We’ve long been told that when a file is deleted, its contents are not actually removed. Instead, the space the file formerly occupied is marked as “available” for another file to be written to later. Until that overwrite happens, the original, deleted information is still there.
This is the basis for many undelete and other data-recovery utilities. It’s also why most of those utilities recommend you stop using your disk if you accidentally delete something.
But what if you really want it gone? That’s where a technique called “secure delete” comes into play.
Basic secure delete
At its simplest, a secure delete overwrites the area on the disk where the file’s data resides, or used to reside, with random data. Once securely deleted, the previous data is no longer available.
Secure delete utilities generally either delete an existing file or overwrite all unused space.
Instead of deleting a file using whatever normal commands you might use, you use the secure delete program. It carefully ensures that the file’s contents are overwritten as part of the deletion. This is typically a quick operation, since it overwrites information only for the specific file or files you tell it to delete.
If the files you’re concerned about have already been deleted, an alternative is the “free space wipe”. This process writes data to all areas of your disk that aren’t currently in use — the “free” space. The net effect is the same: the contents of all previously-deleted files are overwritten. This can take more time, depending on how much free space your disk currently has.
A basic secure delete renders your data unrecoverable to most common forensic and data recovery tools.
Unfortunately, I did say “most”, and that’s where what I’ll call “extended” secure delete comes into play.
Extended secure delete
The best way to grasp this concept is to grab a pencil with an eraser.
- Write something on a piece of paper. That’ll be the equivalent of creating a file on your hard disk.
- Draw a line through what you’ve just written. That’s kind of equivalent to a “normal” delete. You can still see the data, but the line through it says, “This has been deleted; ignore it”.
- Using the pencil’s eraser, erase what you’ve written, including the line. That’s roughly equivalent to a basic secure delete: you actually physically remove what you’d written.
At this point, there’s a good chance you can still kind of/sort of see what you had written before.
The same is true for magnetic media like hard disks. With the right equipment — which typically means taking the hard disk apart in a clean room and using some extremely high-powered analysis tools — it’s possible that even overwritten data can be partially recovered, just like you could sort of make out what you had written in pencil and then erased.
Let’s continue with the pencil and eraser example.
- Write a line of capital “A’s” on top of the area you just erased.
- Erase the line of “A’s”.
- Write a line of capital “X’s” on top of the area you just erased.
- Erase the line of “X’s”.
- Write a line of capital “O’s” on top of the area you just erased.
- Erase the line of “O’s”.
- Keep doing this over and over, with a different letter each time, until you get tired.
At this point, if you haven’t erased the paper into oblivion, it’ll be impossible to decipher the original line of text you wrote.
That’s an “extended” delete. A good secure delete utility will write and overwrite the data several times, using multiple passes before calling it erased.
Which do you need?
There’s a good chance you don’t need secure delete at all. Most people don’t. No one’s coming to examine your previously deleted files, except maybe you, if you mistakenly delete something and want to recover it.
If there is some concern — be it privacy, security, or something else — an every-so-often free space wipe is probably more than enough for most people.
If you regularly deal with exceptionally sensitive, highly valuable data that is subject to theft or even espionage … well, then, an extended multiple-pass secure delete may be what you need. My understanding is that some businesses and governments require this.
Tools to use
While I’m sure that there are many others, here are three tools I’ve used in the past that I can recommend:
SDelete is a free command-line tool available from Microsoft that allows you to do everything discussed above: securely delete a file, securely wipe free space, and do either with multiple passes.
CCleaner is a free Windows cleaning utility that includes a “Drive Wiper”, a tool capable of both free space and non-system drive wiping, including multiple passes.
DBan, short for Darik’s Boot and Nuke, is a free utility designed specifically to erase hard drives, including your system drive, with the option of using multiple passes.
Download (right-click, Save-As) (Duration: 6:47 — 3.2MB)
Peter
I use CCleaner and PrivaZer . PrivaZer will clean your computer and leave it like brand new. Runs very smooth after using this software and, best of all it’s free. I use it once every 2 months and sometimes once a month. Try it….you’ll love it.
BobB
I think the above needs some clarifications for changes to both hard disk drives and solid state drives over the last 10 years. (My job at a local computer repair shop is to wipe and re-certify for sale HDs – making sure that any old information is not retrievable and the drive is suitable for sale.)
