Pinterest Stumbleupon Whatsapp
Advertisement

Did you know that files can be pulled from data drives that have been wiped? That includes hard disk drives, solid state drives, and yes, USB flash drives. It doesn’t matter if the drive is internal or external — data recovery is a real thing that works What Is Data Recovery And How Does It Work? What Is Data Recovery And How Does It Work? If you've ever experienced a major loss of data, you've probably wondered about data recovery -- how does it work? Read More .

So the next time you have a flash drive that contains a sensitive file, you should know that dragging that file to the Recycle Bin is not enough to actually get rid of it. This simply marks the file as deleted. The bits are still there.

If you want to obliterate your flash drive so that nothing is recoverable, you’ll need to take a few extra steps. Here are a few simple methods you can use that require no technical expertise.

Method 1: Use a Third-Party App

The web is full of apps, both free and paid, that promise one-click solutions for wiping your drives. Unfortunately a lot of them are outdated, ineffective, harmful, or simply too pricey for what they offer. That’s why we recommend Eraser — it’s none of those things.

Eraser supports Windows XP SP3, Vista, 7, 8, and 10. You can even use it with Windows 98, ME, NT, and 2000 as long as you stick with version 5.7 or earlier. However, for best results stick with the latest version, which is 6.2 as of this writing.

1. Download and install it per usual. Just visit the download page and grab the latest available version. Run it as soon as it’s installed.

eraser-app-new-task

2. Create a new task. At the top left, click the arrow next to Erase Schedule and select New Task. (Or just use the Ctrl + N keyboard shortcut.) A prompt will pop up where you can input the details of this task.

Give the task a name like “Wipe Flash Drive”. For Task Type, leave it on manual. If you want to automatically wipe the drive on a regular basis, feel free to experiment with the other types and don’t forget to set up the recurring details under the Schedule tab.

But the most important bit is setting what to erase. Do this by clicking on Add Data. For Target Type, select Drive/Partition. Under Settings, use the dropdown menu to select the drive you want to erase. Be VERY CAREFUL and triple-check the drive you select. If you pick the wrong one, there’s no going back after erasure.

eraser-app-erasure-method

3. Select an erasure method. As with all things computer-related, there’s never one solution that fits all use-cases. For data erasure, there are several different algorithms that you can use, with each one designed to fulfill a specific purpose under specific circumstances.

For example, the Gutmann method run 35 different passes over the drive to maximize coverage and ensure that data is as unrecoverable as possible. It works for HDDs, SSDs, and USBs. However, it takes a long time to run 35 passes and is thus overkill for anything but the most sensitive bits of data (e.g. government secrets).

Most security experts agree that seven passes is a great compromise between speed and efficacy. Therefore we recommend using the Schneier 7 pass method for wiping your flash drives.

eraser-app-run-task

4. Run the task. The Erase Schedule should now contain the newly-created task. Right-click it and select Run Now to begin the process (or use the Ctrl + Alt + R keyboard shortcut).

Note that modern flash drives have built-in wear-leveling algorithms How To Securely Erase Your SSD Without Destroying It How To Securely Erase Your SSD Without Destroying It SSDs can only be written to a limited number of times. This is a challenge, particularly for erasing data and doing so securely, which can vastly reduce performance and shorten SSD drive life. Read More that try to distribute files evenly across all storage cells. This is meant to extend the lifespan of the device. However, it also prevents the operating system from choosing where to write files.

In other words, secure erasure of flash-based drives is never a sure thing. You can rest assured knowing that most of the drive will have been overwritten, but you can never be sure that all of the drive was securely wiped.

DownloadEraser (Free)

Method 2: Use the Command Line

Windows comes with many built-in command line utilities, and one of them is called Cipher. Cipher can do a lot of things related to drives, file systems, and encryption, but we want to use it for one specific feature that it has: removal of unused data.

1. Launch an elevated Command Prompt. The easiest way to do this is to press Windows key + X (to open the lesser-known Power Menu 10 Neglected Windows Superpowers & How to Access Them 10 Neglected Windows Superpowers & How to Access Them With all its nooks and crannies, not even the most die-hard Windows fans have explored all its complex features. We have compiled those hidden Windows tips and tricks we think anyone will appreciate. Read More ) and select Command Prompt (Admin). You’ll need administrator-level UAC access for this to work.

