Ever wonder what happens when you hit delete? What really happens behind the scenes when the Recycle Bin is emptied? Do the files really vanish, or are they still there, haunting your hard drive? Normally, these questions would be reserved for cyberphilosophers, but when the data is sensitive (like the password for your bank account) they become incredibly important.
Two grad students at MIT’s Laboratory for Computer Science bought 158 used hard drives online, on eBay and elsewhere. Only 12 of the drives had their data properly cleaned. Even though approximately 60% of the hard drives had been reformatted and about 45% had no files on them (the drives couldn’t even be mounted on a computer), the students were still able to recover data from them, using a variety of special tools. They found over 5,000 credit card numbers, personal and corporate financial records, medical records and personal e-mails.
Tektonic can ensure your data is purged before recycling, tossing, or donating workstations. Simply deleting data doesn’t work, and formatting won’t ensure full safety either. While there are utilities like DBAN that can mostly ensure safety, the only true way to keep your private data safe is to destroy the hard drive.
Before we get into the how behind secure deletion, we should analyze the why. When Windows deletes a file, it does not remove the data from the hard drive. It simply does not allow the user to access the file and opens up the space on the hard drive for writing over. Thus, there are programs that undelete data simply by scanning the hard drive itself for files that exist but aren’t in the filesystem. These “ghost files” can be brought back easily, if they haven’t been written over yet.
Formatting does not permanently delete files. Rather, it checks to make sure that every location on the disk can be written to and read from. If it finds any corrupted sections, then it marks them as such to avoid issues in the future. In addition to this, it marks the files as “deleted” as described above. A formatted drive is as secure as an unlocked safe with a post-it reading “please don’t take anything” stuck to the door.
Since Windows allows these files to be overwritten it should be a simple task to overwrite the data once. Unfortunately, data won’t work that way. The scenario is like writing on a pad of paper where the indents caused by the writing can be viewed several pages downward. In order to make sure the data is well and truly gone, it’ll need to be overwritten several times. The United States armed forces standard is 3-4 rewrites, using different kinds of junk data.
While overwriting data can be useful to prevent personal information from being shared, it does not always work. The only way one can be entirely sure that important data won’t fall into the hands of people with malicious intent is to destroy the hard drive. Contrary to popular belief, simply running a magnet over the hard drive won’t destroy all the data. The physical medium needs to be somehow broken.
Breaking the drive is conceptually simple; a drill press will do. You’ll need the proper bit for drilling through metal. Make sure that there’s at least 5-6 holes through the plates (where the data is). There’ll be a lot of sharp parts and dust around afterward, so make sure to clean up.
Of course, you could just give the hard drive to Tektonic, and we’ll make sure that it is well and truly destroyed.