Technology in terms you understand. Sign up for my weekly newsletter, "Confident Computing", for more solutions you can use to make your life easier. Click here.

How Does Secure Delete Work?

We’ve long been told that when a file is deleted, its contents are not actually removed. Instead, the space the file formerly occupied is marked as “available” for another file to be written to later. Until that overwrite happens, the original, deleted information is still there.

This is the basis for many undelete and other data-recovery utilities. It’s also why most of those utilities recommend you stop using your disk if you accidentally delete something.

But what if you really want it gone? That’s where a technique called “secure delete” comes into play.

Become a Patron of Ask Leo! and go ad-free!

Basic secure delete

At its simplest, a secure delete overwrites the area on the disk where the file’s data resides, or used to reside, with random data. Once securely deleted, the previous data is no longer available.

Secure delete utilities generally either delete an existing file or overwrite all unused space.

Instead of deleting a file using whatever normal commands you might use, you use the secure delete program. It carefully ensures that the file’s contents are overwritten as part of the deletion. This is typically a quick operation, since it overwrites information only for the specific file or files you tell it to delete.

If the files you’re concerned about have already been deleted, an alternative is the “free space wipe”. This process writes data to all areas of your disk that aren’t currently in use — the “free” space. The net effect is the same: the contents of all previously-deleted files are overwritten. This can take more time, depending on how much free space your disk currently has.

A basic secure delete renders your data unrecoverable to most common forensic and data recovery tools.

Unfortunately, I did say “most”, and that’s where what I’ll call “extended” secure delete comes into play.

Delete KeyExtended secure delete

The best way to grasp this concept is to grab a pencil with an eraser.

  • Write something on a piece of paper. That’ll be the equivalent of creating a file on your hard disk.
  • Draw a line through what you’ve just written. That’s kind of equivalent to a “normal” delete. You can still see the data, but the line through it says, “This has been deleted; ignore it”.
  • Using the pencil’s eraser, erase what you’ve written, including the line. That’s roughly equivalent to a basic secure delete: you actually physically remove what you’d written.

At this point, there’s a good chance you can still kind of/sort of see what you had written before.

The same is true for magnetic media like hard disks. With the right equipment — which typically means taking the hard disk apart in a clean room and using some extremely high-powered analysis tools — it’s possible that even overwritten data can be partially recovered, just like you could sort of make out what you had written in pencil and then erased.

Recycle Bin isn’t delete

If you “delete” a file and you can find it in your Recycle Bin, it hasn’t really been deleted at all. It’s simple been moved to a different folder.

The types of deletion discussed here involve what is usually referred to as a “permanent” delete.

Let’s continue with the pencil and eraser example.

  • Write a line of capital “A’s” on top of the area you just erased.
  • Erase the line of “A’s”.
  • Write a line of capital “X’s” on top of the area you just erased.
  • Erase the line of “X’s”.
  • Write a line of capital “O’s” on top of the area you just erased.
  • Erase the line of “O’s”.
  • Keep doing this over and over, with a different letter each time, until you get tired.

At this point, if you haven’t erased the paper into oblivion, it’ll be impossible to decipher the original line of text you wrote.

That’s an “extended” delete. A good secure delete utility will write and overwrite the data several times, using multiple passes before calling it erased.

Which do you need?

There’s a good chance you don’t need secure delete at all. Most people don’t. No one’s coming to examine your previously deleted files, except maybe you, if you mistakenly delete something and want to recover it.

If there is some concern — be it privacy, security, or something else — an every-so-often free space wipe is probably more than enough for most people.

If you regularly deal with exceptionally sensitive, highly valuable data that is subject to theft or even espionage … well, then, an extended multiple-pass secure delete may be what you need. My understanding is that some businesses and governments require this.

A note about SSDs

Note that “extended” secure delete applies to traditional magnetic hard drives only. SSDs don’t suffer from the same issue, and overwriting an SSD multiple times on any regular basis runs the risk of severely shortening its lifespan.

Tools to use

While I’m sure that there are many others, here are three tools I’ve used in the past that I can recommend:

SDelete is a free command-line tool available from Microsoft that allows you to do everything discussed above: securely delete a file, securely wipe free space, and do either with multiple passes.

CCleaner is a free Windows cleaning utility that includes a “Drive Wiper”, a tool capable of both free space and non-system drive wiping, including multiple passes.

DBan, short for Darik’s Boot and Nuke, is a free utility designed specifically to erase hard drives, including your system drive, with the option of using multiple passes.

Podcast audio

Play

14 comments on “How Does Secure Delete Work?”

