How to securely erase your hard drive

Harddrives Vonnie Style

Before selling or trashing your computer, there are a few tactical things you should take to protect your data.   Besides shooting the keyboard with compressed air, backing up your files and deauthorizing your software you should also securely wipe the drive.

Please note that deleting your files and emptying the Recycling Bin isn’t sufficient.  Even formatting the file system is inadequate.

Andrew Jones, head of the Information Security Research at British Telecommunications, wisely noticed that a significant portion of people leave vestiges of sensitive data on their hard drives.  He fully develops his observations in a journal he authored with a team of experts.  Unfortunately, the journal isn’t free but buying online access might be worth it since you get access to a complete library of academic and scientific journals.

How file storage works

On traditional spinning hard disk platters every computer file consumes a certain number of blocks.  The operating system tracks these files by using pointers.  The pointers indicate where the file begins and ends.

Deleting and formatting files simply shifts the pointer to a new empty sector for writing.  All the old data is still lying dormant on the drive and can easily be recovered.

The worse part is that you don’t even need a forensic laboratory to pull it off.  And in many cases you don’t need to buy anything either.  The gamut of free file recovery tools is wide and some are tantamount to the paid versions.

Why can’t I just toss it?

Chucking your computer into the can isn’t the most prudent move.  Some people dive into dumpsters for old computers and then exploit anything then can find from their trashy treasures.

Furthermore, US dumpster diving laws won’t help you here.  Yes, it’s true that your dumpster is located on private premises and therefore you can indict the criminals for trespassing; however, generally speaking, unless explicitly prohibited by law, dumpster diving is legal .  For example, in the 1988 California v. Greenwood case, the US Supreme Court ruled that there was “no common law expectation of privacy for discarded materials”.

The diver is taking a gambit that he’ll score big with your computer.  He imagines the surreal pleasure of profiting from your mistake.  This vile person has probably leaped into dozens of dumpsters but today he hit the jackpot when he appropriated your hapless computer…

Should you really risk having your reputation defiled, your photos adulterated and your checking accounts depleted?

Commercial sabotage is a serious danger. By failing to securely erase your drives you may unknowingly abet hackers in their dirty work.  And who really wants to become an accomplice to the bad guys?

After reading this article you’ll know how erase your data so that it’ll be virtually impossible for anyone to cull anything intelligent from it.

The smart way to wipe

“The smart way to wipe”: Okay, that sounds silly especially within the context of “dumpsters”

… anyway, before I digress I need to show you the most judicious way to clean your drives. I’m assuming that you’re running an old school hard drive with spinning platters; Solid State Drives (SSDs) is a little more tricky.

Michael Wei from the Department of Computer Science and Engineering at the University of California, San Diego delineates the nuances of erasing data from SSDs in a journal.  The bottom line is that you can sanitize SSDs with proprietary tools; however, in my opinion encrypting the drive is best option.

Encrypting the SSD with a 256 or 512bit AES key and storing the key offline will make your data almost impervious to prying eyes.

There are a lot of free programs fit for the task but I personally think TrueCrypt is the best.  It’s fast and just works.

Now to all my non-SSDer’s out there, we can protect our files with Darik’s Boot and Nuke (DBAN).

Just burn the DBAN file to CD, pop it in your CD tray and away you go.

DBAN

I’m use a free burning program called imgburn but feel free to use your favorite.

After booting to the CD you’ll see a warning:

DBAN Warning

I encourage you to press F2 to read about the program.  When you’re done press Enter to set your options.

DBAN Wipe Method

You can choose your wipe method by pressing M and the number of rounds by pressing the R key.  Then when you’re ready to get started, press F10 to nuke the disk.

DBAN Wipe Start

Okay now you can step away and forget about your computer for the day.  Depending on the size of the disk, wipe method and number of rounds this can take a long time to complete so you might want to start it on the weekend.

Check out cipher

Alternatively you can use an obscure tool called cipher.exe which ships with Windows 7.

You can read my tutorial on how to use it (it’s the 8th command in the list) but basically you just click Start type cmd and enter the cipher command with a few optional switches.

For example to wipe the C:\ drive you could type:

cipher /w:c:\

It overwrites blocks that are marked as free so trying to recover the files and folders becomes futile.

The Bottom Line

Securely wiping your drive before your ditch your computer is pretty important.  You can use tools like DBAN and cipher.exe to zap your data or… here’s a better idea:

Just buy a new hard drive and install the operating system on it.  Then you can stash your old hard drive in a vault and forget about it.

Or when all else fails, you can buy a welding torch and scorch the thing.  If that sounds too outrageous just drill the drive and you’ll be fine.

About

Connect with Vonnie on Twitter

Posted in Desktops, Hardware, Laptops, Windows, Windows 7, Windows 8, Windows 8.1, Windows Vista, Windows XP Tagged with: , ,
  • john q

    Tossing your HD? Step 1: Use Sdelete from System Internals (free). Step 2: drill a 1/4″ hole completely through the drive.

  • I use a 2kg log splitter on disks I take to the dump.