How can I securely erase my computer's hard drive before disposing of it?

  • Thread starter Thread starter FishmanGeertz
  • Start date Start date
  • Tags Tags
    Computers
Click For Summary

Discussion Overview

The discussion revolves around methods for securely erasing a computer's hard drive before disposal, exploring various techniques and opinions on data recovery and security. Participants share their thoughts on the effectiveness of different erasure methods, including software solutions and physical destruction.

Discussion Character

  • Debate/contested
  • Technical explanation
  • Exploratory

Main Points Raised

  • Some participants question whether computers log every keystroke and express concerns about the potential for keyloggers to capture sensitive information.
  • Others clarify that keyloggers only record keystrokes made after activation and that computers do not inherently log all keystrokes.
  • There are suggestions that using a registry cleaner like CCleaner may help clear certain data, although the registry itself does not store keystrokes.
  • Some participants propose extreme physical destruction methods, such as using thermite or drilling holes in the hard drive, to ensure data cannot be recovered.
  • Others mention software solutions like the "7-Pass Erase" option on Mac OS, which is said to meet certain security specifications for data erasure.
  • Concerns are raised about the effectiveness of multiple formats in permanently erasing data, with some expressing skepticism about the ability to recover data after such processes.
  • There are differing opinions on the sufficiency of methods like the 7-pass erase for general users versus the need for more extreme measures against sophisticated recovery efforts.
  • Participants discuss the potential for data recovery from hard drives that have been physically destroyed, noting that while it is difficult, it may still be possible under certain circumstances.
  • One participant mentions using Darik's Boot and Nuke as a method for wiping data, emphasizing the importance of ensuring no unintended drives are connected during the process.

Areas of Agreement / Disagreement

Participants express a range of views on the effectiveness of different data erasure methods, with no clear consensus on the best approach. Some advocate for physical destruction, while others support software-based solutions, indicating ongoing debate about the most secure methods for data disposal.

Contextual Notes

Participants discuss various assumptions about data recovery capabilities and the effectiveness of different erasure techniques, but there is no resolution on the absolute security of any method mentioned.

FishmanGeertz
Messages
189
Reaction score
0
Does your computer contain a log of literally every single keystroke that has ever been performed in the entire history of that machine's use? If you bought something off amazon.com and used your credit card three years ago, is your credit card number permanently logged somewhere on your computer? Would a malware key-logger be able to read that number typed into your machine three years ago?
 
Computer science news on Phys.org
No. Keyloggers only log keystrokes made after it is activated. The computer does not log information like that on it's own. Too much info with no need to use.

However, you can tell your web browser to log information like credit cards so that they can be quickly auto-filled into sites where you purchase things. However, you can turn that off and erase the data, but if it's not on it's not keeping that data.
 
Pengwuino said:
No. Keyloggers only log keystrokes made after it is activated. The computer does not log information like that on it's own. Too much info with no need to use.

However, you can tell your web browser to log information like credit cards so that they can be quickly auto-filled into sites where you purchase things. However, you can turn that off and erase the data, but if it's not on it's not keeping that data.

Would running a registry cleaner like "CCleaner" once every day clear this data from your system?

I don't have any personal information stored anywhere on my PC for these reasons. I was just asking if your computer kept a log of literally every single keystroke which has ever been performed.
 
FishmanGeertz said:
Would running a registry cleaner like "CCleaner" once every day clear this data from your system?

I don't have any personal information stored anywhere on my PC for these reasons. I was just asking if your computer kept a log of literally every single keystroke which has ever been performed.


No, the registry does not store information like that. As far as I know, it just tells programs where everything is at and certain settings.

And no, it does not store your keystrokes.
 
If you're paranoid, you can encrypt your system, or even reload a fresh image nightly.

When you're done with it, use thermite to melt the hard drive to slag.
 
jhae2.718 said:
When you're done with it, use thermite to melt the hard drive to slag.

I've actually been told (by a 4th year computer science major specializing in security) that the only way to properly dispose of a hard drive so no information can be collected off it is to format, then drill holes into it. Definitely surprised me, especially because I was under the assumption that if you format your drive enough times the data is gone forever.
 
KrisOhn said:
I've actually been told (by a 4th year computer science major specializing in security) that the only way to properly dispose of a hard drive so no information can be collected off it is to format, then drill holes into it. Definitely surprised me, especially because I was under the assumption that if you format your drive enough times the data is gone forever.

Why drill holes into it? I mean, if you want to start talking power tools, then sure, drill a hole, go at it with a hammer, grab a saw, whatever.

If you get a high powered magnet you can pretty easily ruin everything on the hard drive as far as I know.
 
Pengwuino said:
Why drill holes into it? I mean, if you want to start talking power tools, then sure, drill a hole, go at it with a hammer, grab a saw, whatever.

If you get a high powered magnet you can pretty easily ruin everything on the hard drive as far as I know.

I think the drill holes bit was just an example to do anything you just mentioned there. Essentially you must destroy it.
 
Pengwuino said:
Why drill holes into it? I mean, if you want to start talking power tools, then sure, drill a hole, go at it with a hammer, grab a saw, whatever.

