Achieving Geek Shui: Secure Data Deletion

September 22, 2009 - By Justin E. Gehrke

Congratulations! You either bought or are going to buy a new computer. Of course, you’ll need to backup and migrate important files, browser favorites, emails, and other data from your old computer to the new one. Once you’ve done this and verified all the data is present and accessible on the new computer, you can throw away, donate, or sell the old one, right? Wrong. Ensuring that personal files and data are securely deleted prior to disposing of the old computer. What do you mean delete the data. “When something is deleted from the hard disk and the recycle bin is emptied, it’s gone.” This is a falsehood that most people unfortunately do not understand. Simply deleting a file and emptying the recycle bin does not remove it forever. Fragments of the file or files remain in pieces, scattered throughout your hard drive. In general, reformatting a computer’s hard disk before disposing of it is a fairly safe way of protecting yourself. In today’s day and age, though, most computer users have files which contain personal information, such as names, social security numbers, bank account information, and more. The sensitivity of this data and the possibility that others may use it to steal your money or entire identity make it imperative that you ensure it really is deleted forever. (Note: To be clear, though, this is not intended to encourage the malicious deletion of another user’s data or circumvention of local, state or federal laws. Remember that the procedures or tools mentioned in this article are basic, publicly-available tools. This does not mean that the FBI, CIA, NSA, or other law enforcement agencies do not possess data recovery tools that are more robust than the deletion ones mentioned here.)

Since most users are normal people, with normal lives and normal data, you only need a few basic tools to ensure data is securely deleted. As a user, your main requirement is a tool that doesn’t just reformat the hard drive or delete the data. You want one that deletes and, then, overwrites it with 0’s and 1’s, one or multiple times. What does this mean? Think of your data like a jigsaw puzzle of a cute puppy. Deleting breaks the files into pieces and scatters them around.(Geek Shui Translation: You break apart the pieces from each other and mix them up.) Overwriting deleted files with 0’s and 1’s makes them harder to put back together. (Geek Shui Translation: Once you have the pieces broken apart, you randomly spray the top of the pieces with red and blue spray paint.) Finally and depending upon the sensitivity of the data and amount of time you have, you repeat the process of overwriting with 0’s and 1’s three, ten, or thirty-five times. (Geek Shui Translation: You again mix up the painted puzzle pieces, repaint them, and repeat the same process as many times as desired.) The result of the process, as a whole, should ensure that the average snoop or criminal cannot put your puzzle back together and have the satisfaction of seeing your cute puppy.

So what do you use to securely delete your data? Well, it depends on the operating system you use and the amount you are willing to spend on a software you may use once every three or four years. If you’re a Mac user, the Tiger and Leopard Operating Systems provide you with a built-in disk utility that will allow you to securely erase your data by overwriting it with 0’s and 1’s. For other operating systems, such as Microsoft Windows, there is no built-in support available, which means you will have to find a third-party tool or software. In the past, I have employed Webroot’s Windows Washer (Link). It is a tool that installs on Windows operating systems and allow you to securely delete data as you compute. It also provides the capability to create a bootable wipe disk, to effect the procedures outlined here. Geek Shui Living has tested the effectiveness of Windows Washer in the past. First we deleted files from a hard drive and emptied the recycle bin. We rebooted the computer with a recovery software called ERD Commander (Link), which was recently acquired by Microsoft. Running the file recovery utility we were able to recover not only the files we had just deleted (including their file type/extension). Those files could then be restored, in their entirety. Next we wiped a disk with the bootable, Windows Washer Wipe Disc and chose to overwrite the hard disk, three times, with with 0’s and 1’s. After that, we booted the computer using our ERD Commander disc. Using the file recovery utility, all we were able to recover were extension-less pieces of 0’s and 1’s. No useful data or, for that matter, any files with actual names could be recovered.

This is not to say that our tool of choice is the only or best tool of its kind. Basically, you are looking for a tool that will allow you to boot the computer from a CD/DVD (with the software on it). Once it boots successfully, most deletion tools will list the available hard disks. From there it will provide you with options such as erase, erase & overwrite once with 0’s and 1’s, or erase & overwrite multiple times with 0’s and 1’s. Again, the number of times depends upon the sensitivity of the data. In general, the U.S. Department of Defense requires at least three overwrites. The National Security Agency (NSA) specifies seven times as a safe minimum. Those with extreme paranoia can use the Gutmann Algorithm, which overwrites the data 35 times. (Note: The length of time it takes to complete each “pass” of the wipe, is primarily dependent upon the size of your hard disk.) The Free Country website (Link) provides (among many other topics) a list of free tools that can be downloaded and used to wipe your computer’s hard disk. (Note: Geek Shui Living has not tested or endorsed any of the free tools listed. Users should always thoroughly research their choice, ensure they have up-to-date antivirus definitions, and scan all downloads, prior to opening or using them.) For those who prefer the safety of buying software off-the-shelf, from a commercial vendor, websites, such as Amazon.com (Link) are good places to search and compare options, before you buy.

The purpose of this article is simply to educate computer users on the dangers of undeleted, sensitive data, as well as to provide tips to protecting their personal information. Through the general process described above, data is really deleted…permanently! Accordingly, we would be remiss not remind you that you should not employ these tools or procedures unless you are absolutely, positively, 100% certain that you will not need the data, for the rest of your life. Barring some unforeseen intervention by a national or international law enforcement agency to recover your data, it is gone forever. For most of us, though, this is what we wanted. Now, you can feel free to get rid of your old computer. Remember that the internal pieces of computers, especially the CMOS battery, can be toxic to the environment. To be safe and helpful and the same time, find a non-profit organization that could benefit from a donated computer thats in good working order. The U.S. Environmental Protection Agency (EPA) maintains a page on their website (Link) dedicated to the effective recycling of computers. Can’t find a local place on the EPA website? Contact your local library or social services office. Geek Shui Living hopes this article has been both educational and interesting. Have an computer security or other IT topic you would like discussed on our blog? Send us an email, via the Geek Shui Living Contact Page.

Justin E. Gehrke (CISSP, CIWSP, MCSA, CompTIA Security+/Project+/A+) is the founder of Geek Shui Living. As a right and left-brained geek, he is available for consulting in the areas of Information Technology, Network Security, and creative web design and development. He really does appreciate feedback from the computing masses, so feel free to transmit your packets to him, via the Geek Shui Living Contact page.