Jump to content

Kill Your Data Dead With These Tips And Tools


Turk

Recommended Posts

Jon L. Jacobi Jan 14, 2014 3:00 AM

2lbov9g.jpg

There are lots of ways to obliterate sensitive data from of your drive: blast furnaces, degaussers (magnet field generators), sledgehammers, and secure-deletion software among them. These tools vary in effectivenessespecially as applied variously to hard drives, solid-state drives, and USB flash drivesand in the subsequent usability of the drive.

For the sake of argument (and a more interesting article), lets assume youd like to preserve your drives functionality. This rules out violence and degaussing, which, though wonderfully effective and perhaps therapeutic, will render a drive useless. Excluding those options leaves you with a choice between software and software-combined-with-firmware methods.

Free secure-erase utilities

You can easily erase an entire hard drive or SSD by using any of the free utilities listed below. All invoke the secure-erase (sometimes called quick-erase) functions integrated into nearly every ATA/SATA drive produced since 2001. By and large its a great feature, but using it on older drives has some potential pitfalls, such as buggy implementations, an out-of-date BIOS, or a drive controller that wont pass along the commands. You might also need to fiddle with the ATA/IDE/AHCI settings in your BIOS, and in most cases the drive should be mounted internally.

nytdag.jpg

Parted Magics DriveErase utility makes it a breeze to perform secure erases on your SSDs and HDDs.

Ive never had a problem secure-erasing a hard drive, but about a year ago I did brick a Crucial M500 SSD. (A firmware problem was probably responsible for this disaster; Crucial accepted the drive for return but never told me why the hardware had gone belly-up.) An enhanced secure-erase operation overwrites a drives housekeeping data as well as its normal user-data areas, but at least one vendor (Kingston) told me that its normal secure-erase routine does both, too. In the bad old days, running a secure-erase on some SSDs sometimes left data behind.

Depending on the controller you use (notably SandForce), a secure-erase can be cryptographic or physical. If a drive is encryptedand some are by naturea secure-erase operation simply deletes the encryption keys, and then regenerates them. Without the original keys, the data is useless. A physical erase involves zapping the drives magnetic particles or NAND cells back to their default state.

To entirely avoid the danger of erasing the wrong drive in a multiple-drive system, you should power down, disconnect all of the drives except the one to be erased, and then boot from a CD or a flash drive with the utility that does the job. I learned that lesson the hard way.

641nid.jpg

Parted Magic is free to use, but it now costs $5 to download.

Linux-based boot disc Parted Magic (formerly donationware, now free to use but $5 to download) has many features, including a file manager and a partition manager. Its handy for recovering data and operating systems, but it also has a link on its desktop to DiskEraser, a simple utility that will erase your drive or invoke the drives own secure-erase routine. Parted Magic is basic and lightweight, and it will work with any drive. In fact, several SSD vendors recommend itthough the recommendations date from when it was completely free.

Little, command-line-lovely HDDerase.exe isnt for inexperienced usersits a bit too geeky and can require multiple steps. Another drawback of the app is that it cant bypass the frozen security stat that most modern drives employ to avoid malware erasures. But otherwise it invokes the secure-erase function just fine. It also comes in .ISO form, so you can burn it to disc or create a bootable flash drive from it.

Note that the NSA sponsored HDDerase. Yes, the folks there like to secure as well as monitor data. Not to mention dip their hands into open-source security projects. Interpret that historical nugget as you will.

11akbxi.jpg

Hitachi's Drive Fitness Test analyzes drive health and wipes unwanted data. Other vendors offer similar utilities.

Most drive vendors provide a utility that can run S.M.A.R.T. diagnostics to check drive health, update firmware, and invoke a drives secure-erase routine. Odds are youll have to sign an agreement accepting that the tool may brick your drivebut hey, thats life in the big city. A short list of such utilities includes Data Lifeguard (from Western Digital), Drive Fitness Test (from Hitachi), OCZ Toolbox, Samsung Magician (SSD only), and SeaTools (from Seagate).

For hard drives only: Block-overwrite software

Block-overwrite software is more versatile than the secure-erase command because it lets you wipe data from a hard drive while leaving the operating system, program files, and other keepers intact. Unfortunately, this type of software is ineffective on SSDs or USB flash drives, and in many cases it cant wipe a hard drives HPA (Host Protected Area), which contains data about the low-level organization of the drive. That said, with high-powered algorithms and multiple passes, it will effectively render your data unreadable even when subjected to all but the most expensive forensic techniques.

qp2a7l.jpg

O&O Software's versatile SafeErase offers full and partial wipes, and it can find and delete common types of sensitive data.

O&O SafeErase 7 ($30, free demo) is a jack-of-all-trades that can remove individual files and folders or erase entire partitions and disks. Like the previously reviewed PrivaZer, SafeErase scans your hard drive for possibly sensitive files, presents them to you for inspection (or you can elect to accept its assessment across the board), deletes them, and then wipes them. SafeErase did a good job of finding sensitive stuff while ignoring what I wanted to save, and it includes options on general types of files to look for.

