HE State of Pennsylvania learned the hard way that files do not actually disappear when they are sent to the Recycle Bin on a desktop.
Earlier this year, after the state's Department of Labor and Industry sold a cache of surplus computers to local resellers, thousands of files of information about state employees were discovered still on the hard disks. A local television station, thinking the machines might still hold confidential data, had bought some and turned them over to a Harrisburg forensics company, which found the files in the nether regions of the hard drives. After the news broke, the company gave its findings to the state.
Corporations have also been caught disposing of computers that contain confidential information like tax records, financial documents and medical histories And even for home-computer users, incidents like this one raise a compelling question: How do you know when delete means delete?
The question is relevant for users who donate their old computers to charity, or just throw the dinosaurs in the trash.
To learn more about deleting data as a measure of personal security, I surveyed 10 products that enable consumers to eliminate files irretrievably. Though all the products were similarly easy to use, they varied greatly in scope, with some designed to wipe out individual files and others to "scrub" hard drives clean of everything, from tiny files to entire operating systems.
 |
|
Robert L. Prince
|
 |
| |
Some products for erasing data from a hard drive:
BCWipe By Jetico, $29.95.
Cybercide and Cyberscrub By
CyberScrub, $29.95 and $39.95, respectively.
Dataeraser By Ontrack, $29.95.
Declasfy By Mares & Company:, $75.
Eraser By Sami Tolvanen, free.
Evidence Eliminator By Robin Hood Software, $149.95.
Secureclean and Cleandrive By White Canyon Software, $46.95 and $39.95, respectively.
Washandgo By Abelsoft
, $19.
Wipeclean By Symantec, $69.95 (a $20 rebate is available), as part of Norton SystemWorks.
ZDelete By Lsoft, $19.95.
Newsletters
Subscribe to Circuits
Sign up to receive a free weekly Circuits newsletter by e-mail,
with technology news and tips and exclusive commentary by David Pogue,
the State of the Art columnist.
| | | |
| |
|
|
|
To understand these products, it is helpful to know exactly what they do. Peter Gutmann, a professor of computer science at the University of Auckland in New Zealand and the man generally regarded as the "grandfather" of the elimination methodology, says the process is closer to overwriting indelibly than wiping clean. As he explained it, when a user goes to eliminate information on a drive, the utility he or she uses actually overwrites each bit of data with a single value: zero. After that, the data still exists on the drive, but because it has been permanently overwritten, it is inaccessible and, therefore, considered gone.
For many personal users, this one-time overwrite is enough to preserve security; few if any recovery tools can find these files in their entirety once this process has been run. The Defense Department, however, is a bit more cautious and has established a national security standard called 5220.22. This specification requires three separate overwrites, first with zeroes, then with ones and finally with a random character between two and nine. There are no commercial or black-market file retrieval products that have been known to retrieve a file after this process. In other words, the only way to make a file more secure would be to take your hard drive out back and set it on fire.
With that in mind, it is safe to say that the only products worth learning about are the ones that meet those Defense Department specifications. Of them, there are two general categories, wipers and scrubbers. The first category, the wipers, include those that recycle leftover bits and pieces on a drive: data that exists in the spaces between files, like Windows temporary files, swap files, ancient drafts of documents and Internet cache. All of these products operate in a Windows shell, promote basic computer hygiene and involve overwriting only the leftover fragments, leaving everything else intact. They all also offer desktop icons onto which users can drag files they want deleted permanently a very consumer-friendly feature.
The second category, the scrubbers, consist of more heavy-duty applications, utilities that erase an entire hard drive, overwriting everything including the operating system. These applications work from bootable floppy disks and operate outside Windows or Macintosh operating systems, in DOS or UNIX environments. While the tools are designed for high-end corporate users, it is not uncommon to find consumers who use them before donating or reselling an old machine. In a sense, those scrubbing utilities enable the second owner of a computer to start from scratch.
Of the wiping products, the ones that eliminate individual strings of files, WipeInfo, by Symantec, is by far the most popular. It is found within Norton CleanSweep, a maintenance manager that is part of the Norton SystemWorks utility suite. Through a user-friendly, click-oriented interface, the tool enables users to schedule daily or weekly cleanups that permanently delete temporary directories, Internet cache and data files in a particular folder or section of the drive. If you are familiar with Norton Utilities, you will know how to use WipeInfo. I deleted more than 3,500 files from one section of my My Documents folder that I thought I had deleted years ago.
Other products, including ZDelete, by LSoft; CyberScrub, by CyberScrub LLC; BCWipe, by Jetico; and SecureClean, by White Canyon Software, offer features along the lines of WipeInfo's, although none offers the benefit of being part of a larger utility suite. Though Eraser, a program written by a Finnish developer, Sami Tolvanen, is not as graphically pleasing as some of these other tools, it is just as functional, and is available free when downloaded directly from www.tolvanen.com/eraser.
Perhaps the wiping product with the most interesting characteristics was WashAndGo2.0, a tool by Abelssoft. In addition to providing users with the option to delete temporary and unwanted files, the product includes a mechanism that flags potentially critical files and warns users when they are about to delete them, as well as an optional temporary deletion bin from which users can reclaim deleted files for 14 days until they are overwritten permanently. More experienced users might find these tools a bit superfluous, but for amateurs and first-time file-wipers, they provide a comforting cushion without compromising security too much.
I would be remiss not to mention the Evidence Eliminator, a wiping product from Robin Hood Software. Computer forensics experts say the product is specifically designed to thwart law enforcement officials investigating cases of evidence tampering and obstruction. After repeated e-mail inquiries, the company's director, Andy Churchill, declined to discuss how the product works or to explain the significance of its name.
The more heavy-duty data elimination tools, those that scrub everything off a hard drive, are generally more expensive and involve a far more complicated process. The most popular ones are probably DataEraser, by Ontrack Software, and Declasfy, by Mares & Company. Both of these products, on bootable disks (based on the old DOS computer language), work well and offer instructions that are more straightforward than those commonly found on such disks.
Of course, the cheapest data elimination tool can be found at your local hardware store for less than $5. It's called a hammer, and when applied with force to a hard drive that needs to be decommissioned, the results are foolproof.
