Delete Doesn't Mean It's Gone Part 1

Cleaning (personal) data from HDDs and SSDs

PC-users generate loads of files every day, but how can they be deleted in a safe and final manner? Delete doesn’t mean it’s gone. Even when the recycle bin on the computer is emptied, remnants of the data still remain and are, in principle, recoverable. Therefore, we are going to focus on this topic in this two-part blog post in order to show you how you can safely erase a single file, or the entire hard drive. This will enable you to reliably delete private data and to prepare your computer or hard disk for selling. In the first part, we will detail the difference between HDD and SDD technology, so you can understand how data is actually erased.

The difference between HDD and SSD technology

The familiar hard disk drive is a magnetic storage device. Data is stored on the surface of a spinning metal platter. When information is written, the magnetic surface of the platter is modified into patterns that reflect the data. This pattern can later be read contact-free by a sensor, which transforms it back into readable data. In this blogpost we will focus on internal hard drives, even though our methods will also work with external hard disks. For them, however, there are simpler ways to securely delete data.
In contrast to HDD drives, SSDs rely on flash storage. They are not based on magnetic storage technology, but on a purely electronic storage medium. There are no rotating disks or other moving parts in solid state disks which is why they are not really drives in the actual sense of the word. SSDs are in general more robust and less susceptible to mechanical stress than HDDs.

Methods for secure deletion

To reliably erase an HDD, it is necessary to boot into a different operating system, which does not reside on drive that is to be deleted. Which method is the simplest one? We recommend the software DBAN to completely get rid of unwanted data. It is an independent system that boots from a USB stick or from a CD. To create a bootable USB stick you can use the ‘Universal-USB-Installer’, which will do the heavy lifting for you.
The advantage of using DBAN is its ease of use: You simply have to boot the software and confirm the deletion process. There is no need to install anything. You can find an excellent how-to for DBAN for CD or USB on these linked pages.
DBAN is the right solution to delete entire hard drives, but it cannot erase single files or folder structures. This can be achieved with tools like ‘Eraser’ or ‘BleachBit’, which have to be installed on Windows.

Deleting data from SSDs is different than on HDDs: The special characteristics of SSDs (keywords over-provisioning and wear-leveling) mean that overwriting the data will not guarantee a reliable deletion. Single flash cells cannot simply be overwritten, but must actually be deleted, which is why there is additional hidden space on every SSD to provide a sufficient number of usable blocks (=over-provisioning). One could, in theory, fill up an SSD with zeroes or random values, but some data might still survive the process. The ATA specification ‘ATA Secure Erase’  and manufacturer tools like ‘Security Erase’ remedy this problem.
Since the process to securely delete SSDs is somewhat complicated, we recommend ‘Parted Magic’ (available for a fee), which features these deletion method Manual. It can be booted from CD/DVD or from USB sticks and runs from within the main memory of the computer. Parted Magic also features storage management tools to create images, recover data, and to manage partitions. Experts can use Secure Erase with the command line tool ‘hdparm’ with Linux. We recommend you try this method that should work with all modern SSDs.

Another method to ensure that remnant data cannot be easily recovered is to use strong encryption. More recent SSDs generally always store data encrypted with an internal random key. To delete the data, or at least to make future access much harder, the disk simply has to forget the current key and create a new one. This means that every single cell of the SSD is encrypted, not just single parts of the filesystem. This ensures that there are no remaining copies of any data that can be retrieved with data recovery tools.

Neptun Support

Projekt Neptun offers a ‘Complete Data Removal’ service which includes disposal of your old device at our help points. For Neptun customers the service costs a fee of CHF 25.
If you have any questions about the secure deletion of data, you can always contact us at kontakt@projektneptun.ch.

Closing remarks

In this blog entry we focused on data on hard disks. It should always be remembered, however, that there is data in many other devices like printers or routers. This has been detailed in a cover story of the magazine for computers and technology c’t at the beginning of last June. For a large survey they bought half a dozen used hard drives, three old Android smartphones, and a business printer from people in Germany and Austria. Using recovery tools like ‘Photorec’ and ‘Foremost’, they tried to retrieve data from the previously-owned devices. The authors were able to recover hundreds of thousands of files and folders with original file names, in some cases even without using any specialized software. This real-world test underlines the importance of the secure deletion of data. Even though some of the drives used by the authors in the test were formatted, they were still able to easily recover mountains of data. To explain: Formatting simply means that a hard drive is being prepared for further use as a storage device and has nothing to do with securely erasing data. Reliable and final deletion of data is more complicated and takes some time; time that should be invested for the sake of your privacy. The importance of backing up your data and securely erasing it does not only arise in case of giving away your device for repairs or when selling it, but also if you are lacking space or if your operating system is slowing down. In the next couple of days we will focus in the second part of ‘Delete doesn’t mean it’s gone’ on how you can safely erase a single file. Until then we strongly recommend to take a look at the software we listed above.

_{Picture by Alexei Kuznetsov, flickr}