|
Post by laverne on Nov 19, 2015 7:24:09 GMT -5
I would like to know how to remove all data from an external hard drive. I read recently that doing a format only changes the MFT, not the data. Any suggestions?
|
|
drcard
Software Review Panel
Posts: 581
|
Post by drcard on Nov 19, 2015 19:32:13 GMT -5
Hi laverne, To remove the data from a HDD so that recovery programs can't retrieve it you have to overwrite the data. To do this for an entire HDD you use a HDD Wipe program. The links below are two free programs recommended by Microsoft. Active KillDiskDP WiperThis a slow process as it has to overwrite every single bit on the HDD. There are other ways to protect your data but depends upon the reasons why you want to wipe the HDD. If you are discarding the HDD, then opening HDD and breaking the platters inside definitely prevents any hope of revovery of data on the HDD and takes very little time. If you are giving the HDD to someone else to use, then wiping the drive will work but using Windows to encrypt the drive will prevent anyone from getting the dat without your encryption key.
|
|
|
Post by laverne on Nov 21, 2015 21:48:10 GMT -5
Hi Dana, My plan is to make my data unreadable and give the external hard drive to someone else. I am not sure how to encrypt a drive. I do not have Bitlocker on my Win7 Pro computer.
Is it faster to encrypt a drive compared to using the wipe-drive software?
Can a drive be encrypted after the data is there or must it be encrypted before writing the data?
Which software can be used to encrypt?
Thank you.
|
|
drcard
Software Review Panel
Posts: 581
|
Post by drcard on Nov 22, 2015 9:51:49 GMT -5
Hi laverne, Encryption is faster than wiping a drive and yes it can encrypt data already there. Encryption requires a single pass over the data to perform encryption which "rewrites" the stored data in a "code". The encryption key is a "code book" to decipher the data when retrieved. Disk wiping replaces the data with random meaningless 0's and 1's. For the disk wipe method to work it has to perform this rewriting several times. Currently most experts sugguest a 6 or 7 pass wipe. That means it has to rewrite your whole HDD 6 or 7 times, which will take longer than a single pass encryption. Bitlocker was included in the install of Windows 7 Enterprise and Ultimate versions only, but the Bitlocker service is installed on Win 7 Pro setups. The service on Win 7 Pro can only access a HDD encrypted by Bitlocker and can not encrypt a drive. Just like the drive wipe programs you need to look at a third party program and there are many freee ones that do this. Here are a couple ones: TrueCryptTruecrypt is no longer supported as Bitlocker in advanced versions of Windows is used to replace it and the FBI has broken the Truecrypt encryption (takes the best encryption breaking programers and heavy duty hardware; but is still hack proof against all without those resources and expertise). VeraCryptVeraCrypt is another open source program started when TrueCrypt shut down. Think of it as the new TrueCrypt. I have used TrueCrypt with great success, but have not had a need to encrypt an entire HDD since VeraCrypt has been released, so I can not give a personal recommendation for it, but the reviews have been very good. So, the question for you...Disk Wipe or Encrypt. Disk Wipe takes longer but leaves no left over components on your PC like encryption keys and logs. Encrypt is quicker but will leave data on your PC that will take up space (not much, but some encryption like BitLocker will set up a separate partition of 1.5 GB). The choice is yours...save time or save space.
|
|
|
Post by laverne on Nov 24, 2015 15:57:33 GMT -5
Dana wrote: If you are discarding the HDD, then opening HDD and breaking the platters inside definitely prevents any hope of recovery of data on the HDD and takes very little time. ----------
Dana, After much reading and thinking, perhaps the best solution is to physically destroy the HDD. From what I've read it would take hours and hours to rewrite a 250 GB drive. If I use encryption, I still would have to write over the unused area as my deleted files would be there, I believe.
