Practical PC
Stripe Reviews
Web Building Guides
Computing Guides
Opinion
Downloads
About Practical PC
 
 
Sections
What is it?
How do I?
Where do I find?
 
Windows
Sound
Graphics
Communications
Printers
Networking
Storage
Digital Photography
Web building

Latest Updates

An Overview of Kids Software
Auto-complete in MS Word
Folder Shortcuts
Guide: Backups rule OK!
Guide: CD Printing
Guide: CD-R Media Lifespan
Guide: Essential Software
Guide: Fixing Audio CD distortion
Guide: Hoax Emails
Guide: MSCONFIG's other uses
Guide: Repairing Windows XP - Part 2
Guide: Repairing Windows XP – Part 4
Guide: Repairing Windows XP – Part 5
Guide: Restoring deleted files 1/3 
Guide: Restoring Deleted Files 2/3
Guide: Restoring deleted files 3/3 
Hauppauge MediaMVP
Opinion: Googling for Images
Opinion: No firewall? Read this!
Practical PC Guide to Google
Review: ACDSee 6.0 PowerPack
Review: Amacom USB Drives
Review: Amplio Photo Player
Review: Ansmann Battery Chargers
Review: Business Plan Pro 2004
Review: CorelDRAW Essentials 2
Review: Creative MP3+
Review: Dazzle DVC150
Review: Epson Perfection 2450 Photo Scanner
Review: Epson RX600
Review: Fellowes CD/DVD Labelling System
Review: Genius’ Controllerless PCI Modem
Review: Humax PVR-8000T
Review: iView media Pro 2.5
Review: MailWasher Pro
Review: MSGTAG
Review: Netgear ME102 Access Point
Review: NetNanny 5.0
Review: Philips Keyring 006 Audio Player
Review: PicStop Flash Drive
Review: Pockey USB 2.0 External Disk Drive
Review: Red Shift 5
Review: Sandra Reporting
Review: Second Copy 2000
Review: Skype
Review: Studioline Photo 2
Review: Ulead Video Studio 8
Review: Unknown Device Identifier
Review: Wacom Graphire 3 Studio
Review: WebDrive 6.0
Script: In-line Content Changer
Top Tip: Setting your HOME page in Internet Explorer
Top Tip: Troubleshooting Disk Defragmenter
TOTW: Restart, not reboot

22/05/2004

 

Computing Guides

Advertisement

  PPC > Computing Guides > Windows  

Restoring deleted files 3/3 

Kai Chandler delves into restoring deleted files - Part Three

Practical PC Top Tip

·          Given time and resources, most files, no matter how securely deleted, can be recovered. If you don’t want it found, don’t put it on the computer!

In Part One of this series of three articles on restoring deleted files, we looked at the Recycle Bin and how to restore deleted files held there.

In Part Two we focussed on recovering deleted files even after they’ve been removed from the Recycle Bin.

This third and final part covers secure deletion of files.  As there are so many ways of restoring deleted files, how can we be sure a sensitive file has been properly erased?

It’s really a case of ‘horses for courses.’  Someone protecting government or commercially sensitive information may go to more extreme lengths than someone deleting routine office files.

Single Pass files

The simple answer is to use a software tool to overwrite a file with other data in a single pass. But is this enough?

Department of Defence Method

In the hands of a forensic technician, a hard disk can be made to reveal data even after it’s been overwritten once. The US Department Of Defence recommends that the data area is overwritten with 0s, then 1s and then once with pseudo-random data. But is this enough?

Gutman method

Peter Gutman of the Department of Computer Science, University of Auckland reported in his paper, "Secure Deletion of Data from Magnetic and Solid State Memory" that "…it is effectively impossible to sanitise storage locations by simply overwriting them, no matter how many overwrite passes are made or what data patterns are written." Overwritten data can be recovered using magnetic force microscopy, in which the magnetization patterns on the hard disk surface are made visible. However, it’s generally accepted that 35 passes of overwriting is as secure as it gets. Of course, the more overwrites, the longer it takes.

Beware hidden copies

Unfortunately for those wishing to hide their tracks, copies of the deleted files may be hidden elsewhere on the hard disk such as the slack space between used disk sectors, or in Windows’ swap files.

East-tec pic If you intend using so-called secure file deletion tools then be warned that they are not always as effective as they’d like to be.   One that seems to do the job is East-Tec Eraser 2002. It clears swapfiles and for ease of use adds an ‘Erase beyond recovery’ option to the right-click menu from Windows Explorer.  East-Tec Eraser 2002 is shareware so you can try before you buy. Download from http://www.east-tec.com/  If you like it, East-Tec Eraser will cost $39.95 to register.

There’s a wealth of information on the subject of secure file deletion at the SANS Institute Information Security Reading Room  http://rr.sans.org/incident/index.php 

^top

Need more help? Click here to share your problem with the world!


Search this site 

Kai Chandler

 

 
counter