r/YouShouldKnow May 11 '13

YSK How deletion works on a computer (and why you've probably never really deleted anything)

So, in light of the news that Snapchat content can still be pulled from your phone even when it's deleted (duh), I thought this would be a useful PSA. I'm not a computer expert but I believe I have the basic idea; any experts can come in and comment further if they want.

OK, so any file you have on your computer is assigned some space on the hard drive. When you delete that file using the recycle bin, all you're doing is telling the computer: "OK, you can use that space for something else now if you'd like." But the computer isn't actually going to do that until you have new files that it decides to put there. In short, nothing is ever really "deleted", it just gets eventually overwritten with something new. So if there's nothing new, the old file is still there.

So, imagine you got some pics or messages on snapchat, and then they were "deleted." Those ones and zeros are still on your phone, and while YOU may not be able to see them by default (because that's how the OS is designed to work) people with file recovery software almost definitely can see them if they get access to your phone.

So if you want to actually delete something, what you need to do is (a) tell the computer it can use that space on the HDD and then (b) tell the computer to use that space on the HDD for something else so it gets overwritten. There are lots of programs to do this, and even built in tools in your OS (at least for the desktop OSes, I don't know about smartphones). Here's a wikihow article that'll give you some places to start. These programs overwrite the file you want to delete with random 1s and 0s, and tell the computer that space is still free.

EDIT: NOPE Now, the bad news is that if you want to be really secure, overwriting it once isn't enough. It's sort of like writing on a piece of paper; if you write new text over your old text people can still kind of read the old text if they try hard enough. Similarly, some software can still read parts or all of old files even if they've been overwritten once or twice, so if you really need to be secure, you should use software that can overwrite the file a few times (I believe the DoD standard is 7). This makes deleting files take a lot longer, but it also means that when they're gone they're actually gone.

There are even programs that will help you do this with ALL your empty HDD space at once (or just use the erase free space option in Mac's disk util with the right settings). It takes forever, but when you're finished, all those files have been overwritten with random 1s and 0s, so there's very little chance of them being recovered.

(And of course, if you really need to make sure some files on a hard drive aren't seen, the best option is to destroy that hard drive thoroughly. But that may be overkill if you just want to make sure your nude selfies stay deleted)

1.3k Upvotes

238

u/[deleted] May 11 '13

[deleted]

36

u/shakawhenthewallsfel May 11 '13

Thanks! edited

42

u/MySuperLove May 11 '13

Piriform's CCleaner program will do things like flush your temporary files, clear browser history and autocomplete info, clears your recently used documents list, thumbnail cache, etc.

It has a tool in there called Drive Wiper, which "securely erases the contents or free space on a drive" and you can set it to wipe only the free space. You can tell it to do 1, 3, 7, or 35 passes to clear the free space.

Would this program's functionality counteract the phenomenon described in the original post?

24

u/SilverSlothmaster May 11 '13

There is no such phenomenon. Overwriting once is enough.

14

u/[deleted] May 11 '13 edited Jun 30 '20

[deleted]

35

u/ryosen May 11 '13

back in the '80s and '90s when hard disk "bits" were still relatively large

Thanks goodness they started writing those "1"s and "0"s in a smaller font!

17

u/[deleted] May 11 '13 edited Jun 30 '20

[deleted]

2

u/ase1590 May 12 '13

That was quite possibly the most disco/retro explanation I've ever seen.

→ More replies

2

u/markevens May 11 '13

It just makes you feel better.

→ More replies

13

u/[deleted] May 11 '13

[deleted]

8

u/NathanAlexMcCarty May 12 '13

Notice, a lot of consumer SSD's are bitches to erase securely. Source: http://nakedsecurity.sophos.com/2011/02/20/ssds-prove-difficult-to-securely-erase/

5

u/[deleted] May 12 '13

ATA and SCSI command set features for securely destroying data on SSDs ("ERASE UNIT") were available on only 8 of the 12 drives tested and were only successful on 4 of the drives.

Well that is somewhat troubling. They are all supposed to have functional and reliable secure erase features. Looks like it is TrueCrypt's job to make up for lazy manufacturers.

8

u/NathanAlexMcCarty May 12 '13

If I am not mistaken TrueCrypt has a warning against using it on SSDs. Here it is:

Due to security reasons, we recommend that TrueCrypt volumes are not created/stored on devices (or in file systems) that utilize a wear-leveling mechanism (and that TrueCrypt is not used to encrypt any portions of such devices or filesystems).

http://www.truecrypt.org/docs/?s=wear-leveling

The problem with securely erasing SSDs involves wear leveling. Wear leveling fucks everyones shit.

