Shredding
From Wikipedia, the free encyclopedia
- For other uses, see Shredding (disambiguation).
In the context of computers, "shredding" refers to the act of deleting, or wiping a file securely, so that it cannot be restored by any means. This is done either using file shredder software, or by issuing a "secure delete" command, as opposed to a "delete" command from the operating system.
In many operating systems, the act of deleting a file will only mark the disk space occupied by the file as available (for use by new files, or files growing in size), and mark the file as gone from the directory it was in, but leave the actual contents of the file on the disk. This permits restoration and recovery of recently deleted files via tools such as the MS-DOS undelete command.
Because the disk space is marked as available, it will eventually (assuming the disk gets written to) be used by other files, replacing the contents of the deleted file. At this point, the file can no longer be recovered by software. However, it may still be possible to recover the file by more advanced, physical means, because older magnetic recordings (such as those on a hard disk) can be read using the right equipment, even with new recordings on the same disk.
For Unix, the Unix command shred can be used. For Windows, a number of Windows file shredder programs exist such as Heidi Eraser, the QDS Security Toolkit, and ShredIt for Windows. These will repeatedly overwrite the file with other data (typically random binary data or all zeros) a large number of times, to make such physical recovery more difficult. For Mac, some versions of the operating system offer a "secure delete" command, such as the "Secure Empty Trash" command. In addition, file shredder software, such as ShredIt are also available.
Shredding depends on the assumptions that files are not moved in the file system during their lifetime, which fails if defragmentation is done, and that they are overwritten in place, which may fail on modern file systems. These can be addressed by shredding the whole partition rather than individual files. Even this may fail, since hard disk controller may mark sectors as bad and these may contain data but are not visible to the operating system.
If one wants to be absolutely sure that the file is not recoverable by any means, a suggested approach is to incinerate the media (e.g. burning the hard drive to raise the platters above their Curie point). Another approach is to destroy the media with acid. A much safer way to erase the media so it can not be recovered is to use a degausser. As an alternative, the file can be stored using strong encryption at all times, in which case there won't be any useful data to recover, assuming the encryption key is secure.
Although destruction of the media, degaussing or encrypting data are all effective ways to protect data privacy, they are also more than is required by the average user. Using file shredder software is sufficient to ensure that the data can't be recovered using commercially available tools by either the next owner of the computer, or by someone who has stolen the computer or the hard disk.
[edit] Physical Shredding
[edit] External links
- Secure Deletion of Data from Magnetic and Solid-State Memory by Peter Gutmann