• Advertisement

Archived

This topic is now archived and is closed to further replies.

Permanent Deletion?

This topic is 5026 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

Hi! I was reading about file deletion, that even if you formatted your hard-drive, the data is still there its just the FAT-table thats emptied. ''Caus people could still use data-recovery apps, to recover the data from those disks, like when people format and sell their HDs (Hard-Drives), after formatting, the people buying the HD can get old info like Credit-Card details, etc. through Data-Recovery apps. So if I where to write an app that can make sure that the data you delete is deleted, whould you agree that I have to do the following : * Get the length of the file in bytes * Open the file and write all the bits of the bytes as 1''s or 0''s * Close the file HE HE! * Call the delete/kill function to remove the link of the file Do you think that''ll do? // Last Attacker \\---=( LA )=---// LA Extreme \\

ICQ Number : 120585863

E-mail: laextr@icqmail.com

Share this post


Link to post
Share on other sites
Advertisement
That will be enough for the most part. However if the file was previously larger than it is now, or the file is a word doc (word saved temp copies of the file) then the data can still be found. The thing most programs do is erase the free space by creating a file as big as the free space and writing to it. This way only the files that exist at that time can ever be found.
btw there are an extraordinary number of programs out there that do this. Unless you are doing it for fun I suggest you do a quick google and pick one from the millions of results.

Share this post


Link to post
Share on other sites
This would involve low level disk access. And that is something pretty dangerous. Because if you access the drive at low level(Eg, you write directly to physical drive addresses) you can easily mess up and overwrite existing data.

Also, since the file is probably fragmented over the disk writing such as app would read the start address, write data until a sector jump is found or end of file, jump to next sector, write data, etc.

And then you would repeat this step about 10 times to make sure it's fully overwritten. Best is to write 1111111 everywhere, next step write 0000000, next step write 1111, etc.

I think your application would require Ring 0 access under Windows to be able to write low level to disks.

EDIT:
You could also build in "Wipe complete disk" and "Wipe empty space" options. Wipe empty space would take the entire FAT/NTFS table, calculate positions of all fragments. Ordering the fragments in order of sector number you could find the empty spaces on the disk. If you wipe those addresses 10 times, that data would be erased. This could be usefull if you deleted a couple of important files(Porbably a large number of files).

Toolmaker



My site
/* -Earth is 98% full. Please delete anybody you can.*/

[edited by - toolmaker on April 15, 2004 5:36:25 AM]

Share this post


Link to post
Share on other sites
I don't think overwriting with a set pattern (all 1s, then all 0s, or something like that) will actually erase the data to the point where a good lab won't be able to recover it. As long as they know the pattern, they can actually compensate for that. Bits are analogue on the disk. They aren't 1 or 0, they're 0.954 or 0.012. When you write a bit to the disk, a smidgen of the old value gets left there (so writing 1 to a bit with value 0.954 would give you a bit with value 0.958 or something, whereas writing 1 to a bit with value 0.012 would give you 0.905 or something, main point being it's lower than it woulda been if it was overwriting a 1).

Upshot of all that is that you have to overwrite things a LOT of times (iirc at least 8-16) before they become too munged to untangle. Even then if technology improves it might be possible in 10 or 100 years to recover the data... if what I heard is true, the US government disposes of their sensitive-information-storing hard drives by melting them into slag, stirring them up, chipping them, and then burying them inside concrete blocks in a secure area. Possibly they wrap them in bits of alien spacecraft too.

[edit: of course this is for cases when the government of a high-tech superpower is trying to uncover your plans for a doomsday weapon, and 8192-bit encryption just won't cut it. If you just want to stop your mommy undeleting your porn collection by mistake, your approach will be fine. ;]

[edited by - fractoid on April 15, 2004 5:55:37 AM]

Share this post


Link to post
Share on other sites
I would like to know more about the ''low level'' of an HD. Whats the diffs between that and the normal way do file handling (ie. like in C++).

Looks like if you want to sell your HD, you have to perform a low-level format, then run FDISK and then format to FAT32, etc. HE HE

// Last Attacker \\---=( LA )=---// LA Extreme \\

ICQ Number : 120585863

E-mail: laextr@icqmail.com

Share this post


Link to post
Share on other sites
quote:
Original post by fractoid
I don''t think overwriting with a set pattern (all 1s, then all 0s, or something like that) will actually erase the data to the point where a good lab won''t be able to recover it. As long as they know the pattern, they can actually compensate for that. Bits are analogue on the disk. They aren''t 1 or 0, they''re 0.954 or 0.012. When you write a bit to the disk, a smidgen of the old value gets left there (so writing 1 to a bit with value 0.954 would give you a bit with value 0.958 or something, whereas writing 1 to a bit with value 0.012 would give you 0.905 or something, main point being it''s lower than it woulda been if it was overwriting a 1).

Upshot of all that is that you have to overwrite things a LOT of times (iirc at least 8-16) before they become too munged to untangle. Even then if technology improves it might be possible in 10 or 100 years to recover the data... if what I heard is true, the US government disposes of their sensitive-information-storing hard drives by melting them into slag, stirring them up, chipping them, and then burying them inside concrete blocks in a secure area. Possibly they wrap them in bits of alien spacecraft too.

