Disk Wiping Utility

When you delete a file, the operating system typically only deletes the directory entry and marks the space as available. This is not suitable for "secure" deletion. Somebody with an undelete utility could recover the file. There is a utility called Eraser (http://www.tolvanen.com/eraser/) which overwrites a file multiple times with various patterns and pseudo-random numbers before finally deleting it. It also renames the file several times so that any record of the file's original name is lost. It also has an option to wipe the free space on your disk so that any files you might have accidentally forgotten to erase securely, can be (hopefully) erased securely.

This last option is particularly interesting.

Eraser uses multiple overwrites because data that is only overwritten once might still be recovered, by taking the platters out of the hard drive and analyzing them with special equipment. (But if hard drive manufacturers could figure out a cheap enough way to do this using the drive electronics, they could double the capacity of the disk: you could write 1024 bytes by writing 512 bytes and then overwriting it with the next 512 bytes, and if you could read the overwritten material as well as the material overwriting it, then you could recover all 1024 bytes.)

The problem, though, is precisely that: suppose I download some program and I decide it should be installed "permanently". If I didn't securely erase my drive before I installed this program, the program's files will prevent the further overwriting of whatever they overwrote. So whatever they overwrote wasn't overwritten enough. And might be recovered by some nasty fishing-expedition by the other political party, when I finally run for office.

I have an alternative plan, but I don't know how to implement it, exactly. It might be easy for the right person:

First, use Eraser as usual, but make it do only one pass with zeroes.

Second, use a Linux boot disk. And run a program.

This program should open the hard drive as a device - unmounted. It will read a block of the hard drive into RAM. It will store long runs of zeroes compressed in RAM, so that it can take larger jumps through the free space that was wiped by Eraser. It will overwrite the block it reads hundreds of times with random bits (or whatever patterns are appropriate). It will then write the original data back to the hard drive, and proceed with the next part of the hard drive which fits into RAM. It will proceed a few megs at a time until the whole hard drive has been done in this way.

This "under-writing" should be more secure than overwriting free space and slack space, because it will overwrite even data that has already been overwritten. It also has the bonus of checking for bad sectors. (But you better hope you don't find any...)

I have this theory that a hard drive might "lose its charge" over the years. A sector that was written long ago should slowly "rot" until it becomes unreadable. This hypothetical effect would be caused by heat and by the Earth's magnetic field. Most hard drives are magnetized so thoroughly that it might take 20 or 50 or 100 years for a sector to be lost because of this - but it will happen eventually. This "under-writer" utility would, as a side effect, "re-charge" all of the sectors on your disk. If you're an archivist, it might be useful for that purpose. (The wiping functionality could be turned off, to save time.)


EditText of this page (last edited February 20, 2002) or FindPage with title or text search