Secure Wipe/Delete Utilities
From Provider Wiki
Important note: this is a DRAFT document and is currently under editing and revision. Though information included has been tested, configuration and other information may be incorrect or incomplete.
A tip posted in “One Step Ahead” in the April, 22 2008 edition of the Almanac alluded to utilities that are built into Penn's Supported OSs. In the article, a link is provided to a SANS white paper that provides copious details about secure wiping.
In that article the following information appears about a utility built into Windows called Cipher.exe.
Contents |
How to Use Cipher.exe (for Windows)
- To overwrite the deallocated data:
- Quit all programs.
- Click Start, click Run, and type cmd, and then press ENTER.
- Type cipher /w:'folder', and then press ENTER, where folder is optional and can be any folder in a local volume that you want to clean. For example, the "cipher /w:c:\test" command causes the deallocated space on drive C: to be overwritten. If c:\test is a mount point or points to a folder in another volume, deallocated space on that volume will be cleaned.”15
- Another popular, free, command line tool is sdelete16 from SysInternals. “In any given use, it allows you to delete one or more files and/or directories, or to cleanse the free space on a logical disk.”
- While cipher and sdelete allow you to “cleanse free space” they do not provide the ability to wipe “slack space.” A free tool (donations accepted) that is very robust and allows you to wipe free space (more accurately called “unallocated clusters”) as well as slack space (also called “cluster tips”) is Eraser.17 In addition, it includes the ability to configure your system to wipe the page file at shutdown. It includes a scheduler to allow you to schedule how frequently you would like the program to run. It is a well-designed and easy to use application.
How to Use Secure Erase (for Macintosh OS X)
Secure Erase
Secure Erase follows the U.S. Department of Defense standard for the sanitization of magnetic media in DoD 5220-22-M: National Industrial Security Program Operating Manual.
When you delete a file or folder, Secure Erase Trash immediately overwrites the file according to the seven-pass DoD specification.
- Drag file or folder to trash icon in Dock
- Select Secure Empty Trash... from the Finder menu. Using Secure Empty Trash takes a bit longer than the simple Empty Trash command.
- In OS X 10.5, if you want the default behavior of empty trash to be the Secure type check the checkbox in Finder Preferences, Advanced.
Disk Utility: Erase Free Space (Only in 10.4 & later), Secure Erase Disk
- Open Disk Utility (Applications/Utilities.)
- Select Volume in list in left pane.
- Click Erase Free Space... button; Choose between
- Zero Out Deleted Files
- 7-Pass Erase of Deleted Files
- 35-Pass Erase of Deleted Files
- Click Erase Free Space button.
- Or, Click Security Options... button to securely erase a disk or volume; Choose between
- Don't Erase Data
- Zero Out Data
- 7-Pass
- 35 Pass Erase.
Note: For comparison, 2.4 GHz MacBook will require in excess of 3 hours to erase 60 GB of free space with 7-pass Erase.
GNU Shred (for Linux/Unix)
Just use the "shred" command to overwrite files rather than merely deleting the inode.
Links
In addition, Appendix A of the SANS article provides a list of utilities (both free and commercial). They are:
Free Tools
- Disk Scrub Utility (Linux)
- Sure Delete
- Kill Disk
- Darik’s Boot and Nuke (bootable ISO, GPL)
- Instructions for Solaris systems
Commercial Tools
- Wipe Expert
- MediaWiper
- Disk Wipe
- Drive Cleanser
- cyberCide
- M-Sweep Pro
- Declasfy
- Disk Wiper
- Stellar Wipe
- R-Wipe & Clean
- Quickwiper
- Expert Eraser
- Disk Redactor
In general, there is no reason to pay for this functionality.
See Also
- Eraser (Windows, GPL)
- wikipedia page
- Safe and secure disposal
