Slashdot Mirror

This does the job, with options aplenty, free and open source: http://eraser.heidi.ie/ Personally I never resell any drives whatsoever, I would rather keep obsolete drives in a drawer.

You'd think a CIA super-spy would have some neat tracking tricks in a guaranteed-to-be-leaked memo, but a visual inspection of the code shows nada, and as for hidden Unicode characters: nope.

Being ex-CIA doesn't make you a computer nerd. And being IN intelligence, apparently, does not guarantee any actual intelligence. (I mean, is this an example of the kind of slick intelligence work that won us the cold war? I mean, geeze! Who mass emails something he wants kept secret? It's really a no-brainer. Pun intended.)

It just means that you're an ex-spy... ...who, admittedly, should be able to get his hands on a top-notch electronic forensic expert. (That's VP territory too, so no excuses if he doesn't.)

I mean, all the WhistleBlower has to do is resist the urge to leak any other emails, and hope that the blogger was intelligent enough to destroy all traces of the original email he received, specifically it's headers. (I would not recommend making any additional contact with the blogger, seeing how basically any system can be penetrated by an intelligent enough, persistent enough, talented enough, and informed enough group people.)

My advice to the whistleblower is: Stay pat. Hopefully you've already cleaned up any tracks you may have laid. Don't change your routine, if you have any frowned-upon, but not fire-worthy things that you do, keep doing them. A small guilt may do well at diverting attention from a larger one. Most importantly, don't appear scared or nervous. The name of this game is to play it cool. Don't accuse anyone else, or try to appear too squeaky-clean, both can actually make you look suspicious. Quit if you really want to, but know that will peg you as the whistleblower. And whistleblowing is NOT a sought-after skill in this (or any) job market, and count-on every potential employer on finding out about the whistleblowing. Even alleged whistlebowing will kill your career because they won't take that chance.

My advice to the blogger is: If you care about your source at all, delete every trace of the original email that contains a copy of it's headers. Forward it to yourself, after removing all identifying information. Then, after you've deleted it, if you use Outlook, compress your PST file. Your IT department will know how to do it. That will guarantee that the original email gets overwritten. Then buy or download a program like Eraser, that can do a military grade wipe of the free space on your hard-drive. Lastly, shrink your swap-file as small as you can make it, and wipe the drive again. Paranoid? Geh-Yah! Overkill? Possibly. Necessary? Well, how would you feel if he came under retaliation like being sued into the poor house, never getting another non-food-service job again, or even criminal prosecution? And MORE importantly, how would your fans feel about it? I mean, this guy Quinn may look and sound like a joke, but many a LOL-worthy individual does take themselves very seriously (just another part of their LOL-worthyness), and can become no joke to deal with. ESPECIALLY when people are laughing at them.

My advice to Mr. Quinn (who, BTW, looks extra-scary in his chubby-cheeked photo in TFA), would be to implement some illegal program, let the workers get used to it, and then send out what looks like a mass, company wide, email that not just implicates himself, but actually lay's out the instrumental role he himself played in it's conception, planning, and implementation. That seems to me to be something the whistle-blower just couldn't resist. But instead of sending ONE email to the entire company, use Outlook's (you DO use Outlook, don't you?) programmability to send ONE email to each individual employee, whilst placing an extra period (or some other character) in a different spot in each email, allowing anyone who reads the email, and has the key, to identify it's intended recipient.

If you've provided a juicy enough bait he'll fall right into your trap, and leak it again! Guaranteed!

Grab a copy of http://www.heidi.ie/eraser/

Drag all the files and folders you need to delete in

Right click - Run all

Goodbye files.

Edit > Preferences > Erasing if you feel the need to get tricky about it. For pure speed try 'only first and last 2KB', run the erase (this will delete all of the files) then use the 'Erase white space' to clean all deleted files on the PC.

You should 'erase' your recycle bin and the disk blank space anyway. Otherwise any files 'deleted' (marked as deleted) by windows could still be recovered.

OK so you've done nothing wrong and just want to ensure your personal data is removed. Delete everything you know of. Clear cache and cookies. and reset IE settings including personal data. Also do the same with any other browsers you have. Run Spider scan as described here this should pickup and cc/bank details you might have missed and plenty of false positives too but you should be safe to remove all. Then ensure recycle bin is empty and run eraser to erase free space and choose to erase cluster tips and one of the DoD levels of wiping just to be sure. This should do the trick

Eraser for Windows is probably what you want. Though if you can't install anything, sdelete is probably more useful.