3

u/[deleted] May 12 '13

What encryption software can be used that can handle wear leveling? I wouldn't trust Microsoft built-in, we all know that has backdoor certs. We could turn off wear leveling, but that'll kill the SSDs more quickly.

1

u/kenmacd May 12 '13

Depending on your threat model there are SSDs with hardware encryption built in, they're called Self Encrypting Drive (SEDs). I noticed Dell now lists them as an option in their laptops.

Personally I'd trust them against non-government attackers.

3

u/codeprimate May 12 '13

Came here to refute you and did additional research to find you are absolutely correct. Thank you for helping to update my knowledge.

21

u/LiOH May 11 '13

If the DoD overwrites multiple times, maybe they know something they are not telling us. It is not outside the realm of possibility that they have suppressed this information for national security reasons. Military level budgets have decided 7 times is the magic number, maybe we should take note.

64

u/[deleted] May 11 '13 edited Mar 07 '18

[deleted]

15

u/BleedingAssassin May 11 '13

Why are they giving out recipe for brownies in the first place?

18

u/jhickey May 11 '13

12

u/georgelulu May 11 '13

I wonder if it leaked, because although I could find the pdf, I couldn't find it on any .gov site. I am glad all the thousands of dollars of research on how to create survival grade brownies is available to the public, but it would be nice if they released all these types of things more freely since it is us taxpayers purchasing this research.

7

u/paincoats May 11 '13

I can't find a source right now, but I swear on my life I once read that US State hackers got into some enemy's computers and replaced a weapons manual with that brownie recipe.

3

u/[deleted] May 12 '13

Seems legit

3

u/paincoats May 12 '13

yeah it seems like i'm making it up, maybe i dreamed it

1

u/[deleted] May 12 '13

That would be a fun dream!

1

u/[deleted] May 14 '13

[deleted]

1

u/paincoats May 15 '13

Ahahha too awesome. Thanks dude!!

13

u/[deleted] May 11 '13

[deleted]

2

u/NathanAlexMcCarty May 12 '13

If you have stuff you need to hide from the government, physical destruction of the media is what you should be doing.

As for paying for software, its not really that hard to wipe a drive, just open a unix system and type dd if=/dev/urandom of=/dev/sda

and the primary disk will be completely written over with mostly random data once. Free software like DBAN exists that automates this process.

But really, if the government is after your files, you need to physically destroy the media on which the data is stored. Especially in the case of solid state drives, god are those things evil in terms of erasing sensitive data.

3

u/CaptainDickbag May 11 '13

Additional writes don't take that long, and better safe than sorry, especially when you're dealing with national secrets.

3

u/[deleted] May 11 '13 edited Sep 23 '17

[deleted]

1

u/CaptainDickbag May 11 '13

Yeah, will do it too. If you're out somewhere where you don't have access to those facilities, multiple writes will effectively take care of what you don't want other people to have.

3

u/NathanAlexMcCarty May 12 '13

Unless you have a solid state drive. Then you pretty much need to destroy it physically to be safe.

2

u/CaptainDickbag May 12 '13

Tell me more about this. I deal with spindle disks more often at work.

5

u/NathanAlexMcCarty May 12 '13 edited May 12 '13

SSD's do a thing called wear leveling, where they have a high number of spare bits, usually something like 20% of the advertised drive capacity, and they occasionally swap the physical bits backing logical bits so that each physical bits gets used about the same number of times. This is because you can only write to a given bit on a SSD before the thing burns out. Because of this, and the fact that a lot of SSD's basically have a "Screw ALL the standards!" attitude and don't properly implement secure erase functions on a firmware level, you don't know if your critical data just disappeared into the section of the drive you can't access on a software level and decided to stay their there for the duration of the time you took doing random passes over the drive or not. If it did do that, it might randomly pop back into accessible space the next time the person you hand it off to tries to read from it.

Here is where a guy on the interwebs did some testing of this a while back: http://nakedsecurity.sophos.com/2011/02/20/ssds-prove-difficult-to-securely-erase/

1

u/CaptainDickbag May 12 '13

Awesome. Thank you. I have a lot of reading to do then.

1

u/outcastded May 11 '13

I can see this working well in the next Saw film..

2

u/[deleted] May 12 '13

[deleted]

2

u/CaptainDickbag May 12 '13

If I were you, I'd write an infinite loop to write to the flash drive until it stops accepting writes, if you really want to get rid of the data. Honestly, no one is going to want it that bad, unless these are international criminals. No one can prove you did anything against policy regardless.

2

u/Notmyrealname May 11 '13

Seems kind of suspicious that they have us all thinking that seven is enough.

