Ask Leo: Secure Delete – What is it and do I need it?

askleo

By Leo Notenboom

Although there are many software utilities that claim to be able to delete
data files from hard drives securely and thoroughly, can’t you accomplish the
same thing simply by overwriting sensitive files with large, non-sensitive
ones?

To be honest, it depends on your level of paranoia. I suppose that also
depend on the level of sensitivity of your data.

But you are correct in the implication that a plain old “delete” isn’t
nearly enough.

Let’s look at that, and how far you might need to go.

As you may already know, deleting a file in Windows doesn’t actually delete
the data. In fact, it doesn’t really even delete the file – in Windows Explorer
if you delete a file it just gets moved to the recycle bin. The file’s not
really deleted until the recycle bin gets too full, or until you empty it
yourself.

Naturally it’s trivial to go digging around in the recycle bin to see what’s
been “deleted”, and recover it intact.

“Because of the way magnetic material on hard disks
works, it might be possible to actually recover data that has been
overwritten.”

Even a “permanent” delete after, or bypassing, the recycle bin doesn’t
really delete the data. In a sense, it just tells Windows “This space over here
where there used to be a file? You can put something else there, if you
like.”

It’s kind of like moving out of an apartment by only taking your name off of
the door. Until someone moves in and replaces with their own, all your stuff is
still inside and available to anyone who knows how to look for it.

That’s where the concept of “secure delete” comes in. A secure delete
overwrites the data in the file when the file is deleted. This takes longer, of
course, as it has to actually go access the entire file, but it ensure that the
data is no longer accessible to the casual observer. It’s kind of like making
sure your apartment is empty – or at least full of stuff that isn’t yours –
before leave.

Unfortunately simply overwriting one file with another does not do this. The
problem is that you can’t control where the operating system is going to write
the data. Depending on how the copy is implemented it may copy the data to a
new file on the hard disk, delete your old file, and then rename the new file
to the old file. (A very common technique.) Note the “delete” in the middle –
that’s not a secure delete. Your data is still out on the hard disk.

So, what does Leo recommend?

[This post is excerpted with Leo’s permission from his Ask Leo blog.]

Leo Notenboom has been involved in the tech industry for nearly 30 years. After retiring from an 18 year career as a Microsoft Software Engineer Leo went on to create Ask Leo!, a free web site where he answers real questions from ordinary computer users.

FaceBook URL: Leo’s Facebook

Twitter URL: http://twitter.com/askleo

116 total views, 1 views today

(Visited 13 times, 1 visits today)

7 thoughts on “Ask Leo: Secure Delete – What is it and do I need it?

  1. Andrew, it sounds like you have scare ware…my husband got this on his laptop and it took me 3 hours to figure out a way around it. Constant legit-looking pop-ups saying his PC was infected…every time I tried to run or update his anti-spyware it would stop me and say the app was infected. I used a different browser (luckily he had FireFox, IE was infected with their plug-in.) and quickly downloaded Malwarebytes Anti-Malware, then shut off the PC and booted in safe mode. I could then run Malwarebytes and it found over a dozen pieces of the nasty little bugger! I directed Malwarbytes to fix the problem then re-booted normally and ran all his security apps. Nasty bugger gone!

  2. To Andrew Cruikshank….

    I had the same exact problem with a pc from my office. Search all of your files for a file named sysguard.exe. If it is on your system then McAfee has been rendered useless by it and is being blocked from doing a full scan. If it is there, you need to delete it. If you use Internet Explorer as a browser then you should be aware that there is a virus out there written by russian hackers that poses as fake antivirus/anti-spyware/anti-malware. It goes by many names, my Nod32 detected it as Adware.SpywareProtect2009. If you get this pop-up telling you that you are being attacked: DO NOT CLICK ON THE POP-UP BALLOON! Close out your browser and reopen. Click on the pop-up balloon anywhere and you initialize the installation of the virus. If you find the sysguard.exe file; delete it, uninstall your anti-virus software, and download PC Doctor. That is the only anti-virus program that I could find that deleted all vestiges of the virus and the trojan. This virus also rewrites your host files to redirect you to sites where you can contract more viruses. After I removed the virus, I had to run Registry Mechanic to fix that, then I had to run the repair utility on my internet adapter to get online again. Large chunks of my winsock registry were missing.

  3. Where does defragmenting a drive fit into all this? What I mean is that the defragger moves the contents of files all over the place and I believe would leave parts of the file or the whole thing scattered all over the drive possibly in multiple copies. So that makes me wonder if, even after you wipe the file clean 7 times, etc., does that take care of the contents of the file where it used to be? And if I am correct, how could you solve this?

  4. Hi: I have an old laptop that I want to sell, but I need to clean up the old files and delete info. How do I do this securely. I haven’t used the laptop for quite awhile, its about 5 years old. Thank you for your time. Donna Eck

  5. I use a Mcafee security package…and very happy with it. Recently a windows cyber security has been bullying me to take up their package, by telling me that I have 23 virous attacking my system. A full scan by Mcafee proves that there is no problem!! But still this programe persists and invades my screen….I cannot close it down…..surely this is not legal is it ?
    My question is How can I get rid of the annoying pop-ups and the invasive threats !
    Thanks

  6. I clicked on the link to the utility on Leo’s page and was sent to a site that had nothing to do with secure deletion but for some sort of penny stock service. That does not seem to be quite the sort of secure site you should be directing newsletter readers to.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.