The reasons for cleaning our hard drive can be extremely diverse. Either because we are going to sell our computer, we are about to give it away or because we simply want to get rid of a lot of files and programs that no longer serve us.
Very often, we are used to exchanging mass storage units between people, in long-term loans or through product sales. Be it the hard disk of a notebook, USB removable drive (pendrive) or an external disk, every day we trust these devices with our most sensitive information, such as service passwords, documents and personal multimedia content, such as photos and videos.
And when we get rid of these units or complete computers, the first concern that comes to mind is to delete data from disks or pen drives, in order to protect our privacy.
The most classic is to format the drive, through the utilities that the operating system lends us on duty. However, doing this is the least certain of what we can opt for, since once the format has been completed, the information that supposedly has been “deleted†can be easily recovered.
It happens that when we format the disks, the information is not really deleted. That's how insecure the process is. What is done is to delete the directory that the system uses to find the data inside the hard disk, but the information itself is where it is.
Because in truth it is never possible to erase the data, and the best we can do to maintain our security is to write on top of what we have, corrupting the old and avoiding its recovery.
It happens that any person, with a minimum amount of knowledge about computer science, can recover data from a formatted disk, simply using software capable of skipping the absent index and reviewing the occupied sectors to extract what is necessary, which, as we already mentioned, remains intact.
That's why we talk about the convenience of overwriting: once we put something on top of the old, it really becomes inaccessible there. And the more times we write over, the better.
Deleting data from a hard disk
The most important thing is usually saved on a PC hard drive. Either when we change the desktop unit, or sell a notebook, if we give it a simple format, no doubt someone would be able to recover all or almost everything, if it is proposed. So we are facing the most delicate situation, therefore, it deserves a little of our time that, after all, we are investing towards greater security.
These are some methods available for overwriting:
Quick Erase: It gives a single writing pass to the disk, filling it with zeros. It is the least safe of all, and is used mostly to clean disks before internal reuse.
RCMP TSSIT OPS-II: It is the standard used by the Royal Canadian Mounted Police to secure their devices. There are eight passes with random patterns. Enough for us.
DoD Short: Summary version of the method used by the Department of Defense in the United States. There are three passes, saving time and delivering enough security.
DoD 5220.22-M: This is what they use in the US government entity. and with seven passes, it grants great security in moderate time.
Gutmann Wipe: Application of Peter Gutmann's theory for the absolute erasure of data on a disk. There are 35 passes and it takes more than enough, but not even Superman on his best day could recover data from a device after a Gutmann Wipe.
PRNG Stream: Use random patterns in four and eight passes, mixing the above methods.