To actually erase files from a magnetic hard drive, you would have to overwrite the file with useless data. Some tools attempt to make this easier, offering to “securely delete” a file by deleting it and overwriting its sectors with junk.
Such tools will make the specific file you “securely delete” unrecoverable. However, if you have the nuclear launch codes on your computer and need to get rid of them, just “Securely deleting” the file itself isn’t good enough.
How Secure File Deletion Works
We’ve previously covered why files can be recovered even after you delete them. On a magnetic hard drive, deleted files aren’t actually removed from the hard drive immediately. Instead, the “pointers” that indicate where the file’s data is stored are deleted. The hard drive sectors containing the file’s data still contain the data. They’re just marked as available for use and can be overwritten in the future.
If you continue writing data to your hard drive, the sectors may eventually be overwritten with new data and the file will probably become unrecoverable. However, if you immediately try to recover the deleted file with a file recovery tool, you’d likely be able to get it back — at least on a magnetic hard drive. Solid-state drives work differently.
Operating systems only mark files as deleted because actually deleting a file’s data from your hard drive is slower. Its sectors would have to be overwritten, so a quick task becomes a much longer operation. For example, if you wanted to completely erase a 1 GB file, you would have to write 1 GB of data to the drive. Your computer would be much slower if it had to do this every time it deleted a file.
Secure file deletion tools do what operating systems don’t normally do. When you “securely delete” a file, the tool will delete the file normally and take note of where its data is stored, overwriting those sectors with junk data. This should prevent the data from being recoverable — yes, you should only have to overwrite the sectors once.
Places Where the File Might Be Lurking
Such tools do work on magnetic hard drives, erasing the current file’s data from the disk completely so it can’t be recovered from that place. However, there are other places that bits of the file may be lurking:
- Other Copies of the File: If, at any point, you had an additional copy of the file on your hard drive, the file may still be on your hard drive. Even if you deleted the additional copy, the deleted copy’s data may still be present on your disk.
- Temporary Files: If any program was using the file, its data may be stored in temporary files. For example, extracting a ZIP, RAR, or other archive file will often place a copy of the archive’s contents into temporary files.
- Search Indexes: Bits of the file may be recoverable from search indexes. For example, the text of a document may be present in a search index.
- Shadow Copies: Windows automatically adds copies of files to “shadow copies,” and they can be recovered using System Restore. On Windows 8, File History is constantly making backup copies and may have a backup of your files.
- Prefetch: The Prefetcher in Windows helps applications load faster by creating prefetch files for applications. If you need to securely delete an .exe file, portions of it may still be present in the Windows prefetch directory.
- Image Thumbnails: Most operating systems create thumbnail-sized copies of images so they can quickly present image thumbnails later. If you have a sensitive photo you wish to securely delete, a smaller version of that photo may still be available in a thumbnail cache.
Worse yet, if you had any of these at any point — let’s say you had an image thumbnail but deleted it — the deleted files may be recoverable. It’s very difficult to know for sure whether any data from a “securely deleted” file is actually still present on your hard drive.
Wiping your drive’s free space will help somewhat — everything will be overwritten, so no deleted files will be recoverable. However, this doesn’t protect you against copies and bits of the file that may be sitting around undeleted on your drive.
How To Ensure a File Stays Deleted
Simply “securely deleting” a file isn’t good enough if you’re actually worried about people being able to recover that file. For example, if you have the nuclear launch codes on your laptop, you’ll want to do more than securely delete them. More realistically, if your laptop has a document containing sensitive financial data like credit card payment details and social security data, you’ll want to do more than simply “securely delete” the file before you get rid of the laptop.
If you want the ability to securely delete a single file without wiping your entire drive, you may want to set up full disk encryption with TrueCrypt or a similar encryption tool ahead of time. If you encrypt your hard drive, you won’t have to worry about people recovering the data unless they get your encryption key.
If you really are disposing of a laptop that once contained the nuclear launch codes, you may want to destroy the drives completely. The military and government physically destroy drives containing very sensitive data, cutting them up into pieces and melting them down to ensure data can never be recovered. Yes, this is overkill for many situations — but if you’re really worried and have extremely sensitive data, it can be worth it.
Secure file deletion tools aren’t completely worthless. They do what they say on the tin, but file data is rarely cleanly confined to a tiny section of your hard drive. If you really need to ensure a file’s data can’t be recovered, you should do more than just use a secure file deletion tool.
- › The Best File Archiving Program for Windows
- › 4 Ways to Ruin Your Smartphone’s Battery
- › This Is How Steve Jobs Killed Adobe Flash
- › What Can You Do With the USB Port on Your Router?
- › What Do “FR” and “FRFR” Mean?
- › 10 Things Blocking Your Wi-Fi Signal at Home
- › How to Make Your Facebook Account More Private