If you get a high powered magnet you can pretty easily ruin everything on the hard drive as far as I know.

Running a powerful magnet over the hard drive should do the trick!
 
  • #10
KrisOhn said:
I've actually been told (by a 4th year computer science major specializing in security) that the only way to properly dispose of a hard drive so no information can be collected off it is to format, then drill holes into it. Definitely surprised me, especially because I was under the assumption that if you format your drive enough times the data is gone forever.

Under Mac OS, you can erase either the entire disk, or only the free space on it, using a "7-Pass Erase" option which writes different things on the disk on each pass. It meets a U.S. Department of Defense specification (5220.22-M) for securely erasing magnetic media. Actually it goes beyond that spec, which calls for only three passes.

You can also do a 35-pass erase.

For details on what gets written to the disk in each pass for both methods, see

http://support.apple.com/kb/HT3680
 
  • #11
It's pretty amazing how data can be recovered from hard drives that would appear to have been destroyed.

I've heard stories that the NSA et. al. run old hard drives through shredders and then incinerate them.
 
  • #12
jtbell said:
Under Mac OS, you can erase either the entire disk, or only the free space on it, using a "7-Pass Erase" option which writes different things on the disk on each pass. It meets a U.S. Department of Defense specification (5220.22-M) for securely erasing magnetic media. Actually it goes beyond that spec, which calls for only three passes.

You can also do a 35-pass erase.

For details on what gets written to the disk in each pass for both methods, see

http://support.apple.com/kb/HT3680

I actually asked her about the 7-Pass Erase system and she said that there were ways to recover the lost data yet. I didn't get anymore information since it was the end of a meeting and we went our separate ways. After reading what Apple said about that X-Pass system, I am a little skeptical that data recovery after that is possible.
 
  • #13
It's pretty amazing how much data can be recovered if you spend time and money on it.

But it's pretty hard to recover data from a hard drive that's been melted.

In the end, it comes down to a question of whom you're trying to keep data from. For most people, the 7-pass erase algorithm or an equivalent is sufficient, but if you want to prevent a government agency or someone with a lot of resources from recovering data, thermite's the way to go. (It's also more fun. :wink:)
 
  • #14
jhae2.718 said:
It's pretty amazing how much data can be recovered if you spend time and money on it.

But it's pretty hard to recover data from a hard drive that's been melted.

In the end, it comes down to a question of whom you're trying to keep data from. For most people, the 7-pass erase algorithm or an equivalent is sufficient, but if you want to prevent a government agency or someone with a lot of resources from recovering data, thermite's the way to go. (It's also more fun. :wink:)

Pfft, thermite is the only way to go.:approve:
 
  • #15
Pengwuino said:
Why drill holes into it? I mean, if you want to start talking power tools, then sure, drill a hole, go at it with a hammer, grab a saw, whatever.
How I keep my farm animal porn from falling into the wrong hands.

LJ060401drive.jpg
 
  • #16
I use Darik's Boot and Nuke on my hard drive whenever I format. It's a boot CD that will wipe the data from any drive it sees. If you use it, be very careful that you physically disconnect any drive that you don't want wiped.

As far as recovery of deleted data goes, simply deleted files are trivial to recover. However, data that has even been overwritten once is destroyed. No organization has ever publicly recovered overwritten data on a modern (newer than 2000) drive. Could the NSA recover some overwritten data from a HDD using a scanning electron microscope and millions of dollars? Maybe, but your data isn't that important.

I recommend you use full disk encryption, like Truecrypt. That will keep your data save even if someone steals your laptop or HDD. Then when you format use Darik's Boot and Nuke. A single pass is fine, but feel free to use the DOD standard 7 pass if you are paranoid. Physical destruction is unnecessary and a waste of good hardware.

The whole multiple pass thing comes from a paper published by Guttman in the 90s when data density was much lower and thus it was more likely that an overwrite wouldn't completely eliminate the original data. His paper, along with several epilogues is here:
http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html

If you are concerned with this I recommend reading it.
 

Similar threads

What is the NWJS virus and how can I protect my computer from it?
  • · Replies 17 ·
Replies
17
Views
7K
How do encrypted USB flash drives work and how can we make them more secure?
  • · Replies 7 ·
Replies
7
Views
3K
Is Alan Turing given too much credit when it comes to computers?
  • · Replies 29 ·
Replies
29
Views
6K
How do I fix 100% CPU usage with explore.exe on my Vista computer?
  • · Replies 2 ·
Replies
2
Views
8K
What could be causing my wireless network to keep dropping and how can I fix it?
  • · Replies 4 ·
Replies
4
Views
5K
Advice how to up my scientific computing with I-pad and otherwise.
  • · Replies 9 ·
Replies
9
Views
3K
Requesting suggestions for languages, libraries, and architectures for parallel (and sometimes non parallel) numerical and scientific computations
  • · Replies 8 ·
Replies
8
Views
5K
Graduate BRS: PKI Cryptosystems for SA/Ms: A Tutorial
  • · Replies 13 ·
Replies
13
Views
4K
Oh no the government saw what I read, shut up, you don't care
  • · Replies 7 ·
Replies
7
Views
3K