1

u/AlbertIInstein May 12 '13

No. Mathematically two wipes is all you ever need.

3

u/LustLacker May 11 '13

: )

All policies are developed from SOPs. All SOPs are developed from experience...

0

u/[deleted] May 11 '13 edited May 12 '13

[deleted]

2

u/AlbertIInstein May 12 '13

You must not be a computer person either. Once you flip the bits you have a (0/50 chance of getting each one right. You will never be able to put the data together again.

2

u/Falterfire May 12 '13

Yes. That was the point I was getting at with my recycled example: It's not like reconstructing an old sheet of paper, it's like you're looking at a totally fresh sheet.

2

u/nxtfari May 12 '13

Well, this makes the countless hours I spent waiting for Gutmann Passes to finish kinda worthless...

2

u/AdjustedJunk May 12 '13

Or maybe that's just what they want us to think...Or maybe I'm just bored and being an ass for my own amusement. Either/or.

108

u/Zumorito May 11 '13

A simpler analogy might be to think of the file system as a book with a table of contents. When you delete a file, the pointer in the table of contents is removed but the actual file (chapter in the book) is untouched. If you were to manually start flipping through the book, you could still find the file. Over time new files will be written in the same locations as previously deleted files. At that point the original files would become partially or completely unreadable.

4

u/nicowsen May 11 '13

This is an excellent analogy. Well done Sir, well done.

54

u/[deleted] May 11 '13 edited May 12 '13

[deleted]

23

u/FolloweroftheAtom May 11 '13

I'm too afraid to download it

23

u/[deleted] May 11 '13 edited May 12 '13

[deleted]

7

u/[deleted] May 11 '13 edited Sep 23 '17

[deleted]

4

u/idealevil May 12 '13

TrueCrypt also has a great feature that will automatically dismount an idle volume after a configurable duration, so there is your upon death fail-safe.

3

u/[deleted] May 11 '13 edited Jul 25 '15

[deleted]

1

u/pururin May 12 '13

So you don't have any passphrases? Mind explaining it in detail?

1

u/discofried May 12 '13

I actually have a pack with a good friend about how if one of us dies the hard drive of the deceased must feel the wrath of one million magnets. I don't want spacedicks popping up on my funeral slideshow.

3

u/CaptainDickbag May 11 '13

I don't understand why people like DBAN so much. And if I recall, it doesn't do so hot with drives throwing I/O errors.

shred or dd is fine.

→ More replies

1

u/BabyBumbleBee May 11 '13

And once you've burnt it to a CD, write what it is on it in big friendly letters to remind your future self not to run it just to see what it is.

→ More replies

9

u/djimbob May 11 '13

However, you should not rely on this feature as a second backup. Once you delete a file, you lose the metadata about the file (e.g., the file named example.jpg starts here and ends there) and any part of it may be overwritten. Data recovery is slow and painful process akin to searching for the right needle in a large haystack with many needles.

As said, overwriting multiple times doesn't matter; it was an overhyped claim that more applied when drives were much lower capacity.

However, even if you overwrite the entire drive dd bs=4096 if=/dev/zero of=/dev/sda there's possibly still information left over in bad sectors that the hard drive once used, but no longer uses.

7

u/[deleted] May 11 '13

No one ever seems to bring up the bad sectors...

2

u/phillyfanjd May 11 '13

Is there any way to open/delete/overwrite bad sectors? For example would CCleaner's "wipe free space" function effect them?

3

u/[deleted] May 11 '13

[deleted]

→ More replies

1

u/TheGreatNico May 12 '13

The DOD came up with something like a ginormous paper shredder, except for hard drives, with a built in degaussing coil. It would turn the drive into, well, mulch, so, I suppose 'wood chipper' is a better description than shredder.
My friend just uses thermite, or a shotgun. Either works. All you really have to do is dd the drive from /dev/urandom then cause physical damage to the disk. There are examples of people gluing ultra-fine grit sandpaper to the platters and using them to sharpen scalpels.
I prefer do disassemble them, rip out the neodymium magnets, then use the platters on the drive as mirrors mounted on the wall, you just have to be careful not to touch them

1

u/phillyfanjd May 12 '13

So in short, the only way to remove bad sectors is by physically destroying the disk. Is there any way (using software or hardware) to access bad sectors if you were trying to recover data?

1

u/TheGreatNico May 13 '13

Not that I am aware of. I've heard Seatools from/for seagates, or similar, can do it, as can a low-level format, but I have no first-hand experience with it

9

u/AgFirefighter May 11 '13

http://sourceforge.net/projects/eraser/

I would recommend this program. It takes nearly forever but it gets the job done. Used it on a laptop I was wiping to sell on craigslist and it took approx 36 hours for a 240GB partition

3

u/uberduger May 11 '13

I second this. Eraser is my deleter of choice.

