We've all woken up in the morning and gone to our computer to find a
folder created last night after a few drinks, containing 17 years of
our tax documents, 47 naked photos, a government leak we were going to
send to Julian Assange, and 672 emails to a prostitute named Lynda in
New York. Well, maybe not, nevertheless secure file deletion is
incredibly important. Whether you are trying to delete financial
documents, embarrassing photos, or anything else that you don't want
someone to find out about, simply hitting the "delete" button doesn't
cut it. These days much of our data is stored on laptops, USB flash
drives, or portable hard drives, all of which are easily stolen. In
fact, if you ever decide to sell any of these devices without properly
deleting your files, the buyer could recover the files you thought you
had deleted and read them. Secure file deletion goes far beyond a simple
delete button, and this tutorial will explain it all!
Simply deleting the pointer, however, leaves the file on the hard disk until it is overwritten. This means that you, or someone else with access to your computer, can go back and recover that file. Of course, that is a security disaster if you just had your device full of what you thought were 'deleted' financial documents stolen. It's like taking the name off the folder in a file cabinet, instead of burning the file itself. Of course, there is a solution for this: overwriting.
When Gutmann presented the paper, his ideas were based more on theory than on practice. Furthermore, they were based on previous hard drive technology. Recent research, however, has shown that Gutmann's idea that a file needs to be overwritten 35 times to be actually secure (a mentality that has also been accepted by the security industry) doesn't apply anymore. At the Fourth International Conference on Information Systems Security, researchers showed that overwriting a file even a few times with current hard drives caused the file to be unrecoverable. The paper can be found here assuming you have access to the library. Another paper from Stony Brook University cites government deletion standards for top secret documents calling for no more than three overwrites. So to save your hard drive some unneeded work, and to save yourself some time, when using the programs I'm about to describe, don't bother with more than three overwrites.
Windows users have a plethora of options to securely delete files. I'm going to focus on two of them today. The first option is a simple tool called Moo0 File Shredder ; an exceptionally strange name for a tool which seems to just work. There are many other programs with extensive feature-sets, however I frequently find myself just going back to Moo0 because of its straight up utilitarian simplicity. It gives you four options: Shred Once, Extra Careful, Into Ashes, and Vaporize. Usually Shred Once should be sufficient. If you have a document that you really want gone, however, go with Extra Careful (or Vaporize if you want to be a paranoid android and have the time, but it's mostly unnecessary). To securely delete a file with Moo0, just drag it from your file explorer to the "Drop Box" on the left. It's that simple.
The next Windows option is CCleaner . Ccleaner doesn't just wipe one file specifically, instead it can be used to either wipe all of your temporary files, such as cookies and browser history, or to wipe your "free space". The first option causes the 'Cleaner' tool (a tool you may already use) to overwrite all the files that it cleans instead of just deleting them. To enable this just go into the options menu, then go to settings and select "Secure File Deletion". Again, a one or three pass overwrite is probably sufficient. The second feature of Ccleaner is a bit more interesting. What it does is take all the free space on your drive and overwrite it. This means that all the files which you may have simply marked as deleted in the past will be removed. This is a good option to clean up your computer after a history of insecure use. To do this, go into the tools menu, and go down to the drive wiper. Here, select "free space only", and then select the drive you wish to clean up. Then just hit 'wipe' and Ccleaner will do its work.
Why Isn't Just Pressing "Delete" Enough?
Most modern operating systems don't actually "delete" files. Instead, they mark them as deleted. This is because of how modern storage works. When you create a file the operating system creates a 'pointer' to that file so that it can be accessed faster. Similarly, when you delete a file, the operating system merely removes that pointer. This is because of the massive speed reduction that would occur if it were to delete the file itself. To actually delete a file it needs to be overwritten. Think of how long it takes to transfer a large file, such as a movie, from one device to another. The speed it takes to do this is limited usually by the "write speed" of your hard drive. Deleting the file would take the same amount of time, as real file deletion is merely a function of writing over top of the deleted file and is limited by the same write speed. This is why Windows, Linux, and Mac operating systems usually just delete the pointer instead of the file itself.Simply deleting the pointer, however, leaves the file on the hard disk until it is overwritten. This means that you, or someone else with access to your computer, can go back and recover that file. Of course, that is a security disaster if you just had your device full of what you thought were 'deleted' financial documents stolen. It's like taking the name off the folder in a file cabinet, instead of burning the file itself. Of course, there is a solution for this: overwriting.
Secure File Deletion, Myths and Reality
Overwriting a file with random data is what is done to actually delete a file. This is the method used by most 'file shredders', which often do this anywhere from 1, to 35+ times. It's the same idea as using a permanent marker to black out text on a piece of paper; the more times you write over it, the harder it is to read. This idea exploded in 1996 when a man named Peter Gutmann presented a paper showing how simply overwriting something once isn't secure, and instead proposed a method which overwrites files 35 times. This has become the standard of many secure file deletion programs. In fact, you'll probably notice it with the programs I'm going to tell you about later. With modern hard drives, however, its necessity is a myth.When Gutmann presented the paper, his ideas were based more on theory than on practice. Furthermore, they were based on previous hard drive technology. Recent research, however, has shown that Gutmann's idea that a file needs to be overwritten 35 times to be actually secure (a mentality that has also been accepted by the security industry) doesn't apply anymore. At the Fourth International Conference on Information Systems Security, researchers showed that overwriting a file even a few times with current hard drives caused the file to be unrecoverable. The paper can be found here assuming you have access to the library. Another paper from Stony Brook University cites government deletion standards for top secret documents calling for no more than three overwrites. So to save your hard drive some unneeded work, and to save yourself some time, when using the programs I'm about to describe, don't bother with more than three overwrites.
Windows users have a plethora of options to securely delete files. I'm going to focus on two of them today. The first option is a simple tool called Moo0 File Shredder ; an exceptionally strange name for a tool which seems to just work. There are many other programs with extensive feature-sets, however I frequently find myself just going back to Moo0 because of its straight up utilitarian simplicity. It gives you four options: Shred Once, Extra Careful, Into Ashes, and Vaporize. Usually Shred Once should be sufficient. If you have a document that you really want gone, however, go with Extra Careful (or Vaporize if you want to be a paranoid android and have the time, but it's mostly unnecessary). To securely delete a file with Moo0, just drag it from your file explorer to the "Drop Box" on the left. It's that simple.
The next Windows option is CCleaner . Ccleaner doesn't just wipe one file specifically, instead it can be used to either wipe all of your temporary files, such as cookies and browser history, or to wipe your "free space". The first option causes the 'Cleaner' tool (a tool you may already use) to overwrite all the files that it cleans instead of just deleting them. To enable this just go into the options menu, then go to settings and select "Secure File Deletion". Again, a one or three pass overwrite is probably sufficient. The second feature of Ccleaner is a bit more interesting. What it does is take all the free space on your drive and overwrite it. This means that all the files which you may have simply marked as deleted in the past will be removed. This is a good option to clean up your computer after a history of insecure use. To do this, go into the tools menu, and go down to the drive wiper. Here, select "free space only", and then select the drive you wish to clean up. Then just hit 'wipe' and Ccleaner will do its work.
No comments:
Post a Comment