Data Removal Recommendations

Overview

For the general user, the delete or format command appears to be the logical method of removing unwanted data files. These methods, however, are like sweeping something under the carpet: you may not be able to see it, but it's still there. All that deletion has done is remove the pointer to the files, with the data itself residing in unallocated space on the hard drive. This means that data recovery is possible using various software tools.

When sensitive information is stored on the hard drive of a machine that is to be surplussed or transferred to another individual or department, it is therefore imperative that extra measures be taken to wipe clean the hard drive before the computer leaves your area of responsibility. This document describes some common methods and software to assist you with the sanitization process. It also includes links to articles that provide detailed technical descriptions of what occurs during this process.

Sanitizing Techniques

As described in the much-referenced article Remembrance of Data Passed: A Study of Disk Sanitization Practices, the three most common techniques for properly sanitizing hard drives are:

1. Physically destroying the drive, rendering it unusable. This is a good alternative for defective hard drives or those that would be too costly to repair. For added security, the disk should be overwritten or degaussed prior to destruction.

2. Degaussing the drive to randomize the magnetic domains – most likely rendering the drive unusable in the process. Degaussing, or demagnetizing, applies a reverse magnetizing field to data stored on magnetic media, erasing the contents by returning the magnetic flux to a zero state.

3. Overwriting the drive’s data so that it cannot be recovered. Overwriting replaces previously stored data on a drive or disk with a predetermined pattern of meaningless information, rendering the data unrecoverable.

The SANS white paper "Deleting Sensitive Information: Why hitting delete isn’t enough"¹ explains:
"...Overwriting data once is not usually good enough to prevent data recovery, instead it is recommended that a minimum of three passes are made writing alternating zero and one patterns over the data and then further passes with random data, the more passes the better the chance that no data can ever be recovered."

NOTE: When removing sensitive information, don't forget CDs and floppies. Also, be sure to erase any stored names and numbers from phones and fax machines.

Suggested software

The following chart is a collection of disk wiping software recommended by DCCs or listed on a variety of other University and security sites. The inclusion of any title does not indicate an endorsement by Brown University or the CIS department, and has only been provided as an aide in making a decision that best matches your specific needs.

