Silk Road forums
Discussion => Security => Topic started by: hitit on August 10, 2013, 06:59 am
-
Hey Guys
In the wake of the recent issues surrounding FH and TorMail, I gave my security a rethink and realised that I don't know how to 100% securely delete files from my hard drive without leaving any trace!
I presume that simply deleting the file/folder and emptying the recycle bin does NOT completely erase any traces?
Does anybody know how to do this correctly on Windows??
Thanks for the help peeps :)
-
Look for Hiren's BootCD 15.2 or something earlier if you want. It has something called DBAN on it which will allow you to "boot and nuke" whatever you have using your choice of DoD deletion standard. 5 passes should be good enough.
Another quicker option would be to encrypt everything with something like DiskCryptor using a 100 character passphrase, probably with Twofish encryption. Then delete the encrypted partitions. The data will be completely unrecoverable.
-
If you're not doing a full disk erase, check out Eraserdrop Portable or some similar program
http://portableapps.com/apps/security/eraserdrop-portable
-
A nice tool for windows is CrapCleaner or CCleaner as it's now known - use the Drive Wiper under tools.
Also Recuva is a decent inspection tool to see what is still recoverable on a drive even after it's 'deleted'.
-
Just delete the files you want to delete and empty the trash bin. Then copy movies onto your system drive until it's full. Delete the movies again. Repeat 5 times.
-
CCleaner is a nice tool to have for many reasons including this.
-
A full disk wipe is the only way to be sure you've securely deleted all copies of a file (which may have been moved around during defragmenting or written to a journal, depending on the file system and OS).
-
Just to clarify, a full disk wipe is what I was talking about. Both DBAN and DiskCryptor are whole disk/partition tools.
-
After I started using Tails, I was concerned about what might still be on my hard drive. Windows makes temporary copies of files, system restore, ect. Who knows where all these wind up on the drive.
So I backed up what I did want to save, and then used D-ban to wipe the whole drive, then re-install windows, ect.
Was a hassle, but feel pretty confident now that there is nothing incriminating left on the drive.
I also was having performance problems on the computer anyway from years of crap, works much better now.
-
I recently had my computer screen replaced and had a conversation about data destruction with the store owner. He made some calls to his lab about how many times too overwrite as to make information retrieval imposable and the response was this"no matter how many times an over write the information is still retrievable with the right tools" I think this would only apply to serious organizations NSA,DEA,Homeland etc etc. Hard drives are damn cheap and easy to install. do what i did and buy a new one and completely destroy into micro fragments the old,then burn. He mentioned that they do recovery for the police department and have had HD's come in pieces, sent em to the lab and still got a plethora of information.
Im not extremely tech savy so this is me just passing on what i was told. Safe then sorry :)
running tails now and its great
-
Make sure you delete the page file at every windows shutdown. I can't stress this enough, also being in a position to rip out your ddr ram chips is another good tip. they might come with coolents to freeze the ram chips.
-
I recently had my computer screen replaced and had a conversation about data destruction with the store owner. He made some calls to his lab about how many times too overwrite as to make information retrieval imposable and the response was this"no matter how many times an over write the information is still retrievable with the right tools"
I call bullshit. I have personally tested a single random write and was unable to retrieve any of the previous files. We can put it to a test. I can create a disk image, create a file with a specific message, make 10,000 copies of that file, then overwrite it one time with random data. If that jockey computer store owner can tell me what the file says, he wins.
-
I recently had my computer screen replaced and had a conversation about data destruction with the store owner. He made some calls to his lab about how many times too overwrite as to make information retrieval imposable and the response was this"no matter how many times an over write the information is still retrievable with the right tools"
I call bullshit. I have personally tested a single random write and was unable to retrieve any of the previous files. We can put it to a test. I can create a disk image, create a file with a specific message, make 10,000 copies of that file, then overwrite it one time with random data. If that jockey computer store owner can tell me what the file says, he wins.
You might not be able to recover it, but the CIA could. With the right tools, as said.
-
I recently had my computer screen replaced and had a conversation about data destruction with the store owner. He made some calls to his lab about how many times too overwrite as to make information retrieval imposable and the response was this"no matter how many times an over write the information is still retrievable with the right tools"
I call bullshit. I have personally tested a single random write and was unable to retrieve any of the previous files. We can put it to a test. I can create a disk image, create a file with a specific message, make 10,000 copies of that file, then overwrite it one time with random data. If that jockey computer store owner can tell me what the file says, he wins.
I take it you have the best and most advanced equipment? Thats one badass man cave then ;)
-
There is no way to delete data.
Like the tape in your vcr, you have to put other data over it.
