Wipe Disk & Shred File

In an earlier posting, Delete Does Not Delete, we've discussed about why deleted files are still possibly recoverable and how to remove their traces permanently by cleaning the disk's free-space. Of the many terms used to describe the 'cleansing', I think "disk wiping" best fit the description.

For those who have used the disk wiping before knew that the process is very lengthy and can take hours to complete. This might not be very practical at times.

Is there other way to destroy file permanently?

Yes, we can 'shred' the file instead. This is analogous to shredding of paper document. Again, there are other terms used to describe this process. Commercial softwares are easily available as well.

If you are using the software introduced earlier (named; Eraser), shredding functionality is readily accessible. There are functions to shred files or shred everything in the Recycle Bin with just few mouse-clicks.

To shred files (using Eraser);
Right-mouse click on the files to be destroyed

- Select Erase to permanently destroy selected files

To destroy the Recycle Bin's content (using Eraser);
Right-mouse click on the Recycle Bin

- Select Erase Recycle Bin to permanently destroy everything in the recycle bin


NOTE:
Some document editing software (e.g. Microsoft Word) might periodically creates copies of the document being edited for error recovery purposes. There is no guarantee that the copies will be safely discarded. Therefore, file shredding may not be sufficient to replace disk wiping.

.

Addendum: Windows XP's Login Security

There is an update in an earlier posting titled, Windows XP's Login Security
Look out for the red coloured text.

.

Confidential Files: Handle With Care

Lets start by looking at the commonly used methods to protect confidential files and their associated issues.

Most people save confidential files in an external media (e.g. CD) and then hide the media in a 'safe' place. If the files are not properly encrypted, this method is akin to hiding money in a container and then bury the container in the backyard. Another security risk is that the traces of the original files in the local computer must be manually removed.

Some use document's editing softwares to save the files with password protection. In such cases, the reliability of the security mechanisms need to be ensured. Dealing with large number of such files can be very unproductive.

Internet savvy users also upload their files to external servers for safekeeping. This method is very useful for off-site backup but it has other weak security links. Weakly encrypted files can be intercepted by hackers during the transfers. Furthermore, the reliability of the servers are not often known. To edit the files is cumbersome as the files need to be downloaded and local files need to be properly disposed off after using.

However, the most tricky issue to overcome is still a non-technological one. In the event of strongly encrypted files fallen into the wrong hand and the user is threatened to reveal the password, what then?

Are there easy-to-use and secure solutions available that address the above issues?
Yes, there are!

One highly recommended such solution is TrueCrypt which is an open source solution. That means, it's free!

To find out more, continue here.

.

TrueCrypt - Disk encryption software

TrueCrypt is an open source, disk encryption software. It works transparently without extra hindrance to the user once the security authentication is validated.

The cryptographic algorithms used are of very high standards. For example, the Advanced Encryption Standard (AES) is adopted by the U.S. government for use in all government departments/agencies to cryptographically protect sensitive information.

TrueCrypt is available at;

TrueCrypt (Please check its license)
http://www.truecrypt.org/

I am not going to create a step-by-step guide here. You can have such guide after installing the software (go to "Help - User's Guide" menu).


Demystifying Complexities

In the simplest form, there are only 2 major steps required for you to get started;

1. Create the 'protection unit' (known as volume)
2. Use the volume to save confidential files

Simple isn't it?

Here are some explanations to help your understanding;

- Volume is just disk file that is used by the TrueCrypt. Go ahead and create as many of them as you like. You can always delete them if thing got messed up.

- When creating the volume, you have the option to create a hidden volume inside the volume itself. You can imagine the hidden volume as sub-section of the volume that requires different password to access.

- To use the volume created, you need to mount the volume's file. Refer to user's guide for details

Mounted volume


- Upon mounting, the volume can be accessed as a virtual disk DRIVE


Mounting Explained

Mounting Standard Volume

- To mount the standard volume, enter the standard volume's password
- Volume's contents cannot be technically identified without successful login
- If the volume to be mounted contains hidden volume, activate the Hidden Volume Protection feature during login. Failing to do so may risk in damaging the hidden volume when the volume is used

Mounting Hidden Volume

- To mount the hidden volume, enter the hidden volume's password
- Volume's contents cannot be technically identified without successful login
- Each volume can optionally has one Hidden Volume. The hidden volume cannot be identified nor proven exists technically without successful login.


Facts you must know

Strong password is at times cumbersome to use. Why must one use strong password?
The only thing that keeps confidential files away from thieves is the password. Weak password can easily be hacked. On the other hand, using strong password can easily be practised and becomes a habit. More on strong password here.

What can be done if I forgot the volume password(s)?
Well, the only thing you can do is to bid your files goodbye. You can try to hack the security using brute force hacking. But, based on current technological capability, it can take thousands or millions of years depending on the strength of the password used.

.

Delete Does Not Delete

When a computer file is deleted (and the Recycle Bin cleared), many think that the file is gone for good. In actual fact, it is only gone as far as our naked eyes can see. The deleted file is still possibly reconstruct-able using commercially available softwares!

No, the computer is not playing tricks. This behaviour is by design and not exclusive to computer system. It is common for almost all electronic storage media such as; PDA, mobile phones, digital camera, and etc.

In non-technical terms, this is what actually happens;
When a file is deleted, the system merely releases the 'lock' on the file's storage spaces without destroying their contents. These released spaces go into the free-space pool and stay as they are until they are used again. As long as these spaces remain unused, their contents can be captured and the original file can be reconstructed.

In the nutshell, there is a possibility to retrieve any deleted files. This possibility decreases over time and the rate is beyond user's control.

How to ensure all the deleted files are gone for good?

There are many softwares available that can get the job done. These softwares are called various names such as, disk wiping, disk deletion, traces removal, and etc. Nevertheless, all of them use the same method which is by populating the unused space (free-space) with randomly generated data.

One such software, FREE for home use;

Eraser (Pls check its license)
http://sourceforge.net/projects/eraser/

If the software you use works, the deleted files are no longer recoverable using any commercially available softwares.

.