article on how to do this, or use the built-in ISO CD image burning support in Windows 7. If you downloaded the floppy image builder, run the program to create a bootable floppy disk.
4. Restart the computer using the CD or floppy disk created in Step 3.
5. Press Enter to run DBAN in interactive mode.
6. Use up and down arrow keys to highlight the drive to wipe.
7. Press the space bar to select the drive.
8. Press M to select the wiping method.
9. Press F10 to begin the wipe process.

10. At the end of the process, shut down the system. You can reuse or recycle the wiped hard disk.

Note: if DBAN is unable to recognize your SATA hard disks, configure your system BIOS to use IDE mode rather than AHCI mode.

Wiping Flash Memory Cards and USB Drives

Programs such as DBAN or vendor-supplied hard disk utilities are limited in the devices they support: they are designed to work with internal ATA/IDE or SATA hard disks only. Programs that work with flash memory cards and USB flash drives often support hard disks as well, enabling you to use a single program for all disk wiping processes. Roadkil's DataWipe can be used with any hard disk, floppy disk, or flash drive that has a drive letter.

Wiping Flash Memory Cards with Roadkil's DiskWipe

Time Needed: Varies; from a few minutes to several hours, depending upon size and speed of drive and computer
Software: Roadkil's DiskWipe, available from http://www.roadkil.net/
Media: Can be run from Windows desktop

1. Download Roadkil's DiskWipe.
2. Extract the contents of the compressed file.
3. Open DiskWipe. If you are running Windows Vista or Windows 7, right-click the program icon and select Run as Administrator.
4. Select the drive to wipe.
5. Select the type of wipe to perform; DiskWipe can zero-fill the disk or write random data.
6. Enter the number of passes.
7. Click Erase to start the process.

8. At the end of the process, close the program. You can reuse the wiped disk.

Wiping SSDs

To solve write performance problems on drives that don't support TRIM (check with your drive vendor for firmware upgrades) is to use wiper.exe (included with some SSDs) or to run the Secure Erase feature supported in most recent ATA/IDE and SATA drives. The Secure Erase feature can be activated on many systems by running Secure Erase 4.0 (HDDerase.exe), available from http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml. Version 4.0 works with most recent ATA/IDE and SATA hard disks and SSDs, but if you use an Intel X-25M, X-25E, or X-18M SSD, follow this link to download Secure Erase 3.3 http://www.iishacks.com/index.php/2009/06/30/how-to-secure-erase-reset-an-intel-solid-state-drive-ssd/.  Note that it is no longer being developed, and we were unable to use it on a system running an AMD 690 chipset.

 

Wiping Drives and Free Space with SDelete

SDelete is a free program from Microsoft’s TechNet Sysinternals collection. It runs from the command line, and can be used to wipe drives, wipe files, or wipe free space.

Time Needed: Varies; from a few minutes to several hours, depending upon size and speed of drive and computer
Software: TechNet Sysinternal's SDelete, available from http://technet.microsoft.com

Media: Can be run from Windows desktop

1. Download SDelete.
2. Extract the contents of the compressed file.
3. Copy sdelete.exe to c:\windows\system32\ (this will enable you to run it from any location)
4. Open a command prompt session with Administrator rights.
5. To wipe all files on drive X: and its subdirectories and to wipe free space, enter Sdelete  -p 2 –s  -z X:\*.*  (to see all command-line switches, enter Sdelete with no options)
6. Wait; the program displays status messages as it runs. When the program is finished, you can reuse or dispose of the drive.

Evaluating the Effectiveness of Disk Wiping Programs

We used demo versions of two popular data recovery programs to evaluate some of the disk wiping programs discussed in this article. To determine whether a typical data recovery program could recover files on a SD card wipe with Roadkil’s DiskWipe, we first of all formatted the card using a card reader. Ontrack's EasyRecovery Data Recovery (available from http://www.ontrack.com) had no difficulty finding folders and files to retrieve.