SafeErase can also wipe free space (erasing the tracks left by deleted files) and your entire computer (all drives, everything), though those options arent available in the demo version. But the $30 that O&O charges for those extra features may money well spent if you want to maintain a clean system. SafeErase is a nicely realized, versatile data-destruction program.

MediaTools Wipe 1.2 ($99, free demo) is all about erasing a lot of hard disks with minimal fuss. Its designed for professionals who erase in bulk and will dedicate a (rather powerful) PC to the task. MediaTools Wipe 1.2 can handle up to 18 drives at once, all presented in a convenient console view. The program has its own wipe routines, but it cant invoke a drives own secure-erase routines.

2z8uvwl.jpg

MediaTools Wipe lets you lock drives to prevent accidental erasures.

MediaTools Wipe 1.2 has so many handy features (user-definable erase patterns, smart handling of bad blocks, and so on) that I cant mention them all here. Check out our review of the functionally equivalent version 1.1. Youll likely dedicate a PC to it, so the $49, single-seat technicians license will suffice for most situations. However, $500 single-site and $1000 multi-site licenses are available for the corporate crowd.

The handy and free Eraser 6 utility deletes files, folders, and free space on a schedule. Its just the thing for users who want to maintain a minimal data presence on their PC. You must know what you need to erase, since Eraser 6 doesnt have automatic selection of sensitive data, as O&O SafeErase and PrivaZer do. But Eraser 6 does have a large array of government-level algorithms to choose from, and its super-simple to use.

Active@ KillDisk is available in a free Windows edition and a DOS (boot disc) edition. Either will overwrite free space or entire partitions with a single pass of zeroes. To obtain its more advanced features and algorithms, youll need the Active@ KillDisk Pro, which costs $40 for Windows, and $50 with the pro-DOS version thrown in. KillDisk wont invoke a disks secure-erase routine, and it doesnt have any smarts: It doesnt detect and delete sensitive data such as browsing records, downloads, and program caches.

2cpp9a8.jpg

Active@ KillDisk presents a concise, information-laden view of the drives on your system. A DOS boot disc version is available as well.

Active@ KillDisk is very effective as far as it goes, but most users will be just as well off with the free Eraser 6or better off by paying less for a program that automatically selects and deletes sensitive data and wipes free space. Then again, if you run Piriforms CCleaner before KillDisk (or Eraser 6), youll have a very effective data-killing combo.

Wiping SSDs and USB Flash drives

Block-overwrite software isnt reliable with NAND-based media because of the voodoo that flash-storage controllers use when writing and deleting data. Im sorry I cant be more specific about what actually happens, but controller vendors are loath to talk about such things, lest they give away a competitive advantage.

2j4rcs0.jpg

USB flash drives are convenient for everybody, including anyone trying to get data off one that isnt securely erased.

That said, SSDs that support the TRIM command and run under a TRIM-supported environment (Windows 7 and 8, OS X 10.6.8 or better, Linux 2.6.28 or better, plus a modern BIOS and drive controller that pass on the command) should wipe deleted data continually. Note that I said should.

Ideally (for security purposes) an SSDs garbage collection routines, invoked by the TRIM command, would quickly erase the NAND blocks formerly occupied by your file. The whole reason for TRIM is that NAND must be erased before being rewritten. If a drive runs out of clean, unwritten blocks and must erase previously used blocks immediately prior to writing to them, performance suffers drastically.

Unfortunately, from what I could glean from data recovery experts such as strategic technical alliance manager Chris Bross of DriveSavers and SMB partner manager Leon Feldman of ACE Data Recovery, some disk vendors put off block erasures for long periods of time or until theyre forced to resort to them. Sad but true: You cant rely on housekeeping to remove data. Even sadder, there seem to be no utilities that will force the garbage collection. That seemingly simple solution has so far been ignored.

USB flash drives dont support standard ATA secure-erase or TRIMso unless youre using a secure, encrypted type, youll need to contact the vendor for an erase utility.

You could overwrite the entire drive or just free space with files. This will work to a point, butespecially on SSDssome blocks used in over-provisioning and marked as bad cant be copied over. They may retain data you want to erase.

k831d.png

Data recovery companies can sift through raw data, block by block.

In the end, the only sure way to remove all unwanted sensitive data from the free space on an SSD or USB flash drive while retaining the data you still want is to back it up (use imaging if an operating system is involved), secure-erase the drive, and then restore the desired data. Sigh.

And when thats not enough...

All the methods and programs Ive described will work great for the average user. That said, forensic data recovery technology has come a long way. Normal affordable methods wont counteract anything Ive discussed. But if you have a formula for cold fusion, or a trade secret that will topple the global economy overnight...go for the degausser, the hammer, and then the blast furnace. You cant be too sure.

http://www.pcworld.com/article/2084961/kill-your-data-dead-with-these-tips-and-tools.html

Link to comment
Share on other sites


  • Replies 3
  • Views 2.3k
  • Created
  • Last Reply

Top Posters In This Topic

  • pintas

    1

  • truemate

    1

  • SlimRock

    1

  • Turk

    1

Top Posters In This Topic

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...