People routinely think about viruses, trojans, and spyware, but seldom do they think about properly erasing data from their hard drive. There are plenty of places Microsoft Windows stores data that aren’t obvious. The data in these places may contain sensitive information, such as passwords or account data. The best defense is a secure data removal program. One of the best Windows file shredders is free and open-source. It’s appropriately called Eraser.
File Deletion is Not Data Erasure
I first wrote about Eraser in 2005. Hard drives were smaller and notebooks weren’t as popular. Few people thought about selling their computers or donating them to others. Now, we have corporations downsizing and selling PCs. At the same time, the size of hard drives has exploded. Computers have become the data repositories of our life which can include personal info, photo, security camera footage, intellectual property, financial records, and so on.
When you think about data, most people think of the files they see in folders. For example, the marketing plan they wrote in Microsoft Word. To get rid of this file, people drag the file to the Recycle bin. Out of sight, out of mind, and out of reach. Not really.
Although you deleted the file, the data is still on your computer. The file’s first letter is changed and references are deleted. If someone used a disk editor, they could see your deleted marketing plans. Some people take a step further and defrag their hard drive so the marketing plan data gets overwritten.
The above steps help, but they’re simple ones and address the files you decide to delete. The bigger issue is the unknown which is where Windows comes into play. Sensitive data from that marketing plan, or any other file, can be found in temporary files, cache, swap files, page files, and slack space.
While you didn’t explicitly request Windows to place parts of your files into any of these areas, it does so in its normal processing. Most of this processing is done as a convenience to the user. When your machine needs more memory to handle large files, display web pages, or to print documents, Windows may leave sensitive data fragments behind. The problem is finding out if there is sensitive data in these areas.
Sanitizing Your Data
A practical approach is to use a free file shredder program called Eraser. The reason we say practical is that to ensure any data is 100% deleted calls for physically destroying media. Even then, you have to destroy the media correctly. For example, most four-year-olds can destroy a hard drive, but not to Dept. of Defense standards.
Using Eraser, you can delete sensitive data and files using various data overwriting methods and still keep your hard drive. This makes the program ideal for regular use or when you donate your computer. In addition, to doing data scrubbing on an on-demand basis, you can also create scheduled tasks. For example, you could tell the program to scrub unused space on Drive C: every Friday at 10:00 PM.
Eraser allows you to target data from one of five areas.
- A single file
- Files in Folder
- Your Recycle Bin
- Unused disk space
In addition, the program integrates with Windows Explorer so you can right-click on a file or folder to delete it. The easier the process, the more likely you’ll do it.
The option Unused disk space would include data in slack space and unallocated space. When Windows saves files, it uses file clusters which are units of a fixed size. However, a file may not fill the cluster. The room left over is called slack space. When you delete a file, you’re allowing Windows to overwrite that area with new content. But, if the new file needs less cluster space, a part of the previous file, such as your deleted marketing file, is not overwritten and still remains.
Another option allows you to both move and erase a file or folder. This is called Secure Move. This option is useful if you’re moving files from one to drive to another. It will move the files to the new location, but also erase data from the original location.
Data Overwrite Methods
For most users, they don’t need to know the erasure method details. The main issue is how many times the program will “pass” over their data. In my case, I’m comfortable using any 7 pass method. However, some people may need to destroy data or hard drives based on defined data wiping standards. It’s important to realize that the greater the number of passes, the greater the time it will take to complete your task.
Erasure includes over a dozen methods for data sanitization. Most of these methods are designed to meet some government data destruction standards such as the US Department of Defense. The methods differ based on the number of passes and how your data is overwritten. For example, the Pseudorandom Data method is a fast wiping method because it does one pass with random data. In contrast, the Schneier 7 pass uses a combination of data. The first pass overwrites with 1s, the second pass uses 0s and the remaining five passes use random data.
If you install the full program installation you can define your own erasure method.
Start Small & Get Familiar
The program is easy to use, yet powerful. But, we also know some people have expressed anxiety over deleting files. When you think about it, many of the same deletion rules you use with Windows apply. The obvious example is you don’t want to delete any files Windows needs or if your manufacturer set up a Restore partition.
To get comfortable with the features, I’d suggest changing some settings. The program sets the Default file erasure method to Gutmann (35 passes), which I think is too much to start. I’ve read a number of user comments where they complained the program was too slow. It’s not that the program is slow, but it has to do a lot of stuff to overwrite your file 35 times in the proper manner. It’s thorough and that takes time.
Instead, choose a 3 pass method for Default file erasure method and save your settings. This will give you an idea of how long it might take for a task. The time will vary based on the file size. I’d also tick the box to integrate Eraser into Windows Explorer. Click the Save Settings button.
Next, let’s create a task to delete our first file. Click the Erase Schedule link in the top-left. As this is your first time, you will not see any tasks in this panel. Right-click and select New Task. A blank Task Properties dialog appears.
Click the Add Data button toward the bottom. This opens the Select Data to Erase dialog. Keep the Target type as File and the (default) Erasure method. Click the Browse.. button. This will open Windows Explorer and you can navigate to the file you wish to erase. Your file should show in the Settings textbox. Click OK to accept. You should be back at the Task Properties dialog. The difference is you now see a Data Set.
You’ll notice at the top a series of radio buttons for Task Type. The default is to Run Manually. This means the task will be added to the Erase Schedule panel, but not queued. Click OK.
Right-click the task and select Run Now. After the task completes, you’ll see the Status change. If this was a file that routinally get created, you can keep the task and execute again. I would keep these tasks until you’re comfortable with the program. Afterwards, you can delete these by right-clicking.
Sometimes, you may get an error and you can see it in the Task Log. However, it doesn’t mean the file wasn’t deleted. For example, I get messages in this log when I delete the contents of my Recycle Bin.
Once you’re comfortable with the program you can add more files, folders and scheduled tasks. You can find more documentation by clicking the Help link. It will take you to a PDF file with more information.
Lastly, the program used to allow you to drag and drop files. I no longer seem to be able to do that task.
It is possible to download the program from the main site. However, I found it easier to go to the open source repository run by SourceForge.