Hey Guys, I'm going to be trading in or sell my notebook to upgrade. I have files where I lay out all my passwords to banks, CC's, emails, shopping accounts, photos of my family, etc. Do I understand this correctly in that only the upper most file can be retrieved? What I mean is.. say a file is located at a certain location of the hard drive, if that file is overwritten with new data at the exact location, then only the newest file can be retrieved? If my understanding is correct, then is there a program that would allow us to overwrite every inch of hard drive real estate with new gibberish data?
Do people think about this when they trade or sell their PC? It just seems too logical to me that a small fraction of identify theft out there must be from used computers changing hands. Am I being paranoid? Anyway, please advise on what program I can use to make it tough for the average person to retrieve.
+ Reply to Thread
Results 1 to 20 of 20
I put all my passwords encrypted in Keepass.
But I have never traded/sold a computer with any of my HDDs though. Too many other secret files....
^ Exactly — format && re-format.
But why re-install Windows
Just let the new owner of the notebook do that job
You can get security software that writes zero bytes to all free space on a HDD. Format again after that and no files could be recovered (they could from a simple format)
Do I understand this correctly in that only the uppermost file can be retrieved
Overwriting the drive several times should corrupt any attempt of a complete readable file being recovered
CCleaner has a function for writing over the free space of a computer HDD. It can do 1, 3, 7, or 35 passes.
Could use Truecrypt and create an encrypted file to fill up all the free space, and then delete it after it's been created (rinse and repeat as needed).
Or just fill up the HDD with copies of files you don't care about, and then delete those copy files.
I've always removed my hdd's and either kept it as a spare or literally put an axe through it if there is any *really* private information like banking details etc. HDD are cheap these days so you could replace it with a new one.BeyonWiz T3 PVR ~ Popcorn A-500 ~ Samsung ES8000 65" LED TV ~ Windows 7 64bit ~ Yamaha RX-A1070 ~ QnapTS851-4G
Eraser will "clean" any unused space on a hard drive, and securely delete files.
The person who originally created the program passed it on to another business and I'm still using one of their early versions (5.6), before they changed much. I can't remember why. There's something about it I preferred. I run it from the Explorer right click menu now and then to properly erase files rather than just delete them so maybe there's something about that functionality I preferred. I found a SourceForge link for version 5.6 but the install file is dated 2003 and I've no idea if it'll work with Windows flavours newer than XP, If not, follow the first link in this post instead.
If you want to blow the whole drive contents away, there's a few hard drive wiping programs included with the Ultimate Boot CD for Windows, one of them being Eraser, or the Ultimate Boot CD lists the inclusion of about 10 different HDD/Disc Wiping utilities.
Edit: I just realised Eraser 5.6 includes "Darik's Boot and Nuke" via a start menu shortcut, but it creates a boot floppy. Is it embarrassing to use software that old? According to the instruction here version 1.0.7 makes nuke floppies and flash drives and version 2.x makes nuke CDs and DVDs.
Darik's Boot and Nuke
Last edited by hello_hello; 13th Apr 2016 at 08:48.
The hammer and nail approach is effective. If you are a pacifist, I recommend dunking it in salty water. They are also fun to dismantle as they are surprisingly simple contraptions. Spinning rust is too much of commodity to be bothered with the time it takes to securely erase. Plus, worrying about malcontents is wasted effort. I guarantee your PII is already for sale in the dark web for less than $50.
Personally I use a hammer. I like the sound of shattered platters in the morning. That being said here is some advice.
First the tinfoil hat vision of things (less funny than it was 20 years ago), you can't trust an hdd because you don't control it fully, it is semi autonomous and will do things on its own. Also, ntfs is a journaling filesystem as well and you don't have access to the journal.
The "my biggest secret is an apple pie recipe but I will keep it safe" vision of things. Formatting is not enough, to make recovery reasonably difficult you need to at least delete the partition. And the good way to do this is to fill the drive with zeros, overwriting the mbr, partition table and everything in between.
For that I use a linux distribution and do
dd if=/dev/zero of=/dev/sdx bs=4K
Or you could create a bootable cd or pendrive with the latest dban.
Download the iso and burn it to a cd or dvd, or use rufus to put it on a pendrive. Autonuke will make 3 passes, it will take some time.
Tutorial here http://www.tomshardware.com/faq/id-2524477/wipe-hard-drive-dban.html
Or you could send the ATA secure erase command to your hdd, making it erase itself (can brick it in some cases).
In linux https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase
There is an utility for that in UBCD, or maybe your hdd manufacturer added that functionality in their software. Read the manual first in any case.
This should work for regular HDDs. SSDs are different but filling the drive with zeros should work as well, I didn't really look into it yet.
It's a laptop. How much do you think it'd be worth without a hard drive? Maybe the OP could sell it with a note explaining the commodity theory.
In Windows at file level:
Or mentioned CCleaner.
But in your case disk level is more appropriate and mentioned DBAN is best.
I just use Windows' built-in diskpart utility with the clean all option. It writes zeroes to every sector on the disk. This is enough unless you really think that someone is going to spend a LOT of time and money using advanced forensics on your drive.
You only need to use your windows install cd or pendrive to get a command prompt at boot
and then to follow this tutorial, replacing "clean" by "clean all"
"clean" will not overwrite your files and it is possible to recover a deleted partition table, so don't use that.
This is enough unless you really think that someone is going to spend a LOT of time and money using advanced forensics on your drive.
However I have been shocked by how much data is recoverable with photorec even after overwriting a partition's free space with zeros.
Given I suggesting using a boot disk to wipe the whole drive, I thought I'd post back when I thought about the possibility of the laptop having a hidden recovery partition and that it'd probably be a good idea not to nuke that. It's been so long since I've owned a laptop I really can't remember much about how those hidden partitions work or whether they'd show up while using a utility to clean the whole drive.... or rather the rest of it..... but I thought I'd mention it.
Many years ago I used a function in SpyBot Search & Destroy that shredded files doing 99 passes. It took ages to finish.
BTW, the computer is a macbook air that's running both mac os and windows via bootcamp. Which kinda has me a bit confused on how to go about this. I'm just thinking of doing a fresh install of Mac El Capitan, no more windows. I mentioned about reinstalling windows above, which is incorrect. I would like to format and just do a fresh install of El Capitan.
In my case, do you think I should still go through some of the suggestions above? Windows diskpart, CCleaner, Dban, etc.
Okay, so I got confirmation that my trade-in does not need an OS. So I'm thinking of just formatting and wiping everything without worrying about how to reinstall. They actually sent me a program called SAFE ERASE by laplink. Any of you ever use this?
There is a built in option in macs in the form of osx recovery. Reboot, hold command + R. You can use disk utility to perform a secure erase of the whole disk. Minus the osx recovery partition I guess.
edit : apparently you have to jump through some hoops to clean a mac's ssd. 1 pass with zeros should be enough.
Last edited by ackboo; 15th Apr 2016 at 21:18.