However, when we used DiskWipe to wipe the drive using a one-pass blank disk (zero fill) operation, EasyRecovery DataRecovery was unable to find the file system, let alone any files or folders.

After reformatting the card, taking a few photos, and deleting the photos, EasyRecovery Data Recovery was able to find the new photos, but the contents of the card before running WipeDisk were unrecoverable.

To evaluate SDelete, we used SDelete to wipe all of the files on a hard disk, but omitted the –z switch; when –z is not used, SDelete deletes files and renames them, but does not clear free space. To determine what might be visible, we used a demo version of Disk Doctors NTFS Data Recovery software, available from http://www.diskdoctors.net.

Disk Doctors were able to locate the deleted folder and Outlook Express message folders, but SDelete had renamed them from their original names and DBX extensions (Outlook Express message folders). If you use SDelete, it’s very important that you take time to use the –z switch to clear free space on the disk (once a file is deleted, the space it occupies is free space).

We also used Disk Doctors to evaluate the effectiveness of a freeware program called Eraser, which can delete and overwrite files and folders from the right-click menu.  We created a documents folder with a subfolder called Figures and used Eraser to overwrite the folder and subfolder using its default settings.

Disk Doctors was able to locate the folders, but the contents are files with garbage names and are zero bytes in size – except for leftover word processing temporary files (files that begin with $). These filenames were not changed, which could enable a snooper to figure out the names of the files in the folder – although the files themselves were destroyed. By using more overwrites or different methods available with Eraser, a more thorough wiping may be possible

Conclusion

We’ve highlighted a variety of free ways to protect data on castoff drives from being retrieved. As you can see, your best bet is to overwrite data directly, but you also might want to consider using a program such as SDelete to scramble filenames first and then use a disk wiper such as Eraser or WipeDisk to finish the job.

Use demo versions of data recovery programs such as Ontrack Easy Recovery Data Recovery, Disk Doctors Data Recovery (various editions for NTFS, FAT, and flash media), and others to evaluate the effectiveness of your data wiping procedures. Remember, the full versions of these and other data recovery programs can save your data if you accidentally format or partition a disk because, until the data is overwritten, it’s still there.

A 35-year-old Canadian who uses a wheelchair has been beaten violently in Sydney, Australia, and is hospitalized in serious condition, according to police reports.

A Canadian diplomat with extensive experience in Afghanistan says she raised the possibility that detainees transferred from Canadian to Afghan custody were at risk of torture back in 2005, but her concerns were ignored.

Three U.S. hikers who were detained in Iran have spoken by phone with their relatives for the first time since authorities jailed them more than seven months ago, the hikers' families said Wednesday.

The beleaguered panel investigating global climate change has found an outside group to review how it writes its reports.

A documentary producer who interrupted a director's Oscar acceptance speech Sunday night says she was the one who was "big-footed" on stage.

Indonesian counterterrorism authorities won international praise on Wednesday, one day after killing a top-ranked Southeast Asian militant wanted for planning the deadly 2002 Bali bombings.

Catholic bishops in the Netherlands have announced an independent investigation into allegations of child abuse by clergy, widening a scandal that already touches countries including the United States, Ireland, Germany and Austria.

An anonymous reader writes "Philippe Dauman, Viacom CEO and President, announced today that Harmonix is currently working on the next Rock Band game, Rock Band 3, due for release Holiday 2010. 'The company is pursuing the game in spite of an industry-weakening decline in the once-booming genre of peripheral-equipped music games. Although the franchise has generated over $1 billion to date, the category in general saw sales contract by as much as half throughout 2009. MTV Games parent Viacom also saw Rock Band declines drag on its balance sheet in its last fiscal quarter, and expressed a need to refocus away from pricey peripherals in favor of software. It also said that due to royalties it would need to be more "selective" about track listings, and that it needs more support from the music industry in that department.'"