Use the Eraser available at http://eraser.heidi.ie/. It's a free GNU GPL open source HDD wiper available for Windows systems. If your drive is not windows based, format it in NTFS, and plug it into a Windows machine as an external drive and use the Eraser to wipe it clean.

Deleting a file should tell the OS that I don't need that data.

It does exactly that, by removing pointers to the data, and marking the blocks available (via normal means).

Just like tossing an old shirt in the trash makes it inaccessible after the trash man picks it up, but does not shred the shirt
to rags, file systems simply make it unavailable without heroic methods. Trash pickers can, and in some cases do, salvage all sorts of things from trash.

Actual erasing things would slow down your computer quite a bit. There are software packages you can obtain to do this if you are paranoid that your computer is likely to be seized.

In addition other operating systems such as Linux have a built in "Shredder" see: man (1) shred
This is variously incorporated into Graphical file managers in some versions.

"The requested URL (eraser.heidi.ie) was not found."

Methinks you meant eraser.heidi.ie.

Now if only we could get the computers to erase the child porn before displaying it on the screen....

I used Eraser http://eraser.heidi.ie/ back when I used Windows.

Talking about Windows, Format DOES NOT WIPE THE DRIVE. All a full format does is set up the file system, and does a read verify. It does not overwrite data portion of the partition.

A good tool is Eraser. http://eraser.heidi.ie/ Use it to securely wipe specific files when no longer needed. As well it allows you to wipe free space on the disk at any time, allowing you to wipe previously deleted files.

If the computer is deemed surplus, and you want to prepare the computer for resale, A PLAIN FORMAT IS NOT ENOUGH. That is how so much sensitive information is found on surplus computers. The data is still on the disk. Wipe it using a tool like DBAN http://www.dban.org/

As far as reading residual data, some people claim 35 passes blah blah blah. This is referencing Gutmann's work, which focused on old drives. It is not applicable on new drives with different encoding techniques and extremely high data densities, and he has said on new drives a single pass of pseudo-random is enough. Anything extra is a waste of time. http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html (read the epilogues)If there is truly confidential data on the disk, the only safe method is physical destruction to ensure nothing resides on remapped sectors, etc. Now, particularly if you have laptops, encryption of customer data is a good preventative measure, as overwriting of surplus hard drives does not help you when a laptop with customer data is stolen from an airport. Truecrypt http://www.truecrypt.org/ is a good encryption solution, though you need some 'workarounds' if you wish to be able to unlock users that have locked themselves out of their container file. It can also do full disk encryption (as can Windows Ultimate/Enterprise)

http://eraser.heidi.ie/ Eraser.

Secure erases files, and wipes unused HD space, as securely as you like.

Eraser has a scheduled task mode.

I just downloaded: Eraser. I'm running the erase free space on all my drives now. Let them come for me. If they say I am destroying evidence I will counter with innocent until proven guilty. I am enhancing my privacy in case totalitarian-ist thought comes and tries to railroad me into something I am not guilty of.

Try Eraser

Works fine for removing data. Might not work if advanced forensic techniques are used.

Most thieves don't have access to those forensic tools. And I'm assuming you don't need this level of protection. I'm assuming you're not trying to obfuscate your illegal Tracy Lord mpegs.

Method 1: Use a "nuke disk" created from something like Eraser to secure erase the entire drive.

Method 2: Dismantle the drive for the cool rare-earth magnets, and use the shiny platters to adorn your refrigerator or as signalling mirrors.

I wonder how it deals with wear protection mechanisms.

Flash-based memory media are a true bastard to recover deleted data from. As long as you're using filesystem, moving files around and so on, everything is just dandy. But when you try to access raw media, unused space, it becomes messy. Mapping of a sector of the media to a set of memory cells may change without notice, sectors get reordered and so on. As long as you're in userspace, this is entirely transparent, but down by the hardware, where you work to recover the deleted data, it becomes a serious problem.

One of reasons why tools like Eraser are useless for flash media.

Doing this is labor intensive. Ask me how I know. USB or Firewire enclosure. I doubt that the improved speed of Firewire will make much difference with older drives and USB is more common. For Windows I like Eraser from http://www.heidi.ie/eraser. It's FOSS and allows you to configure erasure patterns that suit your level or paranoia or you can use one of the supplied patterns which include two Uncle Sam mil spec standards. Each pass of pseudo random noise takes about a minute per gig on an ATA100 device. I have run several tests and verified the results using disk investigator.