[edit: of course this is for cases when the government of a high-tech superpower is trying to uncover your plans for a doomsday weapon, and 8192-bit encryption just won''t cut it. If you just want to stop your mommy undeleting your porn collection by mistake, your approach will be fine. ;]

[edited by - fractoid on April 15, 2004 5:55:37 AM]


Are you saying that even if you overwrite data, that the overwritten data can still be obtained, some how?

// Last Attacker \\---=( LA )=---// LA Extreme \\

ICQ Number : 120585863

E-mail: laextr@icqmail.com

Share this post


Link to post
Share on other sites
Yes, but the gaurds/police/cops can''t get your data if you use flash RAM :-). Flash ram is completely and utterlly eraseable. BTW if you write the following values to a HD in order about ten times:

0, 170, 85 , 255

You''ll probably scramble the data beyond recognition. The tolerance of the logic chip in a Hard Disk means that they can only detect 1 and 0 not 0.9512 or 0.1234. One byte of remaining data about your doomsday weapon is useless.

It''s very difficult to open a hard disk without causeing physical damage too. You''d need an analog HD drive reader to read the data it is electronically impossible to detect such small flutuations at the molecular level. Unless you want to use a scanning electron microscope to go through 60GB of data.

How could you create accurate digital data, and unless the data was in digital form you can''t use it so it''s a pointless exercise anyway.

Your analog harddrive reader will have to be tuned perfectly the the size of track, and will probably fuck up the disk anyway. Considering each hardrive manfacuturer usees different patented technology, you''d be fairly sure to kill your original data.

For low level disk access use ASM and DOS bootdisk. It''s easier than you think to wipe an entire disk. Why not just get an extremly large eletromagnet?

Share this post


Link to post
Share on other sites
Won't an eletromagnet damage your HD while removing its contents?

Please may I ask you to refrain from swearing.

Thanks

EDIT: So If I had to create my little util for deleting, I have to write 0's or 1's to the sectors of the disk like 7-times or something?

// Last Attacker \\---=( LA )=---// LA Extreme \\

ICQ Number : 120585863

E-mail: laextr@icqmail.com

[edited by - Last Attacker on April 15, 2004 6:48:43 AM]

Share this post


Link to post
Share on other sites
Yeah it probably would. Why are you so interested in this anyway? Your average Joe isn't going to waste his time looking for your old data. Quick Formating just deletes tha FAT table, a full format writes the entire disk.

Sorry about the swearing, my excuse is From: Ireland .



[edited by - pkelly83 on April 15, 2004 6:51:54 AM]

Share this post


Link to post
Share on other sites
You''re forgiven.

Anyway, the reason I have an intrest in this is that it suddenly became interesting to me, I mean I always thought that if I call del (DOS) or clicked on ''Delete file'' while holding the Shift button down (Windows), I was actually removing the data from my HD.
Lets just say I''m storing this in my head for future reference

Anyway thanks for your input man, now I can go and write my little util HE HE!

// Last Attacker \\---=( LA )=---// LA Extreme \\

ICQ Number : 120585863

E-mail: laextr@icqmail.com

Share this post


Link to post
Share on other sites
quote:
Original post by pkelly83
Yeah it probably would. Why are you so interested in this anyway? Your average Joe isn''t going to waste his time looking for your old data. Quick Formating just deletes tha FAT table, a full format writes the entire disk.

Sorry about the swearing, my excuse is From: Ireland .



AFAIK full format doesn''t write any more on the hd than quick format, at least not in windows. The difference is that full format checks for bad sectors, and marks those as unusable.

Share this post


Link to post
Share on other sites
Thats probably why a low-level format takes ages to complete. It actually writes to all the bytes in the sectors of the HD! LOL!

Man, its actually weird, the way the coded the formatting progs.

// Last Attacker \\---=( LA )=---// LA Extreme \\

ICQ Number : 120585863

E-mail: laextr@icqmail.com

Share this post


Link to post
Share on other sites
I suggest, that if you write such an app, that you write patterns to the disk, eg:
255, 179, 84, 136, 210, 0, 10, 5, etc. You might give the option to write 1 and 0 too, but that shouldn''t be used for sensitive information.

Also, I don''t think the US government melts, chips, and burries it''s disks. If you really want to get rid of the data, melting the surface and recycling what comes out will be as effective as what the other guy said.

Toolmaker



My site
/* -Earth is 98% full. Please delete anybody you can.*/

Share this post


Link to post
Share on other sites
Hard drive + industrial furnace = permanent deletion.


Just about anything else there is the possibility that some information is still recoverable.

Share this post


Link to post
Share on other sites

I would no doubt they melt there HD''s and bury them in concret blocks. On date line they went to the NSA HQ and there they shreede the paper into tiny squares burt them balled up the remeans and dateline still had to blur the imadge, of shreaded burnt paper


I think by writting 1''s and 0''s he meant 00000000 and 11111111 each of the previous being the binary representation of a byte.

Share this post


Link to post
Share on other sites

  • Advertisement