The Anti-virus Times

Wednesday, July 19, 2023

When decommissioning or selling a computer, it is important to properly destroy the information stored on it. We will tell you why it is not enough to simply delete information from a hard drive or format it, and what methods are guaranteed to destroy the data.

When files are deleted using a standard manager, the information does not disappear. All that happens in this case is that the "remote" sectors are assigned the "free" status so that they can be overwritten. Such data can easily be restored with the help of specialised programs. The file system can easily be reversed after the drive is formatted: after all, physically the information is still located on the drive; the operating system simply does not see it.

In order to completely eliminate the possibility of data being recovered, users should either destroy the drive physically or use reliable software to ensure the information is deleted.

3 drastic ways to "deal" with a hard drive

The physical method

We should warn you that hitting a hard drive with a hammer is almost useless: the chances of restoring the information remain nonetheless. There are specialised shredding machines for mechanically destroying drives, but they are expensive and occupy a great deal of space. There is also a more affordable alternative — a manual sanding machine that removes a layer of ferromagnetic material from the drive surface.

The thermal method

In order to "bake" their drives, users will have to get a compact muffle kiln (a Dutch oven). Ferromagnetic materials are crystalline compounds capable of retaining magnetisation when there is no external magnetic field at a temperature below the magnetic transition point. The magnetic transition point of the ferromagnetic chromium-oxide-based coating, which is used in hard drives, is 113° C. Once it is achieved, the ferromagnetic loses its properties, so all recorded data is guaranteed to be deleted.

The chemical method

A mixture of concentrated nitric and hydrochloric acids in a ratio of 1:3 (the so-called "aqua regia") will entirely dissolve the hard drive and leave nothing, neither from the stored data, nor from the drive itself.

***

Unfortunately, for all their effectiveness, these methods are also potentially dangerous. There is a risk of getting hurt with a sanding machine, getting burned with acid, or causing a fire. In addition, this is also very expensive: you will need to purchase special equipment, and to work with acid, you will have to equip a whole laboratory. And any of the above-mentioned procedures takes a great deal of time, part of which will be spent disassembling the hard drive.

Choosing software for guaranteed data deletion

Microsoft Secure Delete Utility

SDelete (Secure Delete) is a free utility created by Microsoft that allows users to permanently delete files and folders and free up disk space.

Sdelete overwrites information to prevent its recovery. The procedure includes several rounds of recording random data to the place where the original information was located, which makes it complicated or impossible for it to be restored.

To use SDelete, download the program from the Microsoft website, unpack the archive and open the folder containing the sdelete.exe file. The next steps depend on what information you want to delete.

For example:

• To delete a file, enter the "sdelete filename" command, where "filename" is the name of the file to be deleted.
• To delete a folder, use the command "sdelete -s -q foldername", where "-s" means that the folder will be deleted recursively, and "-q" means that the folder will be deleted without notifications.
• To clear a free space on the hard drive, use the "sdelete -z" command, which will start the process of overwriting data in the free space.

Deleting information using SDelete is permanent and can lead to complete data loss, so before using the program, it is important to be sure of your actions and store the files and data you need on another medium.

Utilities for deleting data from a Live-CD/Linux distribution

• The shred utility allows files on your hard drive to be overwritten multiple times in order to make data recovery impossible. For example, the "shred -n 10 -v /dev/sda" command will overwrite the contents of the hard drive 10 times.
• The dd (disk dump) utility can be used to overwrite data to the hard drive in a random order. For example, the "dd if=/dev/urandom of=/dev/sda bs=1M" command copies data from /dev/urandom to the /dev/sda hard drive in 1 MB blocks to overwrite it and make recovery impossible.
• The DBAN (Darik's Boot and Nuke) utility is bootable from a CD or a flash drive and can delete a hard drive’s contents, using a variety of methods. It is suitable for personal computers, servers and other storage devices. After booting computer from the DBAN image, the user is given an opportunity to select security options — the number of rounds and the methods for deleting data.

Some DBAN features:

• supports various data-deletion methods, including DoD 5220.22-M, Gutmann, PRNG Stream, and Stop'n'Kill,
• simultaneously deletes data from multiple hard drives if they are connected to the computer,
• works with a variety of file systems, including NTFS, FAT, and EXT.