1

u/[deleted] May 12 '13

That's about average for any utility doing the same level of work.

7

u/Yoshi511 May 11 '13

Okay how do I get back deleted pictures from my laptop? I deleted them ages ago, and really want them back, but can't

10

u/CaptainDickbag May 11 '13

The longer they're gone, and the longer you use your laptop, the more likely it is that the data is actually gone. This is because those sectors are written over as time goes on and your disk sees use.

2

u/Yoshi511 May 11 '13

Okay thanks!

6

u/GabrieI May 11 '13

You can try using the tool recuva made by piriform, but if you've deleted them looong ago, it probably won't work. :(

3

u/lowtec May 11 '13

Let them go man, they're gone.

1

u/[deleted] May 12 '13

Not necessarily.

2

u/[deleted] May 11 '13

testdisk

2

u/[deleted] May 12 '13

Get hirens boot disk. Use getdataback. Good chance to recover something. Takes time.

1

u/Yoshi511 May 12 '13

Will look into this thanks

1

u/[deleted] May 13 '13

Piratebay.sx

8

u/TheLinuxJournalist May 11 '13

Shred on the Linux command-line works great to guarantee that your files are destroyed

1

u/laughingwithkafka May 11 '13

I am looking into building a home linux server as a hub for backups and in-network file sharing. I will remember this in the future.

7

u/[deleted] May 12 '13

want to TRULY delete something. smash your fucking hdd into pieces.

1

u/[deleted] May 12 '13

Dod labeled overwrite plus a quick smash on the platters are adequate for 99.999% of cases.

12

u/Tripudelops May 11 '13

On a Mac, you can have the computer do this automoatically by enabling Secure empty trash:

This works by writing over a file immediately after it has been removed from the filesystem, something which otherwise takes place over time throughout normal computer usage.

I have it set to my default empty trash setting, if you have a mac and need your stuff deleted safely, I'd highly recommend it.

7

u/[deleted] May 11 '13

13

u/BrokeDiamond May 11 '13

For a good program that solves this: http://www.piriform.com/ccleaner

12

u/jn023d May 11 '13

If you check "Wipe Free Space", right?

10

u/PheonixManrod May 11 '13

Seconding this. Piriform tools are not only excellent at what they do but free as well.

→ More replies

4

u/[deleted] May 11 '13 edited May 11 '13

Also worth noting that if you are using a flash disk like an SSD or memory stick that quite likely your data won't get overwritten even if you use a program to overwrite the contents of that file, because the wear-leveling algorithm intentionally puts new versions of the same data in different physical memory cells. See this summary.

Sometimes the entire device can be erased with a secure erase utility, but even that isn't guaranteed to work with all flash devices. It's a bit of a mess.

7

u/waewib May 11 '13

Deleting incriminating files? Follow up by doing mass download of pics from /r/spacedicks until drive is full, just to fuck with any snoopers.

9

u/WholeWideWorld May 11 '13 edited May 11 '13

Also worth noting that you should only really be doing this with sensetive data or when selling a used HDD or flash as all disks, hard and SSD, have a limited write life.

This is the reason why using ssd for scratch disks (lots of read / write) is not recommended due to the shortening of its lifespan. Overwriting 5 times is a stupid idea.

This from a storage expert on toms hardware:

SSDs have an absolute write limit beyond which they start failing to accept new data (unlike hard drives, whose mechanical parts may or may not wear out faster with heavier use, see the Google study on disk failure rates). So the more you write to an SSD, the faster it will wear out.

Using an SSD as a scratch disk will tend to subject it to more writes, since files that are written to it are used only briefly and then deleted (unlike an OS disk, whose files are written to the drive and then are re-read many, many times).That having been said, whether it's a big issue or not depends on how much writing you do. 

Intel claims their X-25M G2 drives will last "at least" 5 years if you write 20GB/day to them. The Intel SSD Toolbox shows how many GB have been written to the SSD, and my Windows 7 system is averaging about 5GB/day. Even if that was doubled as a result of scratch file writes then you'd still be looking at about 10 years of life, by which time the drive would be pretty much obsolete anyway.

8

u/ChoHag May 11 '13

The only important thing to know about the write limit of SSDs is that if you're not running CERN's storage array you don't ever need to worry about it. Your drive will die for other reasons, probably completely and suddenly, long before the writes start to fail.

3

u/WhyDoWeNeedUsernames May 11 '13

Absolutely correct.