Read more of this story at Slashdot.

A California jury recommended Tuesday that a man who once appeared on "The Dating Game" be executed for the murders of four women and a child.

A-23-year-old American activist stands in front of an Israeli bulldozer in Gaza. The bulldozer drives over her, crushing her to death. These are the facts.

Visibility and personnel savvy wil be key to "Jumpman"'s success as in his new role as a full-fledged NBA owner.

America's defense chief thanked Afghanistan's soldiers for their service during a tour of a training camp Wednesday as Iran's hardline president arrived in Kabul with a pledge to purge "occupying forces" from the troubled land.

daria42 writes "The Electoral Commission in the Australian state of Victoria has made plans to expand its use of electronic voting kiosks based on Linux in the next state election in November of this year. But it appears to be a little confused: the documentation states it will be using the '2.6 kernel/Gentoo release of Red Hat Enterprise Linux.' Huh?"

Read more of this story at Slashdot.

The archdiocese of Denver, Colorado, is defending its decision not to re-enroll two children in a Catholic school in Boulder next year because their parents are lesbians.

A new poll suggests that Canadians see substantial benefits from the 2010 Olympic Games for Canada, for B.C. and for the city of Vancouver.

Be still, our beating hearts. No seriously, be still. We’re sure that headline’s got your head swimming with dreams made real and wishes fulfilled, but we’re going to send all of that crashing down around you with one phrase: browser-based MMO. Heart sinking yet? No? Ok, try this one on for size: a list of the games developer Bigpoint Games has headed-up. Recognize any of them? Yeah, us neither. Which is not to say we’re writing this one off completely – quite the contrary, in fact. But neither are we getting our hopes up too high. For now, though, Bigpoint’s description of the game is certainly speaking our (extremely geeky) language.

“Players will be able to choose to play as cylons or humans in a constant struggle to control the universe or just survive its perils. A blend of tactical space combat, exploration, and mission-based gameplay will provide a diverse experience. The dramatic missions will define the game's overall storyline, enabling the player to delve into mysteries of the Battlestar universe.”

“Battlestar Galactica Online will create a new standard for web games, with beautiful 3d graphics and innovative game mechanics bringing a new level of game play to browser based MMOG. Assets from the television production will be integrated into the game to deliver an even more authentic experience.”

Bigpoint’s definitely not lacking ambition, but it remains to be seen if the developer can pull it off. We don’t know about you, but we’ll certainly be praying to the Lords of Kobol that BSG Online’s more fun than a game of Pyramid on a non-irradiated Caprica. And if you understood any of that last sentence, we’re pretty sure you’ll be doing the same.

Hey there, beleaguered Battlefield Bad Company 2 players. Feel like you’ve been tricked into paying to be part of an extended beta test? Well, sad to say, the storm’s not over yet. At 12 PST tonight, EA brought the servers down yet again for more maintenance. This comes, of course, after a weekend of more ups and downs than a botched entry of the Konami Code. But, if it’s any consolation, there is a silver lining to your sufferings.

“PC currently has more people playing and are in game servers than both the consoles,” said associate producer Gordon Van Dyke.

Don’t break out the confetti just yet, though. We’ve won the battle, sure, but we haven’t quite won the console war.
 
“The PC had more players than either console not more than both consoles combined,” Van Dyke added. “You'll need to work to beat both consoles’ combined effort.”

Still though, that’s certainly something. See, publishers? If you build it with PC gamers in mind, they will come. So learn from EA and DICE’s example – well, minus the server part, obviously. And speaking of servers, maybe Ubisoft might be willing to take a few pointers from DICE once it gets out of this DRM-heavy rebellious phase. We sure hope so, anyway.

The Conservative government was focused on communications as it tried to deal with the growing questions about the treatment of Afghan detainees back in 2007, a document obtained by CBC News indicates.

Why would a gay politician vote against gay rights?