Thanks very much for your time and information. Laverne
|
|
drcard
Software Review Panel
Posts: 581
|
Post by drcard on Nov 24, 2015 19:30:31 GMT -5
Hi laverne,
You have come to the same conclusion I have long time ago....even though I would like someone to benefit and not waste the materials used to make the drive, the effort and lack of a totally secure feeling makes destruction the best answer for me. BTW: I don't take them apart...I smash them with a 10 lb. sledge hammer until bits of the platters shake out the sides (about 4-5 good blows). Be safe and wear eye protection.
|
|
Peter
Software Review Panel
Posts: 174
|
Post by Peter on Dec 4, 2015 11:41:38 GMT -5
I am sure that Dana's proposed software options (rather than the quite sure data destructiveness of a 10-lb sledgehammer) would be pretty effective. But it does seem that using the hardware method makes recycling of the materials in the drive rather difficult to recover. Years ago, I was under the impression that the go-to secure disk wiper was DBAN, which is still free. Apparently, though it does not seem to be effective if you need to wipe SSD's. Does anyone have any experience with this long-established program? More information here: www.dban.org/
|
|
drcard
Software Review Panel
Posts: 581
|
Post by drcard on Dec 5, 2015 10:35:36 GMT -5
Hi Peter,
Cleaning software from the past did and still does what it was suppose to do very good. The problem is that the recovery hardware and software of today has advanced so they can recover data that has been cleaned by these older programs. The reason for this is due to the advances in how HDDs store data. I’ll explain.
First, you must understand exactly how data is stored on a HDD:
Data is stored on a HDD by magnetizing and demagnetizing a area of the platters (magnetizable material of the HDD). Each spot on the platter that can be turned on by magnetizing it or turned off by demagnetizing it is called a bit. A set sequence of these bits (usually 8 for storage purposes) is called a byte. The on and off pattern of the 8 bits in a byte translate to binary code of 0s and 1s to yield a specific sequence such as 10010101. That byte of that specific sequence is decoded by the program that stores and retrieves the data and decodes many of these bytes to display the document, picture, command, or anything that can be converted to code. Thus, the number of these bytes that can be stored on a platter is limited to the space required for each byte. The space required for each byte is determined by the space used by each bit, or the size of the area that is magnetized and demagnetized. Advances in HDD drives comes by being able to decrease the area needed for the bit and thus decrease the area needed for each byte which results in more bytes and thus more storage space. Since the arm cannot actually make contact with the platter because it would damage the platter, a beam of magnetization or demagnetization is emitted by the arm head. This is much like a flashlight beam on a surface that appears as a round spot on the wall. If you draw a circle and adjust the beam so the strongest part of the light is in the circle you will see that some light goes outside the circle but it not as bright (weaker). Thus when a spot on the HDD is magnetized and demagnetized, some weaker magnetism/demagnetism occurs outside the spot (bit area).
How recovery software works:
Simple recovery = The bits and bytes have not been written over and what has been deleted is the address log of what data is stored where on the HDD. This happens when you delete data in Windows or reformat the HDD. It reads all the bytes on the HDD and writes a new address log to access the data that was never deleted.
Complex recovery = Using a special HDD reader that has an adjustable beam setting to read weak magnetism just outside the bit size of the HDD, the reader can detect the magnetism that the spot used to have. The bit may appear to be demagnetized (by the cleaning programs that change the magnetized state of each bit to yield a code that is not your data), but the reader can tell that is used to be turned on. The complex recovery system then can determine the coding of what used to be on the HDD and thus recover the data. Newer cleaning programs try to twart this technology by doing repeated magnetizing and demagnetized the same bit so the weaker area outside the size of the bit area becomes to confusing for the complex recovery software to determine the bit’s original magnetized state. Currently the best is considered 6 passes, but some complex recovery software can reconstruct the magnetism history of a bit from the pattern and amount of magnetism outside the bit area. Placing the bits closer has the outer area of the bits closer so that the magnetism of the outer area of 2 bits interact. This interaction creates specific patterns that greatly increases the programs ability to determine the original magnetism state the bit had and thus the original data that was stored there. It is a leap frog game between recovery software and cleaning software to outdo each other. Thus a cleaning program that prevents any recovery program from recovering data today, may not protect you when a new recovery program comes out that can recover what that cleaning program cleaned. There is NO guarantee that a HDD that was cleaned will stay cleaned and keep the data from being recovered.
Thus my suggestion of destruction….to date there is no reader that can read a platter that is broken into pieces.
|
|
Peter
Software Review Panel
Posts: 174
|
Post by Peter on Dec 6, 2015 3:52:21 GMT -5
Hi Peter, I’ll explain.... Hello Dana: As always, you are clear with your explanation and generous with the time that you take to explain what is so often mysterious to many of us in this ever-changing field of technology. Thank you so much. Now off to the hardware store to purchase that 10-lb sledge-hammer.
|
|