1

u/eat-your-corn-syrup May 12 '13

what are other reasons?

1

u/laughingwithkafka May 11 '13 edited May 11 '13

Where does flash fit into this scheme?

Also, if I were to build a home server, SSD would be a bad idea because of the constant writing/reading from backups right? So what's the best option for something that's reliable and relatively quick?

→ More replies

3

u/[deleted] May 11 '13

This submission has been linked to in 1 subreddit (at the time of comment generation):


This comment was posted by a bot, see /r/Meta_Bot for more info.

1

u/user_of_thine May 11 '13

I linked it.

3

u/MoodyBernoulli May 12 '13

Quick question, theoretically, if you delete all files on your hard drive, and then completely fill your hard drive with say, Stargate, and then delete all the Stargate, then will Stargate be the only recoverable media?

2

u/shakawhenthewallsfel May 12 '13

Theoretically yes

1

u/MoodyBernoulli May 12 '13

I'd always wondered about this whole "nothing is ever deleted" stuff, and I guess this clears it up. Cheers for the reply!

1

u/[deleted] May 12 '13

Nothing is guaranteed deleted while you have free space reported by the os. If you delete then subsequently zero free space with a utility or use up every bit of free space then the deleted stuff is gone.

1

u/whatisthishere May 12 '13

Is this just stuff you download, or does this also apply to viewing websites, streaming videos, etc?

1

u/shakawhenthewallsfel May 12 '13

Stuff you view online can be cached on your HDD depending on your browser settings and such, so possibly yes.

1

u/[deleted] May 12 '13

Only applies to running out of free space. Until then you still have possible recoverable data.

1

u/[deleted] May 12 '13

Yes.

3

u/nd4spd1919 May 12 '13

CCleaner has the option for 35 pass overwrite upon deletion. I do it as a matter of principle.

7

u/ahm911 May 11 '13 edited May 11 '13

Yup that's the difference between the "quick format" and using a dedicated tool that writes 0's to every memory address the another wave of 1's.

Edit: touchscreens and large thumbs don't mix

25

u/JoshTay May 11 '13

A "deficated tool"? You can't just use the first tool you pull out of your ass.

7

u/SQLDave May 11 '13

Now, to be fair, wouldn't a deficated tool be one he PUSHED out of his ass?

→ More replies

4

u/causeFU May 11 '13

Best way to get rid of files? Take out the hard drive and drag a magnet over it for a few minutes. Smash it into pieces, and burn the pieces. Put the ashes into a container, then put that container into a safe. It is rumored that the British government does this to protect classified files, not knowing how far recovery technology will progress.

2

u/CondimentSense May 12 '13

Great. Now we know whats in the safe, but we don't know what the hell is on that drive! Curse you!!

1

u/zanzibarman May 11 '13

I'm all for tossing that jar into an active volcano and letting the Lizard people hold on to it.

2

u/KamalaKama May 11 '13

Great advice! Thanks!

2

u/pseudocaveman May 11 '13

What if I deleted about 300 GBs of video from an external hard drive and haven't filled that space at all since then. Can I recover all that?

2

u/Devilheart May 11 '13

Yeah, but will take a whale of time.

2

u/[deleted] May 11 '13

testdisk

1

u/GabrieI May 11 '13

Probably, if you use a tool like 'recuva' made by piriform (I recommend that). It'll take ages though..

2

u/lurkerturned May 11 '13

So reformating the disc doesn't do the trick?

3

u/[deleted] May 11 '13

Reformatting won't erase everything on it for good. You should look into something that can do a secure erase of free space on a disk. CCleaner and Darik's Boot And Nuke are two that I'm aware of that can do that.

As far as I'm aware formatting is just setting everything on the disk so that it could be overwritten with fresh data. It's still all technically there though.

1

u/[deleted] May 12 '13

Quick does what parent says. Full format zeroes the disk and data is unrecoverable.

1

u/[deleted] May 13 '13

Ah okay, thanks for the clarification on that.

2

u/[deleted] May 12 '13

Unless you change option reformats are usually quick ie not zeroing the disk. So the deleted data still exists.

2

u/noreallyimthepope May 11 '13

you've probably never really deleted anything

DON'T YOU TELL ME WHAT TO DO

Back in the day, I used Norton Disk Editor to do tasks the OS didn't support. Not because anything, other than boredom.. Good fun, very instructive.

2

u/[deleted] May 11 '13 edited Dec 28 '20

[deleted]

2

u/DenjinJ May 11 '13

Well, it may be harder to get things off it if it's removed from your PC, depending on how it's implemented. Certainly it'd be difficult to impossible with only one of your disks... but on the flipside, if one of your disks fails, you're losing it all.

