Kill your data dead with these tips and tools
There are lots of ways to obliterate sensitive data from of your drive: blast furnaces, degaussers (magnet field generators), sledgehammers, and secure-deletion software among them. These tools vary in effectiveness—especially as applied variously to hard drives, solid-state drives, and USB flash drives—and in the subsequent usability of the drive.
For the sake of argument (and a more interesting article), let’s assume you’d like to preserve your drive’s functionality. This rules out violence and degaussing, which, though wonderfully effective and perhaps therapeutic, will render a drive useless. Excluding those options leaves you with a choice between software and software-combined-with-firmware methods.
Free secure-erase utilities
You can easily erase an entire hard drive or SSD by using any of the free utilities listed below. All invoke the secure-erase (sometimes called quick-erase) functions integrated into nearly every ATA/SATA drive produced since 2001. By and large it’s a great feature, but using it on older drives has some potential pitfalls, such as buggy implementations, an out-of-date BIOS, or a drive controller that won’t pass along the commands. You might also need to fiddle with the ATA/IDE/AHCI settings in your BIOS, and in most cases the drive should be mounted internally.
I’ve never had a problem secure-erasing a hard drive, but about a year ago I did brick a Crucial M500 SSD. (A firmware problem was probably responsible for this disaster; Crucial accepted the drive for return but never told me why the hardware had gone belly-up.) An enhanced secure-erase operation overwrites a drive’s housekeeping data as well as its normal user-data areas, but at least one vendor (Kingston) told me that its normal secure-erase routine does both, too. In the bad old days, running a secure-erase on some SSDs sometimes left data behind.
Depending on the controller you use (notably SandForce), a secure-erase can be cryptographic or physical. If a drive is encrypted—and some are by nature—a secure-erase operation simply deletes the encryption keys, and then regenerates them. Without the original keys, the data is useless. A physical erase involves zapping the drive’s magnetic particles or NAND cells back to their default state.
To entirely avoid the danger of erasing the wrong drive in a multiple-drive system, you should power down, disconnect all of the drives except the one to be erased, and then boot from a CD or a flash drive with the utility that does the job. I learned that lesson the hard way.
Linux-based boot disc Parted Magic (formerly donationware, now free to use but $5 to download) has many features, including a file manager and a partition manager. It’s handy for recovering data and operating systems, but it also has a link on its desktop to DiskEraser, a simple utility that will erase your drive or invoke the drive’s own secure-erase routine. Parted Magic is basic and lightweight, and it will work with any drive. In fact, several SSD vendors recommend it—though the recommendations date from when it was completely free.
Little, command-line-lovely HDDerase.exe isn’t for inexperienced users—it’s a bit too geeky and can require multiple steps. Another drawback of the app is that it can’t bypass the frozen security stat that most modern drives employ to avoid malware erasures. But otherwise it invokes the secure-erase function just fine. It also comes in .ISO form, so you can burn it to disc or create a bootable flash drive from it.
Note that the NSA sponsored HDDerase. Yes, the folks there like to secure as well as monitor data. Not to mention dip their hands into open-source security projects. Interpret that historical nugget as you will.
Most drive vendors provide a utility that can run S.M.A.R.T. diagnostics to check drive health, update firmware, and invoke a drive’s secure-erase routine. Odds are you’ll have to sign an agreement accepting that the tool may brick your drive—but hey, that’s life in the big city. A short list of such utilities includes Data Lifeguard (from Western Digital), Drive Fitness Test (from Hitachi), OCZ Toolbox, Samsung Magician (SSD only), and SeaTools (from Seagate).
For hard drives only: Block-overwrite software
Block-overwrite software is more versatile than the secure-erase command because it lets you wipe data from a hard drive while leaving the operating system, program files, and other keepers intact. Unfortunately, this type of software is ineffective on SSDs or USB flash drives, and in many cases it can’t wipe a hard drive’s HPA (Host Protected Area), which contains data about the low-level organization of the drive. That said, with high-powered algorithms and multiple passes, it will effectively render your data unreadable even when subjected to all but the most expensive forensic techniques.
O&O SafeErase 7 ($30, free demo) is a jack-of-all-trades that can remove individual files and folders or erase entire partitions and disks. Like the previously reviewed PrivaZer, SafeErase scans your hard drive for possibly sensitive files, presents them to you for inspection (or you can elect to accept its assessment across the board), deletes them, and then wipes them. SafeErase did a good job of finding sensitive stuff while ignoring what I wanted to save, and it includes options on general types of files to look for.