For really large files in fact (13GB or more!) deleting the file can take over a minute on most IDE based disks!

The problem with ext2/3 and large files is that it has bad performance with large files. Same thing with ReiserFS. These two filesystems are better for large numbers of files. JFS or XFS work better with large files.

What I'm saying here is that maybe there's something in Vista's new version of NTFS that has a similar limitation. Or perhaps the Windows 2000 behavior of zeroing sectors when deleting files has been expanded to overwriting with bit patterns randomly to make it more "secure".

Maybe there is a scrambling now built into Vista that takes it so long. I use Eraser to secure delete files and it takes a while to overwrite a file 53 times. Unless the user really needs it, a half attempt at data security shouldn't add this much inconvenience to the user.

Eraser (GPL): http://www.heidi.ie/eraser/

> Eraser can (and will) destroy your install even if you do everything properly.
>
Eh, no it won't. I have been using it (and recommending it to friends and co-workers) for years without any problems at all. I've also seen numerous endorsements for it in security/privacy forums.

Eraser is an excellent utility. Please do not spread FUD.

BTW, the code is maintained here http://www.heidi.ie/eraser/ these days.

No, it's still free and open sourced; everything else from that company/site isn't though.

Eraser Main Site
Eraser Sourceforge page

Eraser

http://www.heidi.ie/eraser/

There's a Firefox plugin that does the same thing. Stealther claims to do the same thing, but what I don't know is how well it really covers its tracks. A forensic investigation into a hard drive can easily reveal browsing history, even if one cleans his or her history and deletes cookies, etc. I have heard of a browser that actually "shreds" this information (similar to Eraser but I can't seem to find any information on this browser.

Thank you for that information. I regularly Erase my harddrive after deleting financial documents, and once in awhile just to erase web surfing cached stuff. I ALSO erase stuff I have reason to believe is a copyright violation, so if someone were to do a forensic examination of my harddrive, they'd see lots of sectors that have obviously been erased (random HDD noise is just noise; erased sectors have very clean sets of 1's and 0's).

When I saw this article, I wondered what the burden of proof would be - is the mere existence of Erasure software proof of wrongdoing? Obviously not, but it would SEEM to be given the standard of judgement used by the judge in this case.

So your post is helpful. If I had mod points I'd mod you 'informative.'

You can add one more step to improve security on USB drives in your scenerio, but it comes out of the USB drives life expectancy.

Get a program like Eraser (free, but for MS operating systems). Choose erease free space after installing. This will fill the remaining space on the drive with files, then overwrite them to the security level you choose. I would recommend only doing a single pass psudeorandom free space wipe, but do it every time before you remove the drive from the computer.

Is there any spec's on what encryption type/standard U3 is using?

Here's a free one that is DOD compliant: Eraser

The Eraser program is an excellent and free way to securely wipe your hardrives prior to sale of your computer in addition to providing everyday secure wiping services including secure file deletion, free space, and swap file wiping w/multiple overwrite pattern options. I have no financial interest in this company whatsoever, but I have found this program to be a useful addition to my toolbox so you may want to check it out.

IANAL - But i used to work for a bunch... legally speaking you should install eraser and allow it to wipe nightly/weekly then this isn't an issue. If you do it on a regular schedule... your more likely to be legally covered. For example: You destroy a bunch of files before a warrant comes to you... you are busted, but if you destroy your files, one per night every night as normal upkeep you have the same nothing as before... but you arent in trouble cause its scheduled destruction. similar to insider trading: scheduled sale vs. impromptu trading. If you sell just to sell... and the stock takes a dive or jumps.... you could be liable for insider trading (assuming you have insider info). But if you sell a certain amount every month.... you cant be hurt in court no matter what jumps its doing. wipe that hard drive every night....OR do not store the contact info on their computer and you are fine just say you like paper records or a roledex.

The program Eraser will do that for you.

Yes, you are correct, formatting does not always remove the data. I think law enforcement may have the tools. However if he had an erasing program like Eraser, it would securely wipe out his data. It writes over the exact data bits 53 times to ensure no one could ever recover the data.

On Windows, I use Eraser: http://www.heidi.ie/eraser

If you are using Windows, then you have to have Eraser.

I would recommend trying Eraser, which is free, easy to use and seems quite credible.

