delete file in safe...
 
Notifications
Clear all

delete file in safe way ?

25 Posts
11 Users
0 Likes
2,929 Views
(@qassam22222)
Posts: 155
Estimable Member
Topic starter
 

hello all … and good evening
i want to delete some files and flders from my PC how i can do that ?? without leaving any chance to anyone to recover them ?

 
Posted : 12/03/2017 9:58 pm
Thomas
(@thomas)
Posts: 59
Trusted Member
 

You can do that with "File Shredder". http//www.fileshredder.org/
File Shredder is released under GNU/GPL General Public License. It is free for both personal and commercial use. With File Shredder you can remove files from your hard drive without fear they could be recovered. In File Shredder you can choose between 5 different shredding algorithms, each one gradually stronger than the previous one. Default is DoD 5220-22.M (3 passes), but Gutman algorithm is also available (35 passes). However, this will take some more time -)

The DoD 5220.22-M data sanitization method is usually implemented in the following way

Pass 1 Writes a zero and verifies the write
Pass 2 Writes a one and verifies the write
Pass 3 Writes a random character and verifies the write

 
Posted : 12/03/2017 11:03 pm
MDCR
 MDCR
(@mdcr)
Posts: 376
Reputable Member
 

Overwriting once is generally enough to wipe out information, earlier wiping recommendations to overwrite N-times refers to older drives that were built differently.

There is now built in wipe capabilities that can be activated fast through special software
http//www.pcworld.com/article/261702/how_to_securely_erase_your_hard_drive.html

While a write-in-place works on mechanical drives, on an SSD there is no guarantee that it will wipe data because of wear-levelling. Instead, simply filling the drive with data to the last block will make it impossible to recover data from it.

Physical destruction is much fastest - and more fun
https://www.youtube.com/watch?v=yd_O7-rqcHc

 
Posted : 13/03/2017 3:44 am
JimC
 JimC
(@jimc)
Posts: 86
Estimable Member
 

Short of total physical destruction you probably can't be assured of data deletion. There are lots of ways data could persist beyond simply being overwritten and this is what keeps digital forensics in business. Examples could include

a. Orphaned file fragments from previous operations on a file

b. Fragments in volume shadow copies (Windows)

c. Fragments in bad sectors or mapped out sectors

For these reasons I would be very cautious about any software that claims to selectively erase files in a live file system. For most practical purposes a complete reformat of a non-SSD drive will make meaningful data recovery pretty unlikely. Similarly most recent ATA/SATA drives support a command to perform a "secure" erase. This is similar to a format but performed by the drive firmware itself.

Jim
www.binarymarkup.com

 
Posted : 13/03/2017 3:22 pm
(@athulin)
Posts: 1156
Noble Member
 

Default is DoD 5220-22.M (3 passes),

It should perhaps be noted that the current version of this document (http//www.dss.mil/documents/odaa/nispom2006-5220.pdf) does not contain any such statement. It does say that sanitizion must be done, but leaves it to a 'Cognizant Security Authority' to issue the instructions for how to perform it.

It seems that earlier versions quoted related contents, but as it has been removed, citing this particular document is not useful anymore.

Starman (Daniel Sedory) has already made that point in 2008 http//thestarman.pcministry.com/asm/5220/

And he also cites what appears to be the current source for that earlier NISPOM recommendation of three passes. Today it only accepts degaussing and physical destruction. Overwriting is presumably no longer considered secure for the Defense Security Service.

 
Posted : 13/03/2017 8:23 pm
(@qassam22222)
Posts: 155
Estimable Member
Topic starter
 

thank u very much all that help me D

 
Posted : 19/03/2017 10:30 pm
(@jack_roger81)
Posts: 1
New Member
 

Dear Senior Member,

Apologize for delay!

Thanks for the question and happy that you are really concerned to your confidential data. D

Absolutely agree with the views of other members, deleting files with the data overwritten method is considered most secure and effective. I called it Eco-friendly way of file deletion.

By this way, you can free up your disk space which can be reused in future.

Few of the reputed software which you may try are-
1) DBAN
2) BitRaser
3) Eraser

Hope you remove your files safely…

 
Posted : 22/03/2017 10:07 am
(@mscotgrove)
Posts: 938
Prominent Member
 

I don't think that anyone has mentioned Defrag programs. These could have moved your critical file to a new location, and the old file may be left in unallocated space.

To overcome this type of issue, I occasionally just write a file (typically fairly blank data) to fill the whole drive. This should catch most of the unallocated data. I then just delete this big file.

Don't forget that very small files, maybe a few 100 bytes long, can be stored in the $MFT

 
Posted : 22/03/2017 2:42 pm
benfindlay
(@benfindlay)
Posts: 142
Estimable Member
 

hello all … and good evening
i want to delete some files and flders from my PC how i can do that ?? without leaving any chance to anyone to recover them ?

The answer is "it depends".

Some further thoughts over and above the previous comments already given (defrag consideration etc. is an excellent point), you would also need to possibly factor in the file/operating system in use.

Is the file system NTFS, and is the OS Vista or newer? If so, then consideration needs to be given to whether Volume Shadow Service is running - you could delete and wipe the sectors in which the file/folder is sitting, but VSS would kick in and potentially backup the deleted data anyway. Until such time as the data in that shadow copy is itself overwritten (FIFO system if I recall correctly), the. The file is still recoverable.

Likewise, if the system is Mac OS X with Time Machine enabled, then consideration needs to be given to any historic backup copies which might exist.

These are just 2 examples of potentially unanticipated features which might cause the data to be recoverable, even if you had wiped the sectors storing the logical file. There are more!

Ben

 
Posted : 22/03/2017 11:57 pm
jaclaz
(@jaclaz)
Posts: 5133
Illustrious Member
 

Don't forget that very small files, maybe a few 100 bytes long, can be stored in the $MFT

For the "standard" 512 bytes/sector (and conversely 1024 bytes/entry) the limit is around 720-736 bytes
http//www.forensicfocus.com/Forums/viewtopic/t=10403/

An interesting question (that noone seems like interested to test/fiddle with) is what happens on 4096 bytes/sector media (and conversely with the much larger $MFT record size)?
http//www.hexacorn.com/blog/2012/05/04/sector-size-and-mft-file-record-size/
Logically the size of the "embedded" file should expand to around 4096-(1024-736)=3808 bytes.

jaclaz

 
Posted : 23/03/2017 11:46 pm
Page 1 / 3
Share: