skip



How to Securely Erase Private Data

Contents

How to Set Up and Use Eraser

CAUTION: Reading the following instructions carelessly could cause you to disable your system and / or lose data you want to keep. So be sure to read them carefully.

Set Up Eraser

Previous: Index.dat Files

Sandboxie Cache

skip

WARNING: Running your browser, e-mail program, word processor or other program in Sandboxie with its cache, or sandbox, in unencrypted form leaves your browsing history, e-mail, private documents or other private files vulnerable.

I recommend either encrypting your Windows partition or your whole hard drive, or moving the sandbox to an encrypted removable medium.

To move the sandbox:

  1. Create a folder on an encrypted removable medium, called Sandbox.
  2. Select Start > Programs > Sandboxie > Sandboxie Control > Configuration > Global Settings > Set Sandbox Top-Level Folder and enter your new drive, followed by Sandbox\%SID%.
    • Example: E:\Sandbox\%SID%

WARNING: A program running in the sandbox locks the sandbox, keeping Eraser from erasing it.

Before erasing the sandbox in Windows, make sure all programs running in the sandbox have been terminated / stopped / closed.

Note: Closing all processes (programs) running in Sandboxie may or may not unlock the files. If it doesn't, when erasing the sandbox Eraser will, if you've checked the locked files setting in the preferences, pop up a message saying ''File locked by another process. Do you want to Erase after restart?'' Click on Yes.

Note: Deleting or erasing the top-most Sandbox folder won't harm anything. It'll just be re-created the next time Sandboxie is started.

WARNING: If you're comfortable with editing the registry, you can configuring Sandboxie to use eraserl or some other secure erasing program to erase the sandbox when Sandboxie is closed, but you have to close it every time before logging off or shutting down. Forgetting to do that every time leaves your private data vulnerable.

If in spite of the risk you choose that option anyway, follow the Secure Delete instructions below with one difference: replace the default delete command with the following one:

eraserl.exe -folder "%SID%" -subfolders -method DoD

(DoD is 7 passes, DoD_E is 3, Gutmann, for older, less dense drives only, is 35)

To avoid leaving your data vulnerable and dealing with locked files, I recommend creating a batch file instead to erase the sandbox on logoff or shutdown.

Caution: Eraser Launcher (eraserl.exe) does not ask for a confirmation before erasing your data.

Back Up Settings

skip

Once you've finished creating the tasks, export a backup file of these settings to a floppy disk by clicking File and selecting Export and the location to save it to, name the file, and click on OK.

Run chkdsk or scandisk

skip

Having done all that, now do the following five things every time you use your computer. Before shutting it down, first run chkdsk / scandisk to recover any lost clusters, right-click on them and erase them with Eraser.

Run Eraser

skip

Start and run Eraser. Here's how: if Eraser's window isn't selected, click on it's top bar, press the Ctrl and A keys at the same time, to select all the tasks in the list, and click on the Run button to erase the unnecessary files that have accumulated and the subfolders they're in.

Then repeat this step in a second user account (if you don't have one, create a temporary one) to erase all your index.dat files. (Make sure you delete the temporary account after you're done, for security.)

CAUTION: If you prefer, instead of pressing Ctrl and A, you may press and hold the Ctrl key and select the tasks for the index.dat files in other user accounts than the one you're currently logged in to. But I strongly recommend pressing Ctrl and A and selecting all the tasks, even though most of them have already been done. Otherwise you may miss some index.dat files.)

If you don't erase temporary and history files, your computer will slow down. My dad's computer was extremely slow after a year of accumulation, and it took 16 hours, instead of the usual 1 to 10 minutes when done every day, to delete these files!

'Course that's because it was set to 35 passes per file, I later found out, instead of 7 or 3. But it still would've taken quite a while. So try to do it every day, if you can.

Incidently, I've since learned that erasing expert Peter Gutmann, in an epilogue to his paper, said ''performing the full 35-pass overwrite [a method meant only for old, low-density hard drives] is pointless [for modern, high-density hard drives]...a few passes of random scrubbing is the best you can do.'' So the DOD's 7 passes setting should be sufficiently secure.

Erase Swap or Page File and Free or Empty Space

skip

WARNING: Alternate Data Streams skip

To erase your swap or page file or files (each partition has one), either create a Scheduler task for each one in Eraser (see Set Up Eraser for instructions), to erase the file(s) on reboot, or follow the steps below to erase it or them from the command prompt.

  1. Restart your computer and press the F8 key several times until a menu appears.
  2. Select Command Prompt.
  3. At the C prompt, navigate to the folder Eraser is in using the cd FOLDER NAME command, and enter the following commands to securely erase the swap or page file(s) and the free, unused space on your hard drive, which contains fragments of private files.

Note: Erasing free space takes several hours. If you prefer, you may erase your free or empty space in Windows with Eraser's interface, but it won't be as thorough as the command prompt from the boot menu, because some files are in use and it can't erase them.

eraserd -file c:\pagefile.sys -passes 7

eraserd -disk c: -passes 7

Now, if you've followed these instructions, your computer is virtually* free of bloat and ''deleted'' files, especially private ones, for FREE!

*As I said in my disclaimer, these instructions are in no way a guide for thorough erasing of all your private data stored on digital media. For that, please consult an expert.

Contents of Secure Erasing Guide


Back to Navigation Links


Get notified when this page changes.

ChangeDetection.com
(requires free registration, has RSS option)
     It's Private


WatchThatPage.com
(requires free registration, has several options)


If you like my web site, tell your friends and family about it. (A window will appear if Javascript is enabled in your browser, and if you temporarily disable your popup blocker, if you have one.)

Recommend my web site to a friend for free.
powered by bravenet.com


Place a Pin on My Guestmap


Please read my disclaimer before visiting the following top sites.

  • Christian Top 1000
  •   Fish the Net's Top Christian Web Sites
  •   Crossmap's Christian Website Rankings
  •   Top Christian Web Sites

Brent's Place at brentsplace.info

  • Family Friendly  
  • ChildSafe.com 
  • SafeSurf.com 
  • iWatchDog.org

©2000-2006 All rights reserved.

Naturalist Template provided by Designs by Darren. Released under a Creative Commons License.
Image of Half Dome provided by PD Photo and STUDIO7DESIGNS in Nautica 2.2 Template
Basic CSS Menu provided by CSS Play.