mobilephones
blog

Thoroughly erase data from hard disks, SSDs, and USB memory!

By mobilephones 13/02/2023 584 Views

No worries!

Information leaks from discarded computers have actually occurred. When you throw away your computer, you want to clean up all the information on it and take thorough measures to prevent someone from misusing it. This time, I will introduce how to thoroughly erase the disk and memory.

When you "delete" a file on your computer or put it in the recycle bin and "empty the recycle bin," the data is apparently deleted, isn't it? However, I think many people know that this alone does not mean that it has physically completely disappeared.

Data that has apparently been "deleted" and is no longer visible remains until it is overwritten with new data. With the typical Windows Delete function, deleted data remains in the Recycle Bin until another file requests the location where it was written. Also, if you Shift Delete the data without putting it in the Recycle Bin, the disk space for that data will simply be marked as "space for other files."

Even days or weeks later, those data can be recovered using data recovery software. As long as the OS does not overwrite the deleted data space with other files, the original files are recoverable.

For SSDs, erasing data has both security and performance benefits. That is, in SSD, to overwrite a block containing data, first copy the entire block to the cache → erase the contents of the entire block → delete the block to be overwritten from the cache → write new data to the cache → new data in the block This is because the process of writing is necessary. If files are deleted or updated frequently, the performance will drop. You can prevent that if your drive and OS support TRIM, but only Windows 7 and newer SSDs support it, older Windows don't.

So what do we do? Stay tuned for more details!

Data Wipe and File Deletion

As mentioned above, file deletion only marks disk space as "reusable", whereas data wipe requires , the disk must be overwritten with another data. There are several ways to overwrite data, which can be broadly divided into a method of overwriting all data with "0", which is called "zero fill", and a method of overwriting with a random pattern.

Products used to wipe hard disks may not be suitable for other types of disks. In this article, we will look at how to wipe data from hard disks, USB flash drives, flash memory cards and SSDs.

Zero-filling a hard disk

Time required: Several hours (depending on disk size and speed)

Software used: Hard disk utility software provided by the disk vendor

Medium used: blank CD or floppy disk

Zero-filling an entire hard disk with '0' does not meet the strict official disk erasure standards. For example, DoD 5220.22-M from the US Department of Defense or Special Publication 800-88 from the National Institute of Standards and Technology (NIST). However, zero-filling can prevent data recovery in most cases.

The zero-fill software provided by hard disk vendors is as follows. Check each site for supported models.

Using ・Hitachi・Samsung・Seagate (including Maxtor)・Western Digital

The procedure for zero-filling is as follows.

Hard disk, SSD, USB memory, Thorough data erasure!

Try a secure wipe of your hard disk Secure wipe is a higher level of security than zero fill to erase data. Most secure wipe software is made to meet the US Department of Defense's DoD 5220 standard. The criterion is to overwrite the data three times with a special numerical pattern and validate it. More information on this can be found on the DataErasure site.

By the way, according to the "Updated DSS Clearing and Sanitization Matrix" published in 2007 by the Department of Defense Defense Security Agency, degaussing the hard disk (such as applying a strong magnetic to remove the magnetism) and physical destruction.

A must-read document to understand the challenges surrounding data sanitization, Stanford University's Disk and Data Sanitization Policy and Guidelines recommends Darik's Boot and Nuke (DBAN) as a secure hard drive wipe software. .

Try Secure Wiping a Hard Disk with DBAN

Time Required: A few hours (depending on hard disk size and speed)

Software used: Darik's Boot and Nuke (DBAN), available at http://www.dban.org/)

Medium used: blank CD (any version) or floppy disk (version 1.0.7 or earlier)

The procedure is as follows.

Note: If DBAN does not recognize the serial ATA hard disk, please change the BIOS settings to change the hard disk connection method from IDE mode to AHCI mode.

Permanently Erase Flash Memory Cards and USB Drives

DBAN and vendor hard disk utilities can only be used within the scope of what they support. These software can only be used with internal ATA/IDE or serial ATA hard disks. Software that supports flash memory cards and USB flash drives often also supports hard disks. So you can erase all the discs you need with one program.

