What’s On My PC welcomes the following Guest Article, “Three Ways to Securely Wipe Files from Your PC” by Christoph Laumann, President & Managing Director, TuneUp.
The TuneUp blog is written by a team made up of certified Microsoft experts, authors, and editors from major computer magazines. The people behind this blog also head up one of the most successful tuning suites around, called TuneUp Utilities.
Three Ways to Securely Wipe Files from Your PC
If you’re one of the many people who upgraded their PCs this holiday season, you’ll likely want to donate or dispose your old ones. However, it’s important to securely wipe critical files that contain personal or sensitive information from your computer before doing so. Windows alone cannot wipe data. Even if sensitive files are deleted using the Recycle Bin, they can easily be restored using various data recovery programs. Here are three simple steps to help you ensure your files are wiped once and for all.
Step 1: Delete Volume Shadow Copies.
Windows creates Volume Shadow Copies of system files and some of your personal data (i.e. files residing in C:\Users\Username). Normally, it’s a great way to restore previous versions of files that may be accidentally deleted. Unfortunately, it’s also a potential liability as these files can be restored.
On a PC soon to be decommissioned, you’ll want to get rid of these Volume Shadow Copies by right-clicking on “Computer” and selecting “Properties”. Go to “System Protection”, select your system drive and click on “Delete”. This will delete all of the previous versions of files kept by Windows.
But beware! The next time your PC is idle, these Volume Shadow Copies will be recreated. If you’re in the habit of safely deleting files, you might just want to turn them off altogether by clicking on “Turn off system protection”. Be careful doing this because it will not only disable the previous version restoration feature—it also disables System Restore and can affect some backup tools (such as Macrium and Paragon) which rely on Volume Shadow Copies.
Step 2: Safely delete files.
To safely destroy data, we’ve created a wiping mechanism called TuneUp Shredder. It uses several algorithms that comply with data security standards and render files unrecoverable.
Here’s how TuneUp Shredder works:
Grab the trial version of TuneUp Utilities 2012. This will add a new context menu item (TuneUp Shredder) to your Windows explorer. Simply right-click on the folder or file you’re trying to securely wipe from your machine, and select this menu item.
Next, choose your algorithm. Keep in mind that it is next to impossible to recover the data, even with the “Fast delete” option, since you’ll essentially be overwriting it. However, if you want to be absolutely sure that this data is rendered irreparable, go with one of the more advanced methods.
Hit “Yes” to delete the file.
Step 3: Completely wipe a drive.
If you’re going to donate your PC, it’s wise to perform a complete wipe of the entire hard disk. In the past, I’ve used and recommend either Active@ KillDisk 5.5 (the Pro version creates a bootable KillDisk USB key that you can use to destroy the data) or Darik’s Boot And Nuke. These tools overwrite your entire hard disk with zeroes or multiple writes of different characters (much like TuneUp Shredder).
Now, while this works well on mechanical hard disks, you’re out of luck if you have an SSD. SSDs’ data gets written and deleted in a very scattered fashion, and neither the user nor the operating system has control over where the actual data is stored—it’s all done by the SSD controller. This whitepaperproves that while some data can be destroyed (either by using some of the built-in mechanisms or third-party tools), in many cases, the data was still intact.
The only SSDs that can be safely wiped are those that include the ATA Secure Erase command. If it does, the Kingston Red Tech Blog provides detailed steps on how to perform a secure wipe of the hard disk using HDDErase (which issues the ATA Secure Erase command to your SSD firmware). If your drive doesn’t support this mechanism, you should try to fully encrypt your hard disk and delete the encryption key. Windows’ own BitLocker (available in higher Windows Vista and 7 editions) is one possible way. If all fails, physically destroy the drive—pure brute force or some pyrotechnics might do the trick.
For additional tips and tricks on securely wiping files from your PC and maintaining system performance, I invite you to visit the TuneUp Blog about Windows.
GEEK BONUS AREA
Hot Hot Hot – The Dangers of Geotagging @ TTC Shelbyville