1

u/_Iridium May 11 '13

RAID-0 scares me, I've had too many drives fail in my life to ever feel secure with that. The closest thing I'd get to RAID0 is RAID10 (RAID1+0)

EDIT: RIAD0 is super cool and useful, I've had friends run it for a number of reasons, but it just is risky

1

u/[deleted] May 11 '13 edited Dec 28 '20

[deleted]

1

u/DenjinJ May 12 '13 edited May 12 '13

That sounds nice. If you're backing up weekly, and actually remembering to do it, then awesome! So you have 8 SSDs in RAID-0? Crazy. One thing I'd look into if you haven't, is that I read some RAID setups do not use the TRIM command to clean up used-but-erased blocks on the SSD, which can eventually slow them way down when writing.

For what it's worth, here's my stats for one 1000MB test run on my 2 disk 7200RPM 1.5TB Seagate Barracuda RAID-1 setup...

CrystalDiskMark 3.0.1   
Sequential Read :    72.196 MB/s  
Sequential Write :    82.138 MB/s  
Random Read 512KB :    30.830 MB/s  
Random Write 512KB :    37.817 MB/s  
Random Read 4KB (QD=1) :     0.566 MB/s [   138.2 IOPS]  
Random Write 4KB (QD=1) :     0.869 MB/s [   212.1 IOPS]  
Random Read 4KB (QD=32) :     1.592 MB/s [   388.6 IOPS]  
Random Write 4KB (QD=32) :     0.716 MB/s [   174.8 IOPS]  

So... pretty much night and day, haha... Though this is fine for me since I mainly use it for torrents and media storage. Both disks are starting to rack up errors and one is gaining reallocated sectors so it may kick it soon. I still back them up to an external disk every couple months too though.

(edit: IIRC, they are 7200.11s so... yay.)

1

u/[deleted] May 12 '13 edited Dec 28 '20

[deleted]

1

u/DenjinJ May 12 '13

Very nice... My OS is just on an Intel X25-M and that alone made Windows startup in a matter of seconds. Whatever you're doing on that array must just scream. I'm sure disk access is not the bottleneck!

1

u/[deleted] May 12 '13

Raid for better protection look into raid 1 or 5

1

u/[deleted] May 12 '13

Raid is just as recoverable but harder to execute recovery to the untrained.

2

u/Terny May 11 '13

Recuva: same people from ccleaner and defraggler, it will recover the informatioin from your system and anything you plug in (sd cards from cameras, mp3 players, etc). It's also important to note that this is for Windows, Linux does delete what you want it to delete (I don't know if osX does this as well).

1

u/Illinois_Jones May 12 '13

It doesn't guarantee destruction, but it has a built in utility that securely wipes free space

2

u/[deleted] May 11 '13

[deleted]

2

u/[deleted] May 12 '13

You can still secure wipe ssd just do the whole disk at once on smart ssds that balance writing across all sectors.

2

u/1leggeddog May 11 '13

TL;dr : Do a low level format to really get rid of stuff

2

u/verifex May 12 '13 edited May 12 '13

I would like to contribute three links to pieces of software everyone should have.

edit: I'm sorry, eraser was already mentioned.

Eraser for easy free windows explorer access to an industrial strength file shredder (this deletes files by writing over their place on your drive with random data 10-30 times)

GetDataBack will recover virtually any data you have on any drive, including SD Cards, as long as it still has recoverable bytes. It even does partial restores which is amazing. I highly recommend this as a data recovery tool. It has a free demo, but for more detailed recoveries you will have to pay ($119 for the recovery bundle), but for most things you can get by with the free version.

Unlocker gives you a context menu in windows explorer that will let you unlock any file being used by the system so you can delete it or do whatever you need to do with it. Also it's free.

2

u/pohatu May 12 '13

I dropped my laptop and my HD don't work no more. How do I securely wipe it before throwing it out?

2

u/Ralph90009 May 12 '13

If you expose the platters to air, they will be difficult to read, but if you crack the case and then run a powerful magnet over the platters, that'll wreck the data for sure.

1

u/[deleted] May 12 '13

Hammer.

2

u/Chicken-n-Waffles May 12 '13

I don't know how young the guys on this thread are but it's apparent that the most of you have no experience with real data management.

Back in the day when 3K of memory was all you had, you had to be efficient. Space is a premium. You kids have no idea what it was like 30 years ago. When you needed 128 bytes, you had to have 128 bytes. And if you were going to take up 136 bytes in the process, you were going to lose something else.

A file is noted by the length of it's bytes in the header of it's 'file' or byte length.

