-3

Inspired from here: Why didn't OSes securely delete files right from the beginning? And why do they still not do this?

The point that seems to be taken there is why it is not the default, but the more important question is why isn't it even offered in the first place?

I mean it makes sense that you don't want to waste time and HDD/SSD Life to clean the garbage that isn't sensitive an anyway (like a cache copy of cat videos) but you may want to erase your tax declarations or similar and I wonder why this isn't even offered out of the box even as a more or less hidden option (similar to the shift+entf for circumventing the trashbin they could make Strg+Entf for secure erase or similar).

It's a little bit annoying to always have to install a special software (which, iirc usually requires administrative permissions) just to safely delete your files.

Community
  • 1
My1
  • 394
  • 2
  • 12
  • This feels exactly like a duplicate, as that other question asks why OS's don't do it. Closing as dupe. – Rory Alsop Jan 25 '16 at 12:02
  • @RoryAlsop well not exactly, as I said all the answers there revolve about why it doesnt done as default, while my question is trying to get a bit more info, to be exact, why it isnt even offered – My1 Jan 25 '16 at 12:17
  • Various of the answers there say why it isn't offered as part of the OS, but is available for all OS's. – Rory Alsop Jan 25 '16 at 12:19

2 Answers2

3

Different types of organisation have different requirements for secure erasure. If you are protecting against someone running undelete, zeroing the disk surface will be a secure erase. It will do nothing against someone who is reading the previous bit values using a magnetic disk scanner. In order to protect against that, you need to run a full suite of writes to each sector.

Furthermore, you can't currently secure erase SSDs - whilst they might appear to be similar to HDDs externally, internally, they have chipsets ensuring that writes are evenly spaced out across the flash memory. They can also map between areas, in case of potential failure. This is fine for your low level attacker - they will just see the same as the intended user - but for a nation-state level attacker, it's entirely possible to investigate the forgotten bits that the in-built firmware has marked as unusable.

There is a solution to this though - encrypt your hard drive. If the only data being written to disk is encrypted anyway, it doesn't matter if someone can read it - without the key, it just looks like random noise. This doesn't solve the issue of someone stealing your computer while the disk is decrypted (e.g. when you're using it), but they shouldn't be able to access data from a powered down machine without getting your key.

Matthew
  • 27,263
  • 7
  • 89
  • 101
  • well I know that ssds cant be securely erased (which is too bad) and I already am encrypting my main drive (using bitlocker since it's the only GPT/UEFI compatible solution) but encrypting external is somehow annying because you usually need admin permissions to open them, which can be have problems on its own. – My1 Jan 25 '16 at 09:40
  • I've not noticed needing admin permissions to open any external drives I've got which are Bitlocker encrypted, but it is possible there is a flag you can set when encrypting them. You can buy external drives with hardware encryption - some of them are OK, but others are worthless, from memory! – Matthew Jan 25 '16 at 09:51
  • well with butlocker probably but not everyone has Vita/7 ultimate/enterprise or 8/10 pro/enterprise. as Bitlocker is a system tool it doesnt need admin but other tools like steganos or truecrypt need to add drivers. – My1 Jan 25 '16 at 09:52
  • If the VeraCrypt drivers are installed, you don't need to be admin to mount drives! **Don't** use TrueCrypt. The drivers are insecure and allow every user of the system to gain administrator privileges. This is fixed in VeraCrypt – Josef Jan 25 '16 at 10:04
  • well for truecrypt, veracrypt etc the same is still true, you need to install the driver, aka you need admin at least once, so you cant really get your protected content e.g. in an internet cafe or at work. – My1 Jan 25 '16 at 11:10
  • 1
    I would suggest that you shouldn't even attempt to access protected content at an internet cafe - you have no assurance that the system isn't simply sending any files read by it to someone else! – Matthew Jan 25 '16 at 11:14
  • @Matthew well that was a bit of an extreme example but it might be that for example on a family PC you also might not have admin rights and if the admin says no, you still cant use that. but as far as I remember, you dont need any intervention by an admin account to access a bitlocker'd drive – My1 Mar 19 '17 at 20:20
0

In Windows, there is a command called crypt. You can use the the following to overwrite deleted data.

cipher /w: driveletter

This may take a long time if you have lots of free space on your drive.

pri
  • 4,446
  • 24
  • 31