Delete will only remove the pointer, undelete will bring all data back.
The same goes for format.
A unformat will show you what was on the harddrive.
To remove data will take just as long as the time you needed to put the data on the hdd.
The savest quick way to remove a lot of data is the Guttman methode.
But even if 70 or 80% of a picture is missing, you can often see what was on that picture even when 80% is gone.
""Killdisk"" will write your whole disk full with zeros. The best tool , but removes everything even the data you wish to keep, so you have to make a copie of those, if you want to keep that data.
""Is there a methode to wipe a movie from a vcrtape. The monie is 3 hours long and I want to wipe it it 5 minutes....
Can not be done, without leaving traces of the original data. The only way is to record an other monie of 3 hours long over it, to be sure the first movie is gone.
-
The only secure way to delete files on Windows is to wipe the entire drive, I suggest using Secure Erase followed by a single pass with random data from DBAN.
-
You might not be able to recover it, but the CIA could. With the right tools, as said.
I wasn't talking about the CIA. I was talking about that computer store owner. He claims to be able to recover data under any circumstances, but no professional data recovery business claims to be able to do that.
-
If you trust Twofish, Serpent or AES-256 for whole disk encryption then encrypt every partition you have using a long passphrase (at least 80 characters) and delete your partitions when you're done. That's what I would do if I were disposing of a drive or swapping my data over to a new one.
I've gone to hd recovery places in the past and you'd be VERY surprised at what they're capable of. I remember one case they had documented where they were able to recover over 90% of the data on all drives buried under 100 tons of muck after a mudslide hit a company's office. Reconstructing a chopped up drive would be difficult, but not impossible. Certainly easier than breaking that whole disk encryption. Just my take of course.
-
Recovering data from physically damaged drives is easy in most cases.
-
CCleaner
FileShredder
You don't need to DBAN your system. Just clean up everything you want gone by deleting as normal, then run CCleaner with disk wiping enabled and free-space wiping enabled (you'll only need to wipe all free space the first time, and it takes a looong time with most HDDs).
Both are free. Set CCleaner to overwrite the files it deletes (and all free space on any selected drive, at least once) and select number of passes. For deleting select single or multiple files, use FileShredder, which has a handy right click interface when a file is selected.
Checking with Recuva is also a good idea.
-
CCleaner
FileShredder
You don't need to DBAN your system. Just clean up everything you want gone by deleting as normal, then run CCleaner with disk wiping enabled and free-space wiping enabled (you'll only need to wipe all free space the first time, and it takes a looong time with most HDDs).
Both are free. Set CCleaner to overwrite the files it deletes (and all free space on any selected drive, at least once) and select number of passes. For deleting select single or multiple files, use FileShredder, which has a handy right click interface when a file is selected.
Checking with Recuva is also a good idea.
That is not forensically secure.
-
Setup full disk encryption before you save sensitive data to the drive. That makes it much easier to destroy the data, since you only have to destroy the encryption key by overwriting the first gigabyte of the hard drive.
-
Thanks everyone for all the input and advice!
It seems as though there are a variety of methods depending on how thorough one would want to be.
I trust astor and the advice he gives - go to the security forum and you will almost always see an informative/helpful post or thread by him on the main page! But, regardless, the more input the better - so thank you to all!
-
Thank you for so many useful info.
Till now i used "Darik's Boot and Nuke" , anyone knows if he does a good job or not ? ( but from i read over the forums it does a hell of a job and it's rec by most of people ).
-
First choice should always be Secure Erase, DBAN is second choice. Best practice is to use Secure Erase and then 1 pass of random data from DBAN, for defense in depth (in case Secure Erase fucks up and you don't notice).
-
First choice should always be Secure Erase, DBAN is second choice. Best practice is to use Secure Erase and then 1 pass of random data from DBAN, for defense in depth (in case Secure Erase fucks up and you don't notice).
what he says, the wise, sometimes twisted, assuming man.
and I want to suggest "wipefile" or "wipedisk"
take care
12345
-
I recently had my computer screen replaced and had a conversation about data destruction with the store owner. He made some calls to his lab about how many times too overwrite as to make information retrieval imposable and the response was this"no matter how many times an over write the information is still retrievable with the right tools"
I call bullshit. I have personally tested a single random write and was unable to retrieve any of the previous files. We can put it to a test. I can create a disk image, create a file with a specific message, make 10,000 copies of that file, then overwrite it one time with random data. If that jockey computer store owner can tell me what the file says, he wins.
You might not be able to recover it, but the CIA could. With the right tools, as said.
They couldn't recovered Manning's files so I call bullshit too.