With it you can erase everything on a disk or just unused space or selected files with selectable number of patterned overwrites (not just 1 or 0). Supports the elsewhere-mentioned "Darik's boot and Nuke method". Integrates very nicely and non-obtrusively into MS operating systems.

With the risk of sounding like a fanboy: Recommended :)

An old PC and a copy of DBAN works just fine for me. But while I do decommission drives with HIPAA in mind, I don't do more than a few every year.

But I like that USB-IDE idea... in combination with the GPL'd Eraser it should make wiping old drives a lot easier for me, and let me get rid of that dusty dinosaur I keep around for wiping drives.

• First, run DBAN (also included with Eraser) to completely erase the hard drive.
• Then, reinstall the operating system of your choice, if necessary.

Warm reboots don't erase memory. Cold reboots usually don't erase memory, either. (There are still fragments of what was left before after doing a cold boot.)

And as almost all data recovery people know, reformatting a hard drive using the conventional disk formatting commands don't really erase anything; they merely create new directory structures. In order to really erase a disk, you have to use something like Eraser or `dd if=/dev/urandom of=/dev/hda`.

Slackware, you insensitive clod! ;-)

Actually on a serious note, I install (for my mother, family and friends)...

7-zip
gs / gsview
Firefox / Thunderbird
AVG
WinPT
Eraser
OpenOffice
Gimp (depending on the family member or friend)
Gaim
FileZilla
Amaya (only because bluefish is not available on win32 yet)
RealVNC
VIM
irFanview
Azureus (depending on the family member or friend)
Daemon Tools (depending on the family member or friend)

Read the man page - doesn't work with Journalled filesystems. That rules out NTFS, Ext3, ReiserFS, JFS, XFS, etc. etc.

However, if you want a program like this for windows, Eraser would fit the bill nicely.

I've done this technique. Although I've abandoned ghost and do this now, it has some disadvantages.

Ghost understands the filesystem which has some potential advantages. You can explore a ghost image file to see what's in it. I'm not sure how to do that with a dd image.

The main thing is I don't think ghost even attempts to read unused sectors. Zeroing out and using gzip is better than not doing it, but still slower than simply not reading them. 40 GB drives comes out as 1 GB? That's a lot of wasted time reading and compressing those sectors. Back when I was using ghost I'd backup more frequently, now it just takes too long to do periodically.

One tip, you can use the GPL Eraser program to zero out spaces on windows. It's more thorough than the "big zero file" technique. It will clear cluster tips and can also zero out the swap file (swap clearing is done by windows, but it lets you turn that feature on). Mainly intended as a secure delete, it requires minor configuration to write zeros.

There are some linux tools that are more like ghost, but I haven't played with them. Last I looked NTFS wasn't supported very well. For now I just keep my windows partition small (10 gig or less) and use dd.

Eraser actually uses Darik's Boot and Nuke when you use it to wipe an entire drive. See the features page.

Go download Eraser. It will erase empty space and swap files using DoD mil quality and even higher. It will erase empty space on your drive while you sleeping swiping it clean of bits 32 times over. On shutdown it will erase the swap file with the same quality. You can also get the source code and make it better if you want.

I have mine run once a week. I'm more concerned of my hard drive failing having to returning it under warranty and someone else receiving that drive they could then retrieve my data.

If security is a concern, set Windows to use a fixed swap size, i.e. the minumum and maximum values should be identical. Then, install Eraser (GPL), which offers the ability to wipe the swap file during the reboot process.

There is a GPLed program called Eraser that can be used under windows. Eraser can also zero out cluster tips. Designed as a secure delete, you'll need to some minor configuration to write just zeros.

You don't have to pay for Norton Wipeinfo if you're on Windows.

I'm told that both Scrub and Eraser are pretty good - although I haven't used them.

Both of which are free (in the "don't have to pay any money" sense)

Think I'd use killdisk before I leave the company I work for

Or you could use Eraser.

It's free, as a bonus, and it's floppy-based killer uses Gutmann's algorithim to do it's bit.

-- R

You call that easy? Just run Eraser. It makes a boot floppy that overwrites the disk with a 36-pass Guttmann code. Look, ma, no data!

Luckily for me, I DO know the perils of non-secure deletion. Originally I used to use Evidence Eliminator, but that got too corporate, so now I use Eraser, a free open-source prog. Works great.. I use the 35 pass one... just to be safe... ;)