How many times to overwrite to REALLY delete a file?

Discussion in 'Computers, Hardware, and Operating Systems' started by WA3LKN, Oct 8, 2011.

Thread Status:
Not open for further replies.
ad: L-HROutlet
ad: l-rl
ad: L-rfparts
ad: K3QNTad-1
ad: Subscribe
  1. WA3LKN

    WA3LKN Ham Member QRZ Page

    I use the free program "CCleaner" to scrub any files I delete. I have to option of over-writing a deleted file 1,3,7, and 35 times.

    You would think once would do it. Is 35 really that much more secure?

    Does it depend on what type of file? Is a word file easier to delete than an image file, for example?
  2. G4ILO

    G4ILO Ham Member QRZ Page

    Once is enough to prevent anyone using a PC to recover the data. A forensic laboratory using special equipment could still detect the magnetization. It depends whether what's on your drive is interesting enough to attract that kind of attention. ;)

    Many years ago I worked for a government organization that handled classified data and hard drives were sent to be melted down after replacement.
  3. N0BOX

    N0BOX Ham Member QRZ Page

    Normally, when a computer "deletes" a file, all it does is mark the area of the drive that the file physically occupies as "free to be used for other stuff. The data might still be there for the life of the drive if the computer never decides to write over that spot in the future. Anyone with the software to look at the drive at the block level could find the data later.

    There are techniques involving extremely expensive lab equipment that can be used to recover data, even if it has been overwritten. Maybe even if it's been written over several times. If you absolutely need to get rid of some top-secret data, you'll want to nuke it as many times as you can. You'll actually have to overwrite every single file you delete several times, since chunks of files are routinely moved around when the drive is automatically defragmented in Vista/7.

    I think the Dept. of Defense standard for a drive wipe is a 7-pass random-byte rewrite, probably with a few passes being a reset to all 0s or all 1s. Not completely sure, but 7-pass sticks out in my mind. 35 is probably considered completely unrecoverable using today's technology.
  4. WA9SVD

    WA9SVD Ham Member QRZ Page

    It will depend upon just how "clean" you want the hard drive to be. Simply "deleting" or "erasing" files, as stated above, merely makes the file area available for re-use, but does not actually destroy the date.
    In the past, Norton and some manufacturers offered utilities that would do several passes through a hard drive, writing various combinations of all "1's," then all "0's," and so on for a few cycles, to hopefully remove all evidence of previous data; some even claimed to "write between the tracks" to even erase residual magnetism.
    A t least in the past, Norton Utilities has an option that would comply with DoD erasure, but was a long process, as it had to overwrite the disk several times.
    Despite any or all software solutions, there are ($$$$) recovery methods that can (ostensibly) retrieve data that involve disassembly of drives in a "clean room" and physically trying to read data on equipment designed to detect very weak magnetic signals not able to be detected by ordinary hardware.
    The question is, how valuable is your data? Your typical credit card thief isn't going to go through dozens or hundreds of hours looking for access numbers. On the other hand, if a hard drive contains National Security level data, physical destruction of the drive (or at least the magnetic platters) is the only sure way to prevent retrieval of data.

    When working on client's computers, and they have sensitive data on a failed hard drive, I usually disassemble the drive, place the platters under a BIG auto speaker magnet for a few days, and then return the platters to them. Some clients have made the platters into wind chimes...
  5. AC0H

    AC0H Ham Member QRZ Page

    This is correct.
    I have used a utility called DBan (Dariks Boot and Nuke) for a few years that will allow you to scub the drive to DoD standards.
    7 passes will leave a drive completely devoid of old data.

    I learned about this while doing contract work for a company bringing itself into Sarbanes/Oxley compliance.
    Any drive that contained company financial or customer data had to have the drives scrubbed to DoD before being re-tasked somewhere else in the company.
  6. VK2AKG

    VK2AKG Ham Member QRZ Page

    rapid HDD erasure

    Glad I'm doing something right - any hard drives I dispose of get a quick touch of the gas axe.


    I first started doing this when I had to erase a large quantity of hard drives for a SK friend and quickly discovered how slow it was going to be to properly wipe his entire stash of hard drives using software.

    I erased his CDs in the microwave oven.


    Looks pretty enough to be "art"

    73 Frank vk2akg
  7. AF6LJ

    AF6LJ Premium Subscriber QRZ Page

    This is a good utility I use it.
    One thing that needs to be taken into consideration; if you have a hidden restore partition on the drive that is to be wiped it will wipe that partition also. DBAN will wipe the whole drive.

    Goes to show some of the best software is FREE :)
  8. WA9SVD

    WA9SVD Ham Member QRZ Page

    Of course, if the hard drive has experienced hardware failure, "electronic" erasure isn't an option, anyway. You then have to resort to physical (or magnetic) destruction. The real issue is if the hard drive is to be "redeployed," but the data must be completely removed first.
  9. AC2EV

    AC2EV XML Subscriber QRZ Page

    Without disassembling the drive and removing the platters to read the data 3 wipes, preferably all 1s, all 0s and then random is all that is necessary. 7 passes is unnecessary and just wastes time.
  10. KB4QAA

    KB4QAA XML Subscriber QRZ Page

    The DOD standard is 7 passes each alternating of 1 and 0's. "CC Cleaner" is a free app that will do security wipes. I've been using it for several years. It gets regular updates.
Thread Status:
Not open for further replies.

Share This Page