SafeErase can also wipe free space (erasing the tracks left by deleted files) and your entire computer (all drives, everything), though those options aren’t available in the demo version. But the $30 that O&O charges for those extra features may money well spent if you want to maintain a clean system. SafeErase is a nicely realized, versatile data-destruction program.
MediaTools Wipe 1.2 ($99, free demo) is all about erasing a lot of hard disks with minimal fuss. It’s designed for professionals who erase in bulk and will dedicate a (rather powerful) PC to the task. MediaTools Wipe 1.2 can handle up to 18 drives at once, all presented in a convenient console view. The program has its own wipe routines, but it can’t invoke a drive’s own secure-erase routines.
MediaTools Wipe 1.2 has so many handy features (user-definable erase patterns, smart handling of bad blocks, and so on) that I can’t mention them all here. Check out our review of the functionally equivalent version 1.1. You’ll likely dedicate a PC to it, so the $49, single-seat technician’s license will suffice for most situations. However, $500 single-site and $1000 multi-site licenses are available for the corporate crowd.
The handy and free Eraser 6 utility deletes files, folders, and free space on a schedule. It’s just the thing for users who want to maintain a minimal data presence on their PC. You must know what you need to erase, since Eraser 6 doesn’t have automatic selection of sensitive data, as O&O SafeErase and PrivaZer do. But Eraser 6 does have a large array of government-level algorithms to choose from, and it’s super-simple to use.
Active@ KillDisk is available in a free Windows edition and a DOS (boot disc) edition. Either will overwrite free space or entire partitions with a single pass of zeroes. To obtain its more advanced features and algorithms, you’ll need the Active@ KillDisk Pro, which costs $40 for Windows, and $50 with the pro-DOS version thrown in. KillDisk won’t invoke a disk’s secure-erase routine, and it doesn’t have any smarts: It doesn’t detect and delete sensitive data such as browsing records, downloads, and program caches.
Active@ KillDisk is very effective as far as it goes, but most users will be just as well off with the free Eraser 6—or better off by paying less for a program that automatically selects and deletes sensitive data and wipes free space. Then again, if you run Piriform’s CCleaner before KillDisk (or Eraser 6), you’ll have a very effective data-killing combo.
Wiping SSDs and USB Flash drives
Block-overwrite software isn’t reliable with NAND-based media because of the voodoo that flash-storage controllers use when writing and deleting data. Im sorry I can’t be more specific about what actually happens, but controller vendors are loath to talk about such things, lest they give away a competitive advantage.
That said, SSDs that support the TRIM command and run under a TRIM-supported environment (Windows 7 and 8, OS X 10.6.8 or better, Linux 2.6.28 or better, plus a modern BIOS and drive controller that pass on the command) should wipe deleted data continually. Note that I said “should.”
Ideally (for security purposes) an SSD’s garbage collection routines, invoked by the TRIM command, would quickly erase the NAND blocks formerly occupied by your file. The whole reason for TRIM is that NAND must be erased before being rewritten. If a drive runs out of clean, unwritten blocks and must erase previously used blocks immediately prior to writing to them, performance suffers drastically.
Unfortunately, from what I could glean from data recovery experts such as strategic technical alliance manager Chris Bross of DriveSavers and SMB partner manager Leon Feldman of ACE Data Recovery, some disk vendors put off block erasures for long periods of time or until they’re forced to resort to them. Sad but true: You can’t rely on housekeeping to remove data. Even sadder, there seem to be no utilities that will force the garbage collection. That seemingly simple solution has so far been ignored.
USB flash drives don’t support standard ATA secure-erase or TRIM—so unless you’re using a secure, encrypted type, you’ll need to contact the vendor for an erase utility.
You could overwrite the entire drive or just free space with files. This will work to a point, but—especially on SSDs—some blocks used in over-provisioning and marked as bad can’t be copied over. They may retain data you want to erase.
In the end, the only sure way to remove all unwanted sensitive data from the free space on an SSD or USB flash drive while retaining the data you still want is to back it up (use imaging if an operating system is involved), secure-erase the drive, and then restore the desired data. Sigh.
And when that’s not enough...
All the methods and programs I’ve described will work great for the average user. That said, forensic data recovery technology has come a long way. Normal affordable methods won’t counteract anything I’ve discussed. But if you have a formula for cold fusion, or a trade secret that will topple the global economy overnight...go for the degausser, the hammer, and then the blast furnace. You can’t be too sure.