Do women say yes when they mean no and vice versa? Is there any evolutionary advantage in lying? And when is a deleted file not really deleted? The other day we saw that it is possible to recover files accidentally deleted that lie beyond the reach of the recycle bin. But what if we really want to destroy some file, put it through the shredder so that nobody can bring back to life? Today we are talking about secure deletion.

Documents stored on digital media can be reconstituted by low-level examination of the hard disk sectors. When you delete a file you don't really remove its contents, windows just marks the area previously occupied by the document as available for new files. For a period and while these hard disk sectors aren't reused (overwritten), the original document can be recovered as we have seen with tools like Recuva. Thus to properly destroy a file you must make sure the original storage is immediately wasted so that the content is irreversibly lost. xplorer² has a menu command for that called Actions > Shred, which permanently shreds the contents of files and selected folders. What the shred command does is:

• Overwrite each file with zeros (single pass)
• Set the file size to zero bytes
• delete the file

This process takes some time but the combined result is to waste the file beyond any layman's document recovery capabilities. Many undelete tools won't show zero-sized files, and if they do they can't recover them. See the snapshots on the right, where recuva fares very well with a text file plainly deleted but is at a loss with a file shredded by xplorer².

Even if somebody used a low level disk sector reader program, very little could be achieved since the original bytes were overwritten with zeros so the saucy content is gone for good. Some other industrial-strength specialized file shredders use multiple overwrite passes with random bits (applying standards like DOD 5220.22-M, NSA 7 pass, Gutmann 35 pass etc) and supposedly are even safer. But remember if the FBI is after you, they can even read your mind unless you wear a tin hat <g>

Finally there is a twist for documents stored on solid state memory, say your removable USB stick drive. These devices have limited write or erase cycles so the filesystem usually distributes writes so that the storage wears out uniformly. So if you shred a file on your USB stick you may end up writing the zeros somewhere else and the risque content left untouched. I don't have any solution for this problem, perhaps chucking the stick to the nearest fireplace will do the trick nicely :)

Post a comment on this topic