Program	Cost	Platform	Comments
Acronis DriveCleanser 6.0 www.acronis.com/products/drivecleanser/	$44.99	Windows	Deletes all the data and partitions on a hard disk. Wizard interface. Meets national data destruction standards.
AutoClave staff.washington.edu/jdlarios/autoclave	Free	Windows	Writes just zeroes, DoD specs, or the Gutmann patterns. Easy to use. Erases the entire disk including all slack and swap space.
BC Wipe www.jetico.com/download.htm	Free trial, purchase $39.95	Windows, Unix
Burn 2.5 http://www.securemac.com/burn.php	Free	Macintosh	Macintosh 8.5 and Mac OS HFS+ compatible
cyberCide 2.0 (CyberScrub) www.cyberscrub.com/cybercide/	Free trial, purchase $29.95	Windows	Erases files, folders, cookies, or an entire drive. Implements Gutmann patterns.
Darik's Boot & Nuke (DBAN) dban.sourceforge.net/	Free (accepts donations)	Windows
Disk Wipe www.dtidata.com/products_disk_wipe.asp	Administrator license - $49.00	Windows
East-Tec Eraser 2004 www.east-tec.com/eraser/index.htm	$49.95	Windows	Beats DoD standards, full support for popular browsers, intuitive interface for ease of use.
East-Tec Sanitizer 2004 www.east-tec.com/sanitizer/index.htm	Single license/1 computer - $9.95	Windows	Designed to remove all traces of data from hard disk, overwriting all data from every sector.
Eraser 5.7 http://sourceforge.net/projects/eraser	Free	Windows	Erases directory metadata. Sanitizes Windows swap file when run from DOS. Sanitizes slack space by creating huge temporary files.
GDisk www.symantec.com/home_homeoffice/products/ backup_recovery/ghost10/index.html	$69.99	Windows	Bundled with Symantec's Ghost utility; GDisk.exe conforms to current US DoD specs
KillDisk (Active@KillDisk) killdisk.com/	Free version, Pro version for $29.95	Windows, Linux, Unix for PC	Conforms to DoD sanitizing standards and uses Gutmann's data destruction method
M-Sweep Pro Data Eliminator www.secure-data.com/ms.html and Disk Scrub http://www.secure-data.com/diskscrb.html	$500 - part of Data Elimination Suite	Windows	M-Sweep: Exceeds DoD standards, can overwrite ambient data areas 9 times. Ideal for use with laptops.
Norton SystemWorks 2004 www.symantec.com/sabu/sysworks/basic/	$69.69	Windows	Norton CleanSweep™ and WebTools come bundled ($50 upgrade rebate)
NTI Dragon Burn https://secure.ntius.com/esdsoft/dragonburn_v4_full.asp	Free trial, purchase $40.00 (OS X), $19.95 (OS 9.0.4+)	Macintosh
OnTrack DataEraser www.ontrack.com/dataeraser	$29 (personal) $500 (professional, 50 licenses)	Windows	Erases partitions, directories, boot records, and so on. Includes DoD specs in professional version only.
Paragon Disk Wiper 7.0 www.disk-wiper.com/	$29.95 (personal) $149.95 (professional)	Windows	Disk Wiper Pro meets DoD sanitizing standards. Special overwriting patterns with up to 99 passes for 100% erasure of all sensitive data.
ShredIt www.mireth.com/text/shredit_sp.html	Free trial, $19.95 (download)	Windows, Mac OS8/9 & OSX	Easy interface, configurable overwrite pattern and number of overwrites
Shred 2 www.pcmag.com/article2/0,4149,219998,00.asp	Free	Windows
SuperScrubber http://www.jiiva.com/superscrubber/	$29.99	Mac G3, G4 & G5
UniShred Pro www.lat.com	Contact vendor for quote	Unix and PC hardware	Implements all relevant DoD standards and allows custom patterns
Wipe sourceforge.net/projects/wipe/	Free	Linux, Unix	Uses Gutmann's erase patterns, erasing single files and accompanying metadata or entire disks
WipeDrive www.whitecanyon.com/wipedrive-erase-hard-drive.php	$39.95	Bootable PC disk	DoD approved; securely erases IDE and SCSI drives

Removal Tips

Windows

Each of the software products listed above comes with specific instructions, some with an easy-to-use wizard interface. KillDisk (recommended by some DCCs) is the software of choice at Northern Illinois University. Their support for this product includes detailed instructions on its use.

Dell offers an overview document Erasing Data from Your Hard Drive and a link to CNET's (download.com) listing of rated disk wiping software.

Macintosh

In addition to the software offered above, Mac computer hard drives can be cleared by zeroing their data. The Apple site provides step-by-step instructions for both Mac OS 8.x/9.x and OS X plus a good overview of when to reformat a hard drive (see Troubleshooting Hard Drives: Reformatting). Note that zeroing data (aka "low level" format) may take a long time and depends on the hard disk size. It is recommended to use the "8-way random" feature in conjunction with the "zero all data" option.

Mac OS 9: How to Initialize or Format a Disk (docs.info.apple.com/article.html?artnum=50447)
Mac OS X: How to Zero All Data on a Disk (docs.info.apple.com/article.html?artnum=107437)
Mac OS X 10.3: Erasing a Disk or a Volume (docs.info.apple.com/article.html?artnum=152060)
Disk First Aid 8.6.1: Software and Information (docs.info.apple.com/article.html?artnum=75102)

For a general search of the the Apple Knowledge Base, go to: kbase.info.apple.com/index.jsp.

Unix Secure File Deletions

www.giac.org/practical/gsec/Ken_Hatfield_GSEC.pdf

Solaris

wwws.sun.com/software/solaris/trustedsolaris/ts_tech_faq/faqs/purge.html