Folks, we need to have a serious discussion about wiping your sensitive bits. No, not those bits! I’m talking about your sensitive information.
Think about all the information on your hard drive right now. Or on your phone. Or USB key. Now, imagine I asked you to print out all of those files and hand them to the first person you crossed in the street wearing, say, a blue shirt.
I imagine many, if not most of you, just recoiled in horror. We all have at least one digital storage device, and they contain a lot of information about us. Information you wouldn’t want to hand to a stranger. Yet you might have already done so at least once.
What am I talking about? Let me explain. Or rather, demonstrate.
Earlier this week, I spotted an external hard drive in a pawn shop: €24.99, 500GB, clearly Western Digital from the form factor (although it was mislabeled as a Seagate drive). Overall, a decent deal. And when I saw it, the idea for this post popped in my head. There and then, I decided to do it, and bought the drive for this experiment.
I hurried home and plugged it in. But not to use it. No. I started up a file recovery program.
It’s important to note that this drive is a completely standard drive, and that all the files HAD BEEN DELETED. And this is a tiny bit of what I found when I ran the program:
The first scan returned 37,143 files. Encouraged, I ran a fuller, more in-depth scan. In total, I found 40,295 files (60GB), dating over 20 years. Files the previous owner believed deleted. Do you see the problem yet? This software is not complex to run, it is free, and instructions abound on the internet. Any bored teenager could easily do exactly what I have done. Keep that in mind.
Allow me to introduce you to this drive’s previous owner:
This is Mr. Picard – that’s not his real name, but I do have his full, real name. This is one of many private photos I recovered of his vacation with his family to Turkey.
Mr. Picard owns a small heating and electrician business nearby, which he has operated from the same address for at least 20 years. I know this because I recovered over 17,000 of his business documents, dating back to 1996: bills, estimates, salary info, hiring info (including employee social security numbers, full names, dates of birth…), blueprints, product catalogs — I even found a lot of financial records, including bank balances.
If you didn’t see the problem before, you’re seeing it now, aren’t you? Aside from all those documents, I also recovered multiple databases, which I’m too lazy to try to open, vacation photos, and many full films. Mr. Picard, it seems, was an avid film downloader – though I can only assume that he downloaded most of these for his grandchildren.
A lot of these are films I either haven’t seen yet and want to see, or films I’d love to see again. So I’m keeping the films.
The worst part though is that I recovered not only financial documents, not only scanned ID cards, but passports! One belongs to him, and another two to a married couple he knows somehow.
Luckily for Mr. Picard, I only look like a criminal, and I have no interest in ruining his life. All of his files (except those films) will be completely erased when this experiment is over.
HOW DOES THIS PROBLEM HAPPEN?
A hard drive’s actually a bunch of small storage locations where the drive can write files. Picture a closet full of shoe boxes. You have something to store, so you throw it in an empty box, and write the box number and contents down on a big list (the file table).
That’s what your hard drive does: it writes the file’s data to a storage spot, then makes a note in the table that storage location x contains file y. Sometimes the object you want to store is too big for a box – so you chop it up into box-sized chunks, put it in whichever empty boxes you can find, and write down the locations, order, and contents of those boxes. Your hard drive does this as well, and it’s called fragmentation.
When you delete a file to the recycle bin, you haven’t even removed its name from the big file list. The computer just changes where you see it (in the recycle bin).
When you empty the recycle bin (or shift+delete something), the name is removed from the big list, and the space is marked as empty: the computer can now dump out that shoe box and put something else in. But it won’t bother with that until it has something else to put in.
So although it’s marked as empty, the data’s still there. And it will stay there until the computer writes something over it. And since the computer has soooo many shoe boxes to choose from, who knows when it will get around to it. Remember, I found files going back years.
Mac, Windows, Linux, Android, USB key – when you delete a file, it’s not removed from the drive. It’s just forgotten by the system.
The first person I told about this experiment, and my results, asked a very good question: “So what should he have done?“. A very good question – too many times we’re ready to shoot the messenger, instead of heeding the warning. The point of this article is to convince you to take necessary precautions to protect your data any time you transfer ownership of digital storage.
Her second question was “Should he have formatted it instead of just deleting?“. And the answer is no. Formatting doesn’t remove the information. It just creates a new “big list” like I talked about earlier – the data is still there.
What he should have done is to wipe the drive before selling it. Wiping the drive rewrites the entire drive (or just the free space, depending on settings) with random data. It forces the computer to dump out all the boxes, and fills them with junk. You’ll want to do several passes to make sure. Be prepared to devote several hours to this – it would be best to do overnight while sleeping.
So how do you wipe your drive? I’ll go over the procedure for Windows, since that’s what I’m most familiar with. I don’t know the software options available for the other systems out there today, but a quick Google search for “wipe hard drive” with the name of your operating system will turn up many options and detailed instructions. Don’t worry, it’s very simple to do.
First, you’ll need some software. My personal recommendation for this is CCleaner from Piriform. There are other option, of course, but CCleaner is excellent, it is free, and it has many other handy tools as well.
The first step is to delete everything you want gone. That means emptying the recycle bin too. If you’re wiping the entire drive, which you should do to external storage before selling it, you can skip deleting all the files.
Start CCleaner. You should see this.
On the left hand side, select Tools.
Select Drive Wiper from the options that have appeared.
The first box gives you the choice to wipe the empty space only (in which case non-deleted files will be left alone), or the entire drive, where everything will be removed. If you’re doing this to a laptop’s hard drive, you want the empty space only option. Be sure to have deleted everything you want gone first.
If you’re clearing external storage (USB, SD card, external hard drive, etc…) to sell it, it would be better to select entire drive.
The next box gives you the option to choose the number of passes. Three is good, seven is better, and 35 is, frankly, paranoid. I’d say go with seven, but be aware that your computer will be at this for a long time, so if you’re pressed for time, choose three.
Now, in the Drives box, be very sure to select the correct drive! Once you are certain you’ve selected the correct drive, click Wipe.
Once the software is finished, congratulations: you can sell your drive and know that you haven’t just handed all your sensitive data to someone else!