One such software, Roadkil's Disk Wipe, can wipe any hard disk, floppy disk, or flash drive that has a drive letter (C:, D:, etc.) assigned to it.

Wipe data from a flash memory card with Roadkil's Disk Wipe

Time required: minutes to hours. (depending on size and speed of drive and computer)

Software used: Roadkil's Disk Wipe, available at http://www.roadkil.net/

Medium used: Can be run from the Windows desktop

The procedure is as follows.

Try Wiping Your SSDThere are two ways to fix performance issues with drives that don't support TRIM. One method is to use wiper.exe that comes with some SSDs. Another way is to use the Secure Erase feature, which is supported by most ATA/IDE and Serial ATA drives these days.

To use the Secure Erase feature, you will need Secure Erase 4.0 (HDDerase.exe) found here. Secure Erase 4.0 works with most ATA/IDE and Serial ATA drives, but if you have an Intel X-25M, X-25E, or X-18M SSD, download Secure Erase 3.3 here. Please note that this is no longer under development and could not be used on systems with AMD690.

Wipe Free Drive Space with SDeleteSDelete is a free program from Microsoft's Technet Sysinternals collection. It can be launched using the command line and can be used to delete data and files from the drive, as well as zero free space.

Time required: minutes to hours. (depending on size and speed of drive and computer)

Software used: SDelete from TechNet Sysinternal (available from http://technet.microsoft.com)

Medium used: Can be run from the Windows desktop

The procedure is as follows.

Verification of effectiveness of data erasure programs

This time, we used demo versions of two popular data recovery programs for verification. Ontrack's EasyRecovery Data Recovery (available at http://www.ontrack.com) and Disk Doctors NTFS Data Recovery (available at http://www.diskdoctors.net).

First, we verified whether it is possible to recover deleted files on the SD card with Roadkil's Disk Wipe.

For comparison, I just formatted the SD card using a card reader. With EasyRecovery Data Recovery, I easily found folders and files that I thought were formatted and deleted.

Then the disk is zero-filled once using Roadkil's Disk Wipe. Even with EasyRecovery Data Recovery, I couldn't find any files or folders, or even a file system.

I also reformatted the SD card, took a few more photos, and deleted the photos again. In that case, EasyRecovery Data Recovery found the photos taken later. However, I could not recover the data before using Roadkil's Disk Wipe.

Then, to evaluate SDelete, I erased all the files on my hard disk with SDelete. At that time, I dared not use the -z option for verification. If you don't use the -z option, SDelete will delete and rename files, but it won't zero free space.

Then Disk Doctors found a deleted folder and an Outlook Express messages folder. But Sdelete should have changed the original name and extension. In other words, even if you use SDelete, you can see the original folder if you omit the -z option. So, when using SDelete, it seems good to add the -z option and clear the free space on the disk to zero.

Disk Doctors also tested a freeware called Eraser. Eraser allows you to delete or overwrite files from the right-click menu. For this verification, I created a document folder with a subfolder called Figures, and deleted that folder and subfolders with Eraser's default settings.

Then Disk Doctors found a folder with a zero-byte size and a random filename, but it was a word processor temporary file (with a filename that started with a "$"). thing) has been found. These file names were not changed. In other words, even if the files in the folder are corrupted, it is possible that the file name can be known from the temporary file. A more thorough erasure may be possible by increasing the number of overwrites or by using Eraser's non-default features.

Summary

In this article, we have covered some free measures to prevent data theft on discarded drives. As you can probably guess, it's safest to overwrite the data directly, but first use a program like SDelete to randomly rename the files, then use something like Eraser or Roadkil's Disk Wipe. There is also a hand to clean up.

Use demo versions of software such as Ontrack Easy Recovery Data Recovery and Disk Doctors Data Recovery (NTFS, FAT, flash media, etc.) to test the effectiveness of data erasure. Full versions of these data recovery software can help you recover data even if you accidentally format or partition your disk. Don't forget that the data will remain until it is overwritten.

MaximumPC (original/miho)

Related Articles

iPhone12 series accounts for more than 35% of global smartphone sales ~ 2021Q2

I want ZTE's foldable galaho "CYMBAL-T" to be released in Japan as well!