By Leo Notenboom
Although there are many software utilities that claim to be able to delete
data files from hard drives securely and thoroughly, can’t you accomplish the
same thing simply by overwriting sensitive files with large, non-sensitive
ones?
To be honest, it depends on your level of paranoia. I suppose that also
depend on the level of sensitivity of your data.
But you are correct in the implication that a plain old “delete” isn’t
nearly enough.
Let’s look at that, and how far you might need to go.
As you may already know, deleting a file in Windows doesn’t actually delete
the data. In fact, it doesn’t really even delete the file – in Windows Explorer
if you delete a file it just gets moved to the recycle bin. The file’s not
really deleted until the recycle bin gets too full, or until you empty it
yourself.
Naturally it’s trivial to go digging around in the recycle bin to see what’s
been “deleted”, and recover it intact.
works, it might be possible to actually recover data that has been
overwritten.”
Even a “permanent” delete after, or bypassing, the recycle bin doesn’t
really delete the data. In a sense, it just tells Windows “This space over here
where there used to be a file? You can put something else there, if you
like.”
It’s kind of like moving out of an apartment by only taking your name off of
the door. Until someone moves in and replaces with their own, all your stuff is
still inside and available to anyone who knows how to look for it.
That’s where the concept of “secure delete” comes in. A secure delete
overwrites the data in the file when the file is deleted. This takes longer, of
course, as it has to actually go access the entire file, but it ensure that the
data is no longer accessible to the casual observer. It’s kind of like making
sure your apartment is empty – or at least full of stuff that isn’t yours –
before leave.
Unfortunately simply overwriting one file with another does not do this. The
problem is that you can’t control where the operating system is going to write
the data. Depending on how the copy is implemented it may copy the data to a
new file on the hard disk, delete your old file, and then rename the new file
to the old file. (A very common technique.) Note the “delete” in the middle –
that’s not a secure delete. Your data is still out on the hard disk.
[This post is excerpted with Leo’s permission from his Ask Leo blog.]
Leo Notenboom has been involved in the tech industry for nearly 30 years. After retiring from an 18 year career as a Microsoft Software Engineer Leo went on to create Ask Leo!, a free web site where he answers real questions from ordinary computer users.
FaceBook URL: Leo’s Facebook
Twitter URL: http://twitter.com/askleo