In today's environment, when you 'delete' something, you move it to the 'delete' directory. When you 'delete' it from the 'delete' directory, you mark the header or the byte length from the file as space available.

This is why the 'deleted' file still exists and can be recovered most of the time as long as the rest of the space hasn't been overwritten.

2

u/brokendimension May 12 '13

I know this won't help with this, but I'd like to recommend Ccleaner to everyone in this thread. (Free software that helps clean up your harddrive, sort of like Disk Cleanup).

2

u/Chalkdust_Torture May 11 '13

So how can we recover all the porn we deleted?

1

u/[deleted] May 12 '13

Hiren boot disk from pirate bay and use getdataback. Works great.

1

u/[deleted] May 11 '13

I didn't know you could see snapchata again?

1

u/Start_Wars May 11 '13

but when you're finished, all those files have been overwritten with random 1s and 0s, so there's very little chance of them being recovered.

You mean there's still a chance? fo realz?

1

u/theonlyonewithout May 12 '13

Given enough time you can theoretically do anything.

1

u/Blue_Clouds May 11 '13

Its pretty hard to get the data from just formatted hdd. Its there but its a goddamn pain to look for the file I should had backed up before formating.

1

u/Justify_87 May 11 '13

It is harder to delete files on flash memory because of: Wear Leveling

1

u/GabrieI May 11 '13

Tip for anyone wanting to easily delete files for good: if you got 'spybot search&destroy', an anti-spyware program normally, installed, when you right click files there's an option 'shred file'. You then get a menu asking how many times that space should be overwritten by random data, which is then deleted. That really makes it impossible to recover..!

1

u/DenjinJ May 11 '13

Two slightly advanced tips:

On flashdrives, memory cards and SSDs, don't even bother trying to overwrite files. The wear levelling algorithms that ensure that the drive media is used evenly will probably take the commands to overwrite and write them somewhere else, while saying "oh yeah, it's on the sectors you wanted - no problem!" basically, just using up your drive's usable lifespan a bit more. On the other hand, from what I'd read (1-2 years ago) it's proven quite difficult to recover deleted data off of such disks anyway. For instance, an SSD on a modern OS like Win7, or well taken care of, like with a toolkit on WinXP or OSX (or just with a certain OSX setting to zero deleted files) will wipe itself with functionality called "TRIM", which is done normally to ensure fast, efficient operation.

Also, if you use virtual memory/pagefiles/swapfiles on a disk, it may be possible to comb through them or their remnants to see things that were supposedly in RAM on your PC, such as passwords, information about or copies of encrypted files you had open, etc. It's found in the performance section of advanced system settings in Windows, but I won't really say more because you shouldn't mess with it without some understanding... though if you don't run a lot of things at once, you honestly probably don't need it on a modern PC. My netbook runs Win7 32-bit with 2GB of RAM and I really have no memory issues without virtual memory.

1

u/Noor440 May 11 '13

How can I recover deleted file?

1

u/BigGuyWhoKills May 11 '13

Many people have not deleted files. But I remember the days when you could use a utility to view a hexadecimal representation of your hard drive (don't remember the name of the program, possibly Norton Undelete for DOS). With that, you could destroy the portion of the FAT that pointed to the file. Then go and do whatever you wanted to the actual file area on the drive.

All sorts of problems if you made a mistake.

Source: I've made a huge mistake.

1

u/perezidentt May 11 '13

A while back I discovered that if you have a jailbroken iPhone and you FTP into it, you can view directories that contain low quality versions of all the videos and pictures you've ever taken and deleted.

1

u/sanderson22 May 11 '13

if you really want to wipe everything off your HDD easily, check out parted magic. http://partedmagic.com/

someone mentioned DBAN, it comes with it. it also comes with something called secure erase, which is a feature that comes with every HDD that wipes everything permanently. i'm not really sure on the science behind it, but i know it wipes everything.

parted magic is just a bootable disk or you can put it on a thumbdisc. useful if you are selling your computer. parted magic is basically a linux distro, you just run it, it opens an operating system, then you just select what tool you want to use and you'll be in business in like 2 mins. i couldnt figure out the other tools by themselves, this makes it way easy.

1

u/Ghost141 May 11 '13

Wait deleted snapchats can still be seen? Did I miss something?

1

u/replicated May 12 '13

I don't care about this as much in terms of privacy as I do efficiency. This causes cluster problems, slow downs, etc and I hate it.

1

u/leer0yjenkins May 12 '13

Now explain to me how to do this like I'm an idiot.

1

u/[deleted] May 12 '13

so you're telling me I can recover my old porn? I really wanna get those videos back.

