Warning When Deleting Data
Most users today use the “Delete” command in Windows to remove data. To be “safer,” they also go into the Recycle Bin to “Empty” it again, believing that deleted data no longer exists. Some more “knowledgeable” users know how to completely wipe data by entering DOS to format the drive or delete directly in DOS using some tools. Unfortunately, with just a few actions, that data can often be completely recovered.
Private user data, confidential company information, etc. can be exposed due to a lack of deep understanding, especially when returning rented computers, discarding or donating old computers, transferring computers to new users, taking hard drives for repairs, or lending out Flash memory cards, etc.
There are many cases where you really need to wipe data “clean,” such as deleting temporarily copied data from one hard drive to another, removing virus-infected data, wiping or formatting a hard drive to reinstall a new operating system, or deleting all private emails, photos, etc. However, if these hard drives or flash memory cards end up in the hands of “experts,” almost all your deleted data will still be in a state of “inviting you to feast.”
Delete or Format Does Not Completely Wipe Data!
Most users do not realize that Windows and every application running on it have a “habit” of creating multiple data files that contain the same content as the data users are working with, storing them in Swap Files and Page Files to support virtual memory, or copying them as another version into Temp or Temporary Files. All of these actions by Windows are intended to preserve user data in case of sudden power loss or if the user forgets to save their data. However, this is actually a “careless” action by Windows as it automatically duplicates data without knowing to delete it once it is no longer needed. This creates a significant vulnerability, providing an “optimal” opportunity for data thieves to operate. Thus, even if users delete data and “Empty the Recycle Bin” or format a specific hard drive partition, the data previously stored there may still be intact somewhere within Windows. Furthermore, there are now many powerful data recovery tools capable of restoring all data regardless of how many times that hard drive partition has been formatted.
In fact, with the Delete command, users are only deleting the path to the data, not the actual information from the hard drive. This is similar to only removing the table of contents from a book without destroying the corresponding pages or chapters.
This Delete command is merely considered a command to “tidy up” the hard drive visually and does not have a real “delete” effect. Therefore, renaming the Delete command to “Tidy” might be more appropriate.
Some Methods or Utilities to Completely Wipe Data!
To secure information on projects, internal communication, financial-accounting data, customer data, personal data, etc., you need to be aware of reliable methods or software for completely wiping data. Currently, some commonly used safe data deletion methods worldwide include:
1. Single Pass: The entire data area on the hard drive is overwritten with characters 0 or 1 or random data.
2. DoD: This thorough data deletion method originates from the U.S. Department of Defense. It is a variant of the Single Pass method with 7 overwrite iterations, alternating between characters 0 or 1 or random data. Following this, according to the DoD 5220.22-M document, known as the National Industrial Security Program Operating Manual (NISPOM) by the U.S. Department of Defense, to thoroughly cleanse data from a disk, the following measures must be combined:
– Degaussing: Using a magnetic field to reset the magnetic strips in the device with a Type I or II degausser.
– Overwrite every address on the hard drive with one character, including related components, then continue overwriting with random characters and verify. However, the U.S. Department of Defense also notes that this method should not be used for deleting data that contains highly sensitive information.
– Destroy the storage device, including disassembling all components of the storage device, incinerating, grinding into powder, shredding, or melting with high temperature.
3. Guttman Method: Data deleted using this method is overwritten up to 35 times. This method uses random characters for overwriting and applies encryption algorithms from various hard drive manufacturers.
4. Custom Overwrite Method: Overwrite between 1 to 99 times.
In addition, there are many other data cleansing methods proposed by various organizations and countries.
From referencing the above data cleansing methods, it seems there are only two ways to completely wipe data: overwrite and destroy in a “total annihilation” manner. However, clearly “total annihilation” is a method that few dare to employ due to its high cost.
Users should note that even Peter Guttman, the creator of the Guttman method, has stated: “It is impossible to completely wipe 100% of data, no matter how many times you overwrite it…” Therefore, we can only minimize the risk of data recovery by overwriting it many times. Users can refer to “Recover My Files,” an extremely effective data recovery tool, regardless of whether the data has been Deleted or Formatted.
Currently, most data-wiping software running on DOS appears to be more effective than software running on Windows, but they tend to be less user-friendly. However, it may be more appropriate for data cleansing support to be handled by the IT department in businesses or organizations.
Below are a few websites that provide relatively effective solutions for data wiping. Users can visit these websites to refer to and download trial versions before choosing the most suitable tool for themselves.
BCWipe: http://www.jetico.com/index.htm#/bcwipe.htm
Data Eraser: http://www.ontrack.co.uk
Directory Snoop: http://www.briggsoft.com/dsnoop.htm
Disk CleanUp: http://www.gregorybraun.com/CleanUp.html
Eraser: http://www.tolvanen.com/eraser
M-Sweep: http://www.securedata.com/ms.html
PGP Wipe: http://web.mit.edu/network/pgp.html
RMD: http://www.dmares.com/maresware/ps.htm#RM
WipePro+: http://www.marcompress.com
Wipe Info: http://www.symantec.com
With Out a Trace: http://www.karmadromesoft.com
Nova Drive Erase Pro: http://www.novadevelopment.com.
HOÀNG KIM ANH
