Prevent snoops from recovering your erased files

You probably know that when you delete a file, you're not really removing the information from your storage device. Instead, you're designating the space taken up by the file as available for storing new data, should it be needed.

A properly motivated person can recover the deleted information. In fact, data recovery tools such as the free Recuva exist for this very purpose. To keep prying eyes from perusing your deleted data, you need to write over the digital bits that comprise the file. That's where secure-erase utilities come in.

(By the way, the process of recovering partially or superficially deleted information is known as data remanence.)

There are plenty of government standards for ensuring that deleted files are truly erased by writing over the data several times (scroll down this Wikipedia page to "Standards" for more info). But for most people, a single pass of random zeros and ones will suffice.

Among the many programs that offer to securely delete the files on your hard drive and other storage devices, two freebies stand out, though in terms of approach, they're polar opposites: Heidi Computers' Eraser and SDelete from Sysinternals.

Drag and drop to wipe out files
Few file-wiping utilities are easier to use than Heidi Computers' Eraser, which has Explorer-like windows into which you can drag and drop the files you want to securely delete. You can also schedule an overwrite of all the available space on a disk or erase individual files in Windows Explorer by right-clicking them and choosing Erase.

The Eraser secure-file-deletion utility lets you wipe out files on demand or schedule free-space erasure.

(Credit: Heidi Computers)

Another right-click option added by the utility is Erase Secure Move, which wipes the selected file from its current location and lets you place it onto another storage device. You can perform the same secure file move by right-clicking as you drag the file to its new location and choosing Secure Move with Eraser when you release the button.

Take the command-line approach
When it comes to free Windows utilities, they don't get much better than the great tools from Mark Russinovich's Sysinternals, which are now the property of Microsoft. Among the programs is SDelete, a command-line utility that securely wipes files, directories, or the unused space on a disk.

First, open a command prompt: in Vista, click Start, type cmd, and press Enter; in XP, click Start > Run, type cmd, and press Enter. At the command prompt, type sdelete, enter the operator for the desired action, and specify the file, directory, or drive to be acted upon. How straightforward can you get?

In addition to wiping files and directories, you can use the sdelete command to overwrite the free space on a disk and specify the number of passes used to obliterate the data. You'll find more information about the program on Microsoft's TechNet site.

[veritysystems]

Government agencies recommend DEGAUSSING (magnetically erasing) a hard drive before destroying/crushing it, to be absolutely sure that data cannot be recovered from the hard drive. Although, this will usually render the hard drive inoperative and unusable, the cost of a replacement hard drive cannot be compared to the cost to a company if potentially sensitive information can be read by a third party. (Editors' note: Spam message removed.)

[xcal78]

Thanks for the info but it doesn't pertain to the story above at all. The story is covering single or multiple files on a working system not destroying a drive.

[alegr]

Good luck with degaussing the modern magnetic coating... I don't think you can afford such badass magnet.

[karpenterskids]

Question: if you're about to be taken to court over some possibly illegal material on your hard drive, and they find one of the above programs on your computer...are there any consequences for that, even though there's no way to prove that you ever had illegal files beforehand?

[Lerianis]

No, there is not. They would have to prove: 1. That the files were at one time on your computer, and 2. That you erased them with the thing in question. It is INNOCENT UNTIL PROVEN GUILTY in this country, contrary to popular belief on the part of the police.
I know this from experience: I was accused of trading CP, and I allowed them to search my computer, which I had this Heidi IE program on...... didn't raise ANY eyebrows with the people in question from the FBI who came to my home.

[karpenterskids]

Wow, thanks...that's good to know, if that's the case!

Just to be absolutely certain, though, is there any government page I can use as a second source for this?
I'd like to see it in writing.

[ccyrowski]

Tampering with evidence, obstruction of justice - especially if you've been ordered to maintain the hard drive. Ultimately though, they should have a warrant to search it and it should already be in their hands. Otherwise it's your personal property and you can do what you please with it. Plus it makes you look guilty as sin.

[Lerianis]

Actually, using a erasing program when the police have not come to your home or even afterward does not make you look "guilty as sin". In fact, many courts will not even allow it to be brought up in court, because it is 'prejudicial' to the case in question and has no redeeming value as evidence.
The only thing it shows is that you are a security nut.... NOT that you were doing something illegal.

[karpenterskids]

Both of you have interesting points...which is why I'm still not sure WHAT to believe right now.

If I was a judge, I know I'D definitely find it interesting if a person had a permanent-erase program on their hard drive.
However, if it's not allowed to be brought up in court...then once again, that changes everything.

[Greg5A]

Using Sdelete sounds a lot like using the old arcane DOS commands--which I haven't done in a long time. I'm sure lots of people understand an expression like "...enter the operator for the desired action..." I'm not sure exactly what this means. How about an example to clarify the process? Much to my chagrin, I can't find my old Peter Norton book on using DOS commands, so I'd definitely appreciate some further explanation. Thanks.

[Fire Balls]

DOS is old.. but command line is not!. There are many things with any OS that can be done more effectively from the command line then with any other interface. Also there are normal some things that can only be done from the command line and more commands and options are being added all the time. Don't get me wrong I love a good and effective GUI as much as the next guy (example windows 7 GUI) but there is no substitute for the raw power you have over your OS from command line.

[mjn507]

Sdelete has several different uses. Here are the command line switches, straight from the program:

C:\>sdelete

SDelete - Secure Delete v1.51
Copyright (C) 1999-2005 Mark Russinovich
Sysinternals - www.sysinternals.com

usage: sdelete [-p passes] [-s] [-q] <file or directory>
sdelete [-p passes] [-z|-c] [drive letter]
-c Zero free space (good for virtual disk optimization)
-p passes Specifies number of overwrite passes (default is 1)
-q Don't print errors (Quiet)
-s Recurse subdirectories
-z Clean free space
** end

To delete all files on a drive or folder and subdirectories: sdelete -s e:\*.* or sdelete -s e:\folder\*.*

To write zeroes to the drive's free space: sdelete -c c:

When I do a full system defrag, I run cleanmgr, sdelete, then defrag. That will optimize the drive. There are better ways, but that's the order I do it.

[walwebster]

I took a quick look at Recuva, but dropped it like the proverbial hot potato when I noticed that the installer also requires you to agree to install the Yahoo! toolbar ... oh, yes, and to agree to one day pay for it if Carol Bartz should ever decide that they should be charging for its use. (I didn't notice any offer to compensate such inadvertent users for the screen real estate whose use would have to be foregone in the interim, however.) I think CNET ought to be distancing itself from such shady marketing as tie-in product placement by stealth.

[AppleSuxLeo]

Opening the drive and destroying the disks is fail-safe.

[tcr071]

I have found the best way to make sure my erased files are safe is to drill 7 or 8 holes into my hard drive then throw it into my lit fireplace.