Note: The following instructions are for securely erasing private data on a hard drive without erasing the whole drive.
If you have sensitive data on your hard drive and are serious about keeping it private, I strongly recommend reading the following four sections and completing all the steps that apply.
Your sensitive data isn't as private as you might think. Read the following articles to learn more.
WARNING: Deleting files does NOT permanently remove them. Nor does formatting your hard drive or reinstalling Windows. They're still recoverable with sophisticated forensic data recovery methods. Learn why.
WARNING: Windows and some software programs save a history of pretty much everything you do in them, including copies of files you have viewed. And most web surfing history / tracks removers merely delete private files.
Question: Does formatting the hard drive or reinstalling Windows remove the index.dat files or other private data?
Answer: If by ''remove'' you mean securely, no, it doesn't, because even if you format the hard drive first, those files can still be recovered by data recovery software or experts.
To make that as improbable as possible, erase your private data with 3 to 7 passes on a modern, high-density hard drive*, or 35 passes on an old hard drive.
*Erasing expert Peter Gutmann made it clear in an epilogue to his paper that 35 passes don't make data any less recoverable than several passes on modern, high-density drives.
Note: If antimalware or antispyware and antiadware don't remove a stubborn program that keeps causing problems, and you don't want to switch to Mac OS or GNU/Linux to avoid such problems, formatting your hard drive will remove the troublemaking program.
But for next time, since formatting also removes Windows and all your software, I recommend creating an image of your new, clean, configured Windows installation with one of these disk imagers to avoid going through the trouble of reinstalling and reconfiguring Windows and all your software.
To make files as unrecoverable as possible*, you need erasing software (also called a wiper or shredder) that overwrites the files several times with special alternating patterns of random data, using a complex algorithm.
*Unless you physically destroy your hard drive's disks, experts can recover some, if not all, of your erased files if they want to badly enough:
''Data overwritten once or twice may be recovered by subtracting what is expected to be read from a storage location from what is actually read.''
''Data which is overwritten an arbitrarily large number of times can still be recovered provided that the new data isn't written to the same location as the original data (for magnetic media), or that the recovery attempt is carried out fairly soon after the new data was written (for RAM).''
''For this reason it is effectively impossible to sanitise storage locations by simple overwriting them, no matter how many overwrite passes are made or what data patterns are written.''
''However by using the relatively simple methods presented in this paper the task of an attacker can be made significantly more difficult, if not prohibitively expensive.'' - Peter Gutmann
Caution: Erasing your data isn't the key to ultimate security.
''When overwriting data, you are simply trying to fix a security leak that already has happened. The best way to deal with this is to prevent the data from getting written to the disk in the first place - use strong encryption.''
''E4M and PGP can get you started, but cannot help you with Windows-related security holes. If you must use Windows, use NT/2000[/XP].'' - Heidi Computers Ltd.
Because of their journaling nature, the other file systems (ext3, ReiserFS, XFS, JFS, etc.), while providing better file integrity and stability, collect significant amounts of data about your activities. To learn more, read ''Data Security for GNU/Linux Power Users.''
Secure Erasing Guide
Get notified when this page changes.
Please read my disclaimer before visiting the following top sites.
Brent's Place at brentsplace.info
©2000-2006 All rights reserved.