Why Do I Need To Be Concerned?
What do you have stored on your computer? Tax returns? Bank account information? Social security numbers? These are all common types of information on computer hard drives. In the wrong hands, this information can lead to identity theft, fraudulent credit card charges, ruined credit scores, embarrassment, and more.
Data security is important throughout the life cycle of your computer whether you are a business or a private individual.
Used Hard Disks
When To Erase
There are several times to consider securely erasing your hard disk. For example:
- You have replaced your PC and are giving away the old one.
- Your PC has failed and you are disposing of it.
- You have replaced the disk with a larger one and have already copied the data to it.
- You no longer want or need the information on the disk and want to make sure that no one else can ever view it.
- You have a business and are subject to HIPAA, Sarbanes-Oxley, or other data privacy laws.
Why Not Simply Delete It?
Deleting a file from your computer doesn’t really remove the information. It merely removes the pointer to the file and marks the space as reusable. Until something actually uses the space, the file can be undeleted. This is true even if you delete a file and then empty your Windows Recycling Bin.
There are a number of programs available for free that allow you to recover deleted files from both Windows and Mac. These utilities make recovering deleted files a simple matter of pointing and clicking. There are also a variety of commercial utilities available for purchase if you're more comfortable with that.
Personal Data Loss
Can’t I Just Format The Disk?
No! Similar to deleting a file, formatting a disk only removes the pointers to the files and marks the space as available. The information can still be recovered using free tools as long as nothing else has used the space.
Even if you format the disk and reinstall an operating system on it, it may still be possible to recover data from parts of the disk that haven’t been used by the new install.
The Secure Solution
The best method to secure your data is to encrypt it in the first place. Most computer operating systems now offer this feature.
If you have not already taken advantage of encryption, the next best way to securely erase all data from a hard drive is to use one of several utilities that write random blocks of data to every sector of the hard disk with multiple passes. Every location on the disk, including all files and blank space, will be covered by random data multiple times.
This process takes several hours depending on the size and speed of the disk and the number of passes you select. Once it’s finished, there’s no way to read anything that had been on the disk. This is the method that is used by businesses and government agencies.
Recent research suggests that a single overwrite pass is good enough on today's disks. That's because of the extreme data densities used to pack so much data into the same physical space. Since multiple passes cost you nothing but some extra time, why not be even safer?
How Do I Get Started?
There are a number of utilities that use this secure erasure method available for free. I’ll cover several of these. There are many other utilities including both free and commercial.
There are also specialized hardware appliances to accomplish the same result. These are most useful for large-scale operations and don't really apply to home users. These can range from devices with 40 or more drive bays to high-power shredders that tear the disks into small pieces.
Darik’s Boot and Nuke (DBAN) is a popular free disk wiper utility. Two of its powerful features include:
- The ability to securely erase all attached disks including the boot disk with one command.
- The ability to securely erase non-Windows PC operating systems such as Linux.
It’s available for download from its Sourceforge page here:
The file you download is an ISO image. You burn this image to a CD and then boot the PC from the CD. Type autonuke at the screen shown below to use the default settings to securely wipe out all disks connected to the PC. You can also press Enter to go into interactive mode and see the various options.
When DBAN completes its work, you’ll be left at a confirmation screen. This confirms that it successfully finished the job.
DBAN requires the knowledge of how to burn and ISO image to a CD and its documentation is scarce, but it’s powerful and efficient.
This video shows DBAN in action. To keep the video short, I used a virtual machine with two 1 GB disks. You’ll see what DBAN looks like when it first boots from the CD. I’ll type autonuke to start the process. It will use the default settings to securely wipe out both disks at the same time and will then exit to the confirmation screen. The video is 3:33 of pure excitement.
DBAN can also be used from a bootable USB drive if you don’t have the ability to burn the program to a CD. Instructions for creating the bootable USB drive can be found here:
DBAN In Action
Eraser, from Heidi Computers, is another free disk wipe utility. Unlike DBAN, which is a bootable CD with its own operating system, Eraser is a Windows program. Also unlike DBAN, Eraser is well documented. Some features that Eraser has include:
- The ability to securely erase deleted files.
- The ability to securely erase selected files and folders.
- The ability to securely erase files in the Windows Recycle Bin.
- The ability to securely erase entire disks other than the boot disk.
The Eraser web site is located here:
You can download the utility, view the manual, and ask questions in their support forum on the Eraser web site.
Parted Magic is a general hard disk partition utility with several functions, one of which is securely erasing data. Like DBAN, it’s a downloadable ISO image that you burn to a CD and then boot from. You can also use it on a bootable USB stick. It offers a number of features, but the main one for our purposes is the Erase Disk utility.
Parted Magic is a set of open source utilities. It can be downloaded from their web site for as little as $5. Even though it’s all open source, they charge $5 because they went through the effort of assembling this collection of useful programs.
Parted Magic can be found here:
Here’s a partial list of other secure erase utilities that are worth checking out:
- HDDErase (http://cmrr.ucsd.edu/people/Hughes/secure-erase.html)
- HDDGuru (http://hddguru.com/software/Wipe-My-Disks/)
A Better Solution
An alternate solution that is even better than securely erasing your data is to securely store it in the first place. There are software products, both free and commercial, that can encrypt your entire disk. You enter a password when the computer first boots up and all disk activity from then on is encrypted.
Some newer computer disks offer hardware-level disk encryption. This is even more secure than software-based encryption.
When the entire disk is encrypted, it can't be accessed without the encryption key. If the disk is lost or stolen, your data is still safe.
The best solution is to use both encryption and secure erasing when the contents of the disk are no longer needed or wanted.
If you aren’t comfortable with these utilities or others like them and you don’t plan to reuse the disk, there is always this method of data destruction. It's quick, effective, permanent, and can provide a bit of satisfaction on a bad day.
© 2013 Ron Bergeron
Johne929 on May 17, 2014:
I was just seeking this info for some time. After six hours of continuous Googleing, at last I got it in your web site. I wonder what is the lack of Google strategy that don't rank this kind of informative websites in top of the list. Generally the top sites are full of garbage. efkgbaekkaed
J Forlanda from US of A on December 16, 2013:
Yes, it (SANS SIFT) would be more than what the average user would really care for nor need. But it is another option for those willing to explore.
Ron Bergeron (author) from Massachusetts, US on December 16, 2013:
SANS SIFT looks like an interesting set of tools, but I think it's a bit more involved than what the typical home user would want to tackle. I may check it out for some of its forensics capabilities.
J Forlanda from US of A on December 16, 2013:
Very informative. You definitely covered the main ones. There is also an eraser tool as part of a computer forensics kit found in SANS SIFT- http://computer-forensics.sans.org/community/downl...