In the elevated Command Prompt, type cipher /? to see a full description of what it can do and all of the different switches that are available.

windows-cipher-tool-intro

If you scroll down, you’ll see a switch called /W which stands for Wipe. According to the description, it will go through the entirety of whatever drive you submit and overwrite all bits that have been masked as unused.

windows-cipher-tool-description

2. Run Cipher on your drive. In case you missed it in Method 1, flash drives have built-in wear-leveling algorithms that try to spread data evenly across all storage cells and the operating system can’t override that. (Cipher came out back in the HDD days.) As such, you can never be 100% sure that every unused bit of data was actually overwritten.

That being said, running Cipher several times will at least overwrite some of the drive — we could even say that it overwrites most of it — so it’s better than nothing. Just make sure you format your flash drive before running Cipher on it.

To run Cipher, use the following command:

windows-cipher-tool-command

Replace D:CRUZER with your own drive and partition. To find it, open File Explorer (keyboard shortcut Windows key + E) and navigate to This PC in the left sidebar. Then, under Devices and Drives, you should see your drive and its partition letter.

Be very careful when using this method and make sure you type the drive name correctly. A mistake here could be costly!

Method 3: Use a Hammer

Because of the aforementioned built-in wear-leveling algorithms, flash drives can’t be securely wiped with absolute certainty. This is one of the downsides to using them instead of traditional hard disk drives 7 Things to Know When Buying a Data Drive for Backups 7 Things to Know When Buying a Data Drive for Backups Thinking about buying a data drive for storing file backups? Here's what you need to know if you want to make an informed decision. Read More .

broken-usb-flash-drive
Image Credit: file404 via Shutterstock

In all seriousness, the only way to guarantee unrecoverability of flash drive data is to physically pulverize the flash drive. Specifically, you’ll need to shatter the storage chips within the drive case. The more you crush them, the more unrecoverable they become.

It’s an extreme measure, yes, but flash drives are cheap these days and it’s a small price to pay for data security.

Plus, it’s fun.

It’s Better to Use Encryption Instead

Going forward, it would be better for you to encrypt your data before putting it on your flash drive. You can do this using a reputable third-party tool data encryptor TrueCrypt Is Dead: 4 Disk Encryption Alternatives For Windows TrueCrypt Is Dead: 4 Disk Encryption Alternatives For Windows Read More . Remember to encrypt the data before transferring it on!

This way even if someone manages to get their hands on your drive, they won’t be able to view the contents. And if you ever wipe your drive and someone recovers the data, they’ll still need to get through the encryption. That’s real security.

How do you store your sensitive data? Know of any other methods that work to securely wipe flash drive data? Let us know in the comments below!

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Nobody
    December 17, 2016 at 3:47 am

    None of the methods listed ensure proper sanitization of flash storage volumes or SSDs. The best two methods of properly sanitizing a flash-based storage device are: 1) ATA Secure Erase (while booted from a non-windows OS), or 2) by using the 3-step process of full disk encryption, then format, then full disk encryption.

  2. Hildy J
    December 9, 2016 at 9:08 pm

    Option 4 - overwrite it yourself

    Create a big file (I use RFDC - Random Data File Creator by Michael Berthold). Erase the flash drive and copy the file over and over to the flash drive until it runs out of space (to fully wipe the drive you can create smaller and smaller files to get the free space down to a minimum). At the end, you have a drive filled with garbage.

    • Hildy J
      December 9, 2016 at 11:20 pm

      I should point out that this is very good for PCs with SSDs that you are going to get rid of when a hammer is not an option and you're not entirely sure which crypto schemes are currently crackable by someone in possession of your PC.

      P.S. the acronym is RDFC, not RFDC.

  3. Lehlohonolo Ramphalile
    December 9, 2016 at 7:39 pm

    Thoroughly and enjoyed this one, and learnt something I've been wanting some explanation on.