Bob may be confusing ‘Secure Erase’ and ‘Extended Secure Erase’, (the ATA commands) with secure delete, the commonly used term for a higher level of deleting files by a user. The former terms are defined by the ATA specification and is implemented differently by different manufacturers. I know of no Windows programs that implement Secure Erase; the Parted Magic Linux boot disk has a good implementation. These commands do not write data to a drive, unstead they effectively tell the drive to wipe itself. They are only drive-level commands, not used for files, folders or partitions. While a drive is running secure erase it ignores any input until the wipe is complete.
Per Scott Moulton of ‘My Hard Drive Died’ (a data recovery company) a *single* pass of even just zeros is sufficient to wipe all information from HDs made since 2006. (See, or rather listen, http://podnutz.com/mhdd027/ starting a 36:15. Yes, I was the one asking the question.) There was, at one time, “extremely high-powered analysis tools” that could read-around and read-through written data on a MFM and RLL tracks, but technology has changed so much that this is no longer possible.
User programs wipe the places the user can access, but that’s not all the places data exist on a HD. For those other places, one needs to use the ‘secure erase’ as noted above. This is especially true with Solid State Drives (SSDs), in which what and where data is actually written may bear no relationship to what the operating system thinks. The OS does not need to know, only the SSD knows. To wipe a SSD use the tool provided by the manufacturer to do so.
Bob’s companion piece, “Are There Hidden Files that Save Every Keystroke I’ve Ever Typed?” also comes into play here. Even though a user may think they have securely deleted a file, the OS may have squirreled a copy away somewhere else like the swap or hibernation file, a temp file made during editing, or even older versions of the same file. These are exactly the areas forensic investigators look for evidence. There is no need, or ability, to look ‘under’ long strings of zeros; there are lots of other places that contain easily read (if not easily interpreted) data.
And it must be said that if the drive fails or reports errors all bets are off. There is no way to know if data exists on it or not. Broken drives may be repaired and data recovered, but for the person trying to wipe a drive with problems the best thing to use the ‘ol drill and hammer technique and destroy the drive.
Ray Smith
Even though a user may think they have securely deleted a file, the OS may have squirreled a copy away somewhere else.” – Yeah, indeed. Using tools such as SDelete or CCleaner to delete files is anything but secure and completely and utterly pointless (I’m surprised Leo made the recommendation). If your HDD/SSD contains super-senstive information, you should be using encryption.
BobB
Amen. To totally erase a full-disk encrypted disk just throw away the key. Done. No writing or over-writing needed; no worry about deleted or ‘squirreled away copies,’ it is literally instant.
BobD
I usually place precious files, e.g. a bank statement or tax-prep program’s PDF output in the Desktop folder, because it’s easy to do. Then I move the files to an external USB drive, and overwrite the Desktop file using AxCrypt’s “Shred and Delete” button in the file icon’s context-menu popup.
I started using this three-step procedure when I had to take my machine to a computer shop to get it working after Windows 10 bricked it. The C drive had the remnants of files I had merely “deleted”, as Leo describes. The shop’s personnel probably had better ways to spend their time than browsing my deleted files, but one never knows. And I found that TaxCut’s working files were on the C partition, as was the TaxCut executable. I think the files were encrypted, but that was useless, since the executable ran without demanding a password. (I now install programs on my external USB drive.)
Ray Smith
“Then I move the files to an external USB drive, and overwrite the Desktop file using AxCrypt’s “Shred and Delete” button in the file icon’s context-menu popup.” – The isn’t a good option as the files will more than likely exist in other locations (see the other Bob’s comments above). If your drive contains sensitive information, the best option is to encrypt it.
Mark Jacobs (Team Leo)
I hope you’re creating a backup copy of the files somewhere like a second or third USB drive as data is always subject to loss.
Warren Warshaw
So what exactly is the difference between these secure erase tools and holding down Shift while deleting a file in Windows/File Explorer (the so-called “permanently delete”)?
Leo
In windows explorer delete simply moves the file to the recycle bin. That’s not a delete as I mention in the article. SHIFT makes it a “real” delete.