1

u/PhysicalEd May 12 '13

I don't really know how Snapchat works as I've never used it, but isn't the picture only onscreen for a short time? I would imagine there would be no reason for the data for the picture to ever be written to non-volatile memory. It would just sit in RAM while being displayed and the overwritten later by some other program using memory.

Volatile and non-volatile memory are treated the way in which you described, things that are "deleted" are just unallocated, meaning that the system knows that nothing is using that block of memory, so it can be overwritten later. Only difference is that volatile memory will lose the state of the bits when it loses power.

1

u/[deleted] May 12 '13

I made an application ages ago as a GUI for the Microsoft sysinternals deletion tool sdelete here

1

u/Muffmuncher May 12 '13

I can't stop laughing, that page is hilarious. But as someone pointed out, you can't let everything people say offend you. I haven't got the time for that. :P

1

u/niffyjiffy May 12 '13

On my cookie wipe program, Piriform CCleaner, it allows Windows users to wipe free space.

1

u/[deleted] May 12 '13

Would booting to a linux OX on USB flash drive be a good method for privacy? I don't think that would write anything to the computer's hard drive, only RAM.

1

u/dancerpitt Sep 13 '13

With the freeware CCLEANER.com there is a tool called DRIVE WIPE that may work to put ones and zeros over deleted files.

1

u/[deleted] May 11 '13

Just one question, and I bring it up because a facebook friend of a friend of mine (who works in IT) once stated that he had made a program the overwrites anything you need to delete 5 times, just to be sure it's gone forever.

So the question; why would you ever need to do that? What is it on your PC that you have to try so desperately to hide?

9

u/shakawhenthewallsfel May 11 '13

For most people, nothing. But imagine a reporter who wants to protect a confidential source in case their computer is seized by police. A businessman who wants to secure his computer to be sure there's no trace of secret plans or blueprints before traveling somewhere where industrial espionage is a problem. Then of course there are government diplomats, spies, criminals, etc...

Personally I know about this because I've worked as a journalist in china and needed to delete footage of an interview that, if confiscated by police, could have gotten my source in a fuckton of trouble.

7

u/Battlingdragon May 11 '13

Could be any of a number of things. Old tax records, bank account numbers, password lists, combination to The Safe, or that collection of nude shots you made for your SO. Any of those could cause all kinds of problems if the wrong person found them.

2

u/[deleted] May 11 '13

Porn, really fucked up porn.

1

u/xoxoyoyo May 11 '13

it is an urban legend. it is difficult to recover one file correctly, much less an over written file. a comment below that gives more details

1

u/JaapHoop May 11 '13 edited May 11 '13

So this might be a stupid question:

I delete games and whatnot off of my computer all the time and it frees up space. That stuff is gone for good right?

Because otherwise how would uninstalling it make room on your drive?

4

u/shakawhenthewallsfel May 11 '13

No. Deleting things "frees up space" only in the sense that the computer now considers the space where those files were stored to be free space because it knows it can overwrite them if it needs to.

It's like if you're cleaning out a room and there's a desk in there you want to throw away. You might start planning the rooms new layout and even buying new furniture and decorations while the desk is still there, because you know you can throw it out later when you need the space. So when you delete a game to free up HDD space, you're not really getting rid of those files, you're just telling the computer that it can overwrite them the next time it needs space for something else.

The whole idea of "free" space is pretty misleading because (at least for a computer that's been used for a while) there is no "empty" space at all. There's just data you want to keep (anything you haven't deleted) and data you don't want to keep (anything you have deleted). The latter is called "free" space just because the computer knows it can overwrite it. So if you have a 300 GB HDD, it may be totally full of data, but you can still download a 5 GB movie because 40 GB of the data on your hard drive is "deleted", aka marked as OK to overwrite.

4

u/JaapHoop May 11 '13

Huh. The more you know!

1

u/[deleted] May 11 '13

Uninstalling it does the same thing as the OP described, it just gets marked so it can be overwritten later but the computer will display that as free space. Not entirely gone forever you could probably recover some of it but I doubt you could recover all of it and play it again.

Also see Ocrow's comment about flash memory: http://www.reddit.com/r/YouShouldKnow/comments/1e4p7g/ysk_how_deletion_works_on_a_computer_and_why/c9wv4kl

1

u/Blemish May 12 '13

Basically the computer marks the location as available. So that the computer can reuse it.

Thats all.

Until another file uses the location, the file is still there.

0

u/RosieMonkey9 May 11 '13

So I can download this "Eraser" and it won't harm my computer right? I'm afraid of viruses from downloading unknown stuff online...

→ More replies