  1. I use CCleaner and PrivaZer . PrivaZer will clean your computer and leave it like brand new. Runs very smooth after using this software and, best of all it’s free. I use it once every 2 months and sometimes once a month. Try it….you’ll love it.

    Reply
  2. I think the above needs some clarifications for changes to both hard disk drives and solid state drives over the last 10 years. (My job at a local computer repair shop is to wipe and re-certify for sale HDs – making sure that any old information is not retrievable and the drive is suitable for sale.)

    Bob may be confusing ‘Secure Erase’ and ‘Extended Secure Erase’, (the ATA commands) with secure delete, the commonly used term for a higher level of deleting files by a user. The former terms are defined by the ATA specification and is implemented differently by different manufacturers. I know of no Windows programs that implement Secure Erase; the Parted Magic Linux boot disk has a good implementation. These commands do not write data to a drive, unstead they effectively tell the drive to wipe itself. They are only drive-level commands, not used for files, folders or partitions. While a drive is running secure erase it ignores any input until the wipe is complete.

    Per Scott Moulton of ‘My Hard Drive Died’ (a data recovery company) a *single* pass of even just zeros is sufficient to wipe all information from HDs made since 2006. (See, or rather listen, http://podnutz.com/mhdd027/ starting a 36:15. Yes, I was the one asking the question.) There was, at one time, “extremely high-powered analysis tools” that could read-around and read-through written data on a MFM and RLL tracks, but technology has changed so much that this is no longer possible.

    User programs wipe the places the user can access, but that’s not all the places data exist on a HD. For those other places, one needs to use the ‘secure erase’ as noted above. This is especially true with Solid State Drives (SSDs), in which what and where data is actually written may bear no relationship to what the operating system thinks. The OS does not need to know, only the SSD knows. To wipe a SSD use the tool provided by the manufacturer to do so.

    Bob’s companion piece, “Are There Hidden Files that Save Every Keystroke I’ve Ever Typed?” also comes into play here. Even though a user may think they have securely deleted a file, the OS may have squirreled a copy away somewhere else like the swap or hibernation file, a temp file made during editing, or even older versions of the same file. These are exactly the areas forensic investigators look for evidence. There is no need, or ability, to look ‘under’ long strings of zeros; there are lots of other places that contain easily read (if not easily interpreted) data.

    And it must be said that if the drive fails or reports errors all bets are off. There is no way to know if data exists on it or not. Broken drives may be repaired and data recovered, but for the person trying to wipe a drive with problems the best thing to use the ‘ol drill and hammer technique and destroy the drive.

    Reply
    • Amen. To totally erase a full-disk encrypted disk just throw away the key. Done. No writing or over-writing needed; no worry about deleted or ‘squirreled away copies,’ it is literally instant.

      Reply
  3. I usually place precious files, e.g. a bank statement or tax-prep program’s PDF output in the Desktop folder, because it’s easy to do. Then I move the files to an external USB drive, and overwrite the Desktop file using AxCrypt’s “Shred and Delete” button in the file icon’s context-menu popup.
    I started using this three-step procedure when I had to take my machine to a computer shop to get it working after Windows 10 bricked it. The C drive had the remnants of files I had merely “deleted”, as Leo describes. The shop’s personnel probably had better ways to spend their time than browsing my deleted files, but one never knows. And I found that TaxCut’s working files were on the C partition, as was the TaxCut executable. I think the files were encrypted, but that was useless, since the executable ran without demanding a password. (I now install programs on my external USB drive.)

    Reply
    • I hope you’re creating a backup copy of the files somewhere like a second or third USB drive as data is always subject to loss.

      Reply
  4. So what exactly is the difference between these secure erase tools and holding down Shift while deleting a file in Windows/File Explorer (the so-called “permanently delete”)?

    Reply
    • In windows explorer delete simply moves the file to the recycle bin. That’s not a delete as I mention in the article. SHIFT makes it a “real” delete.

      Reply
  5. So i am giving my pc to my gf with my hard drive. I formated my hard drive but could she still see my browsing history from formated hard disk?

    Reply
  6. Could you please tell me what program I need to make sure deleted text and deleted photos are permanently deleted on galaxy s7…i have secure eraser installed and use it often…how often do I need to run it to secure deleted text and photos?

    Reply
    • You mention Secure Eraser. That’s a viable option. As for how often to run it, that depends on what kind of files you’ve deleted from your phone. I’ve you’ve recently deleted some sensitive files, you might want to run it at that point. Or you can use it to directly delete files you don’t want to be recoverable.

      Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.