Why you need to erase data from your computer?
Data Recovery Risk
We’ve all heard the horror stories about someone buying a used hard drive at a flea market or garage sale and then finding tons of personal data left on the drive by the previous owner. Or even worse, people getting their credit trashed by ID thieves that make their living by taking that information and using it to wipe you out financially. “That would never happen to me,” you say. “I’ll delete all the files first” or “I’ll re-format the drive before I trade it in or sell it.” Not so fast there Scooter! That data you think you erased is still stored on the drive.
Why Data Can be Recovered?
When you delete a file it isn’t really removed from the disk. The operating system (OS) only removes the reference to the file from the file allocation table. This is like going into a book or magazine and removing a chapter reference from the table of contents. The actual chapter is still in the book. The only thing removed was the page number reference in the table of contents. With the file location reference removed the OS now sees that disk space as being available for use. However, the file content remains on the disk until another file is written over it. Basically the same thing happens when you re-format a hard drive. Most of the data remains; the space on the drive is just made available to be written over.
Data Recover Risk Even Files were Over-wrote
The DOS and Windows file systems use groups of disk sectors, known as clusters, to store data. These clusters are of a fixed size which is normally determined by the size and number of partitions of the disk volume itself and the file system being used. If the data you’re storing requires less space than a full cluster, the entire cluster is still reserved. For example, you’ve saved a file that required 15.5 clusters of drive space. Because the OS can’t reserve a half cluster, the allocation table had to reserve 16 whole clusters for the file. That remaining half cluster that was not used may still contain data from a previous file. That unused half cluster is known as “slack space”. Data recovery programs can read slack space and retrieve the data stored there. Even worse, let’s say the file system places your 15.5 cluster file over the “unused” area of a deleted file that originally took up 35 clusters. More than half of the previous file would still be retrievable! You could have thousands of clusters on your hard drive (a.k.a free space) that contain data you thought was deleted! Scary thought, huh?
The only true and permanent way to make data irretrievable is to completely and utterly destroy the hard drive (especially if a government sends your hard drive to a multi-million dollar forensic laboratory for a full microscopic analysis!). Except for cheap flash drives, destruction is probably a little more severe than you or I need. We really only need to make sure we are protected from data recovery programs and the like. That’s where the programs in this category come into play.
To be as safe as possible, you must overwrite (erase) both slack space and free space. Also, the Windows swap file (a.k.a page file) could contain private data that you wouldn’t want to have fall into the wrong hands.
Thus for wiping of free space, a single pass of random data should be sufficient on large hard drives (and it’s all that is really practical time wise anyways, but if you’re very concerned about wiping your data, you could use 2-3 passes of random data if you’re particularly paranoid).
For individual files and folders, note that the files can’t “hide” as easily with an entire drive of erased free space. Some erasers try to counter this problem by using high erase patterns for individual files/folders, such as a Gutmann 35 pass, but I’ve found it quite easy to recover at least some individual files even after using several different high pass erasing programs in succession. To test any erase task, use a data recovery utility and see if it recovers the file. Some files get nicely erased down to 0 bytes or to nonsense information, but some are more difficult and require free space wiping.
Eraser now suggests that erasing the Page File needs to be done by Windows with a configuration setting. See the MICROSOFT KNOWLEDGE BASE (http://support.microsoft.com/kb/314834/) for instructions, and it suggests encryption afterward:
Encrypt the Page File
1. Start a Command Prompt, elevating it in Vista or later
2. Key in “fsutil behavior set EncryptPagingFile 1”
3. Restart your computer
Top Free Data Erase Software
Eraser will securely erase selected files and folders, or even whole disks, located on your hard drive (it works with any drive, including IDE, SCSI and RAID, and CD-RWs). Eraser can overwrite the data area with your choice of a variety of random data patterns (14 default patterns and a custom pattern creator), and can also wipe data in the Internet cache, temporary files, Internet cookies, unused disk space, and a number of other places where data can secretly lurk.
It can handle FAT16, FAT32, and NTFS partitions. Erasing files with a high level of security will always be a difficult and time consuming task, and absolute 100% safety cannot be guaranteed. However, Eraser makes the task about as easy as it can be, at a security level that exceeds most conceivable requirements.
Both Eraser and File Shredder have explorer and context menu extensions, so you can right click on a file and send it to the erasing/shredding programs.
File Shredder – Despite its name, it has both free space wiping and file shredding capabilities. File Shredder has a small download size, simple interface, and it’s very easy to use. It’s a lot lighter than Eraser on active memory resources, but higher in CPU usage on my system. It lacks scheduling or a built-in help, and has very limited online help.
It uses a DoD (5220-22.M 3 pass) erase pattern by default, but it has four other patterns to choose from (versus the 14 patterns of Eraser). The default may be way too slow for free space wiping, so you may want to change it to one or two passes. The free space wipe works a little differently than Eraser, leaving behind more temp files of nonsense information (whereas Eraser doesn’t usually allow recovery programs to read any bytes as recoverable). But I wasn’t able to view anything of use from File Shredder’s full wipe leftovers.