Secure & Permanent Data
Wiping of Hard Drives
When we are going to erase the data
from our hard drive (for example, we send it to the Windows trash, and then
empty it), the file will have disappeared from its original
folder. However, the file has not actually been deleted, it is still on
the hard drive; its space has simply been marked as "free" and
is waiting for another file to overwrite its data and take its place. The
same happens when we format the hard drive. Its surface is marked as
"free", but in reality the data is still there.
While this file is still here, it
is possible to recover it using data recovery programs, very simple software to use that,
probably, on more than one occasion, has saved us from some
displeasure. Even if the data has been overwritten by other files, using
forensic techniques it is possible to reverse these changes and revert to the
original data.
Beware of SSDs
Everything that we are going to see
next is designed to eliminate data on conventional hard drives, HDD. If we
have an SSD, of course these commands and programs will also work and fulfill
their function. However, these work very aggressively, doing a lot of
writing to the drives. And this can damage our SSDs or reduce their
lifespan considerably.
Most modern SSDs have a system
called TRIM. Thanks to it, the data that is deleted is usually erased
permanently, and it is not necessary to resort to overwriting techniques to
ensure its disappearance.
Safely erase a hard drive from Linux
Most Linux distributions come by
default with a series of tools that will allow us to safely delete any type of
information that we may have on hard drives. What these tools mostly do is
erase the data and overwrite the information with other random
information. And so on several times.
We can use any Linux distro to use
the following tools, although the best thing is that we use a distro that loads
directly into RAM. An Ubuntu Live, and even a recovery distro like
SystemRescueCd will allow us to perform this task without problems.
DD
The DD command is one of the most
comprehensive Linux data copy commands. We can use this command to replace
all the data on a hard drive with random information so that the data is
overwritten and cannot be recovered. To do this, what we must do is
execute the following command, selecting the drive (hard disk or partition)
that we want to clean instead of / dev / sda.
We can execute this same command 4
times so that the data has been overwritten 4 times with totally random
information, and thus it will have disappeared completely.
This is a tool, included in Linux
distros, specially designed to safely delete data by overwriting its space with
random information. To do this, what we must do is run the program,
followed by the number of times we want to overwrite the data, and the drive we
want to clean, to safely destroy all the data on that drive.
The -vz parameters allow us to see
the overwriting process in the console, and, when finished, make a last pass to
overwrite all the data with "0", leaving the drive completely
clean. We can also add the "–random-source = / dev / random" parameter
to use the random function of Linux distros instead of their own algorithms.
Another tool similar to the
previous one that, as its name suggests, allows us to clean our hard drive, destroy
its information and prevent the data from being recovered again.
SCRUB
And finally, let's talk about
scrub. This tool has also been developed to allow us to overwrite all the
information on any hard drive or storage device. This tool repeats patterns
so that reverse engineering techniques have it much more complicated when
trying to recover the information. This program uses several different
algorithms so that the data is practically impossible to recover.
Using programs to irretrievably
erase data
We may not want to use the Linux
console for whatever reason (usually scary). For this reason, we are also
going to talk about other programs that help us to safely delete specific files
from the hard drive, in addition to deleting any hard drive safely.
DBAN
DBAN is a free program designed to
completely erase any hard drive and also overwrite all the information on it
with random data. This program runs in Live mode, as an independent
operating system from RAM, and allows us to choose the drive we want to clean
and a series of parameters (such as algorithms or number of passes) so that the
cleaning is as accurate and complete as possible .
HDD Low Level Format
Another program to erase data
safely is HDD Low Level Format. What this program does is
completely empty any disk or unit that we select and, later, it allows us to
initialize it, marking all sectors of the hard disk to "0".
Eraser
Eraser is a program for Windows
whose purpose, as the name indicates, is to allow us to erase the files we
want. Instead of erasing hard drives or entire partitions, this software
integrates into the Windows context menu so that we can erase any individual
file, safely and irretrievably, simply by right-clicking on it.
Permadelete
Yet another alternative, for those
who prefer open source software, is Permadelete. This program
has a very easy-to-use interface to be able to delete any Windows file or
folder so that not even the slightest trace of the file remains at the end, and
it is also impossible to recover the smallest information about it.
Fire and destruction
Surely there are times when we have
stored information on our hard drive that is too important for it to fall into
the wrong hands. The above methods can help us delete this data and make
it impossible to recover. But there is always the doubt and the minimum
possibility that, in the end, this information can be recovered.
If all of the above does not give
us enough confidence and we do not want to risk
it. The best we can do is completely destroy the hard drive. And here
we can give free rein to our imagination.
The most common, in the case
of normal hard drives and SSDs, is to start destroying them with
a drill. We must make several holes throughout the surface of
the unit, especially in the plate of traditional hard drives, so that it is as
destroyed as possible. Next with a hammer, we must make
sure that the plates (in the case of a conventional hard drive) or the memory
chips in the case of an SSD are as ground and destroyed as possible to avoid
any recovery attempt.
The fire can also
help us to destroy any remaining debris, further reducing the likelihood that
recovers nothing. And finally, we must throw the remains in different
containers, avoiding even more that they get the parts that give them this recovery.
This is the most paranoid method of erasing data. But it never hurts
to take note.
No comments:
Post a Comment