When you hit the delete button, where does that file go? Does it just evaporate and leave a blank space on your drive? If you’ve been around computers long enough, you know that’s not what happens. But if you’re mostly an email and Facebook type of computer user, you might not know, or not even thought about it.
You should think about it though, for a couple reasons. The first reason is so that you know you might be able to recover an accidentally deleted file. The second reason is so you know that, if you can recover a file you deleted, so can someone else.
What Happens To A File When It is Deleted
Hard Disk Drives (HDDs)
When you delete a file it goes to the Recycle Bin. That gives you a chance to recover it in case you accidentally deleted it and need it back. But what happens when you delete it from the Recycle Bin? Actually, not much at all. The file doesn’t move or go anywhere. In fact, when you moved it to the Recycle Bin, it didn’t physically move there either. All that happened was an index got updated to say that the file is in the Recycle Bin, not the Documents folder.
The index is called the Master File Table (MFT) for Hard Disk Drives. It looks like this. The left-most column are the block addresses. The middle column shows data in hex code. the right column shows what that data would like as plain text.
When the file is ‘deleted’ the information stays on the drive, but the MFT is changed to say, “Hey, you know that spot where Secret-File.txt was? Yeah, Computer, you can now put data there if you want. We don’t need it anymore.” Until the computer puts data in that spot, the Secret-File.txt data remains. It could be minutes, days, weeks, or months until that data is overwritten. Kind of like a condemned house sitting on a lot. It’s not usable, but it’s still there until the bulldozer comes and they build something else.
Here’s an example. The left column shows red Xs for MFT locations that have been set to be overwritten, the one with the page icon is marked to stay. The right column shows the data that is still in that location, even though you can’t find it with Windows Explorer. See the problem with ordinary deletes now?
Solid State Drives (SSDs)
It’s not exactly the same for Solid State Drives. SSDs are always shifting files around, randomly. So, figuratively speaking, if you deleted a file from location 2871, the deleted info may, sooner or later, get moved off to another random location, until at some point in time the SSD decides to finally overwrite that file. How do you target the old file for secure deletion on an SSD, then?
Well, you can’t really. A group of engineers at the University of California studied how difficult it is to erase data from an SSD. Trying to securely erase a single file left behind anywhere from 4 to 75% of the information. And it’s tough on the drive. What you can do is make sure you encrypt your SSD, and make sure that you’ve got an SSD drive with TRIM capability.
This isn’t a problem for most people, but you might be concerned that people could still access that deleted information. Maybe you handle sensitive medical documents, or you’re an international art thief, or just a little paranoid like me. How do you securely get rid of that data, immediately and forever?
What is ‘Secure’?
Before we get into the nuts and bolts of secure data deletion, we need to look at what secure means. Secure means whatever you think it means. If you’re happy with the level of security you have, then it’s secure. If the data you don’t want recovered isn’t life threatening, then the measures you take to delete it don’t need to be as severe as deleting the security codes for the last sample of smallpox off the CDC’s servers.
Let’s take a look at the methods in order of least secure to most secure. Until we get to entire drive deletion, these methods will only apply to traditional HDDs.
Least Secure Method
Simply delete the file in your Windows Explorer and empty the Recycle Bin. Unless you think someone is going to come along with data recovery software and look for that file in the next week or so, that will probably be secure enough. Examples of information like this could be anything from a silly animated GIF to a letter to your Nan. You really should write to her. She misses you, you know.
Mildly Secure Method (HDD Only)
As we talked about, overwriting data is a pretty good way to obscure the old data. You can do this on a file by file basis with programs that are commonly referred to as file shredders. Although the interfaces for these utilities can differ, the method of operation is essentially the same – delete the old file, then write zeroes to the places on the HDD where the file used to be. These tools are only mildly secure, because you have to make sure you use them when you need them. If you want to securely delete a file with your Social Security Number on it, but forget to use the shredder, that info will still be sitting on your drive for awhile.
Examples of use for this method is where the person occasionally deals with sensitive information that pertains only to them. It might be the odd copy of a tax return, or a bank statement that you want to delete. That’s where file shredders are most handy.
Moderately Secure Method (HDD Only)
A more moderately secure method to delete information from your drives is to use software that allows you to wipe free space on your drives. CCleaner is a favourite for this task. When you choose the Wipe Free Space option, it writes zeroes to the blocks where files used to be. The difference between this and the shredders is that wiping free space takes care of ALL deleted files. It’s just that little bit more thorough. The catch is that this method takes a fair bit of time and should be scheduled or you’ll forget to do it frequently enough.
Examples of good uses for this are for people who frequently delete files that are quite sensitive. Maybe they are heavy online bankers or do some online trading. Perhaps they have just backed up their important info to an encrypted external drive and don’t need it on the computer anymore.
Most Secure Method (HDD & SSD)
The most secure methods are really for deleting the entire contents of a drive. Yet again, because of the differences between HDDs and SSDs, the same methods don’t apply to both. Chose the appropriate one for your drive and situation.
Examples where you’d want to go to this level include switching to a new computer which will have the info, but you’re keeping, selling, or disposing of the old computer. Perhaps you are re-purposing a computer from an information-sensitive use to a more day-to-day use.
HDD – Formatting
Formatting is a catch-all term for a few different things. It can mean simply deleting the MFT so it appears like all the data is gone, but it isn’t. It’s still there and intact until overwritten. Or, it can mean true formatting, known as low-level formatting, which overwrites all the data with zeroes. You can’t low-level format your entire hard drive from within Windows. You’ll need a formatting utility that you can boot your computer into, like Darik’s Boot and Nuke.
You might be tempted to choose one of the hardcore multipass methods, but that’s probably going to be overkill. Especially if you want it done quick and don’t want to shorten the life of your hard drive. The RCMP TSSIT OPS-II or DoD Short methods are sufficient. RCMP is the Royal Canadian Mounted Police and the DoD is the British Department of Defence. Good enough for them should be good enough for you.
SSD – Manufacturer’s Utility
Most SSD manufacturers have a utility for managing and securely erasing their SSDs. Tim Brookes was kind enough to compile a list of links for the top manufacturers in his article, How To Securely Erase Your SSD Without Destroying It.
Paranoid Method (HDD and SSD)
The National Institute of Science and Technology has a policy to deal with the destruction of extremely sensitive data. It’s even more aggressive than what the RCMP or DoD use, so it will destroy your data to the point where not even Sherlock Holmes riding on Hercule Poirot’s back with Frank Columbo leading them around would get anything out of it.
Disintergrate. Shred. Pulverize. Incinerate.
That’s not hyperbole, that’s NIST’s actual standard. Oh, and to meet the grade you have to find a NIST licensed incinerator to do the job. That job in the picture above wouldn’t be good enough.
What Will You Do?
You’ve got the knowledge and some resources now. It’s up to you what you will do with them. However, if you’re not already using several techniques to keep your information safe from prying eyes, secure deletion shouldn’t be your first concern. If someone already has your info, it doesn’t matter how you delete your copy.
What method do you use to delete files securely? Are you happy with it? Ever not been able to delete a file? Let’s talk about it.
Image Credits: Deleted File Hacked by Network Cables via Shutterstock, MFT in GHex Screenshot via SANS.org, Intel X25-M Solid-State Drive, Cutting head of a paper shredder, Burned Hard Disk via WikiMedia, DBAN Screenshot via DBAN, Salt Lake Grandma via Flickr.