Whether you are preparing to reuse a hard disk for another operating system, clear off your junk shelves by passing along outdated drives to a friend or relative, donate an old PC to a charity or school, discard a too-small USB drive or flash memory card, or repurpose an SSD, you don’t want to leave any information on the storage device. With stories abounding of identity theft aided by information lifted from discarded storage devices, you want devices you no longer plan to use to have no usable information when they head out the door.
Why Erasing Files Is Not Enough
Sure, you could erase the contents of the drive, but keep this in mind: the act of erasing a file does not remove it from a storage device.
When you erase/delete a file from your computer, it’s not really gone until the areas of the disk it used are overwritten by new information. If you use the normal Windows delete function, the “deleted” file is sent to the Recycle Bin until the space it uses is required by other files. If you use Shift-Delete to bypass the Recycle Bin, the space occupied by the file is marked as available for other files. However, the file could be recovered days or even weeks later with third-party data recovery software. As long as the operating system does not reuse the space occupied by a file with another file, the “deleted” file can be recovered.
With SSDs, the erased file situation is even more complex. SSDs store data in blocks rather than in sectors as with magnetic storage. Overwriting a block was previously used involves copying the contents of the block to cache, wiping the block’s contents, delete the block to be overwritten from cache, writing the new data to cache, and rewriting the block with the new data. As an SSD is used with files that are deleted or changed frequently, the performance can drop unless the drive (and operating system) support a technology called TRIM that wipes out deleted data blocks as soon as the file using the blocks is deleted. TRIM is supported by Windows 7 and by some late model SSDs, but not by older Windows versions. So, disk wiping can be both a security feature and a performance improvement strategy.
Data Wiping Versus File Erasure
While erasing files simply marks file space as available for reuse, data wiping overwrites all data space on a storage device, replacing useful data with garbage data. Depending upon the method used, the overwrite data could be zeros (also known as “zero-fill”) or could be various random patterns.
Products that can be used for wiping hard disks might not be suitable for wiping other types of drives. In this article, we will look at methods for securely wiping hard disks, USB flash memory devices, flash memory cards, and SSDs.
Zero-Fill a Hard Disk
Time Needed: several hours (varies with size and speed of drive)
Software: Hard disk utility software from your drive vendor
Media: blank CD or floppy disk
Although writing zeroes across the entire hard disk surface (aka “zero-filling”) is not sufficient to meet government data sanitation (disk wiping) standards such as DoD 5220.22-M or the more comprehensive Standards and Technologies (NIST) Special Publication 800-88, overwriting the entire hard disk prevents most types of data recovery from being successful.
Here’s where to get zero-fill software from hard disk vendors:
Hitachi
Drive Fitness Test (see website for specific models supported)
http://www.hitachigst.com/hdd/support/download.htm#DFT
Select the Erase Drive feature to zero-fill your hard disk
Samsung
HUtil (see website for specific models supported)
http://www.samsung.com/global/business/hdd/support/utilities/Support_HUTIL.html
Use Tool, Erase HDD to zero-fill your hard disk
Seagate (including Maxtor)
SeaTools for DOS (see website for specific models supported)
http://www.seagate.com/www/en-us/support/downloads/seatools
Use Full Erase to zero-fill your hard disk
Western Digital
Data Lifeguard Diagnostics (select drive model for specific version recommended)
http://support.wdc.com/product/download.asp?lang=en
Use Write Zeros to drive to zero-fill your hard disk
1. Determine the brand and model of hard disk you want to overwrite.
2. Download a CD ISO image or a floppy disk image (depending upon your equipment) and use the image to create bootable media. The floppy disk image is self-contained: run it, insert a blank floppy disk when prompted, and the image is created on the disk. You will need to use a CD burning program that works with ISO images to convert the ISO image into a bootable CD.
3. Restart your computer with the bootable media you created in Step 2.
4. Select the hard disk to zero-fill when prompted.
5. Choose the option to zero-fill the hard disk.
6. When the program is finished, follow the on-screen instructions to shut down or restart your computer.
7. Remove the wiped hard disk you can now reuse or recycle the hard disk.
No comments:
Post a Comment