Xidie Secure delete file
(Shredder)
Content
Overview
There are many programs on the market for recover deleted data from hard-disks. Due to
the fact that if files are deleted, their original content remains un-erased on the hard
disk for an uncertain time, with a low level disk examination utilities you might
recognize and recover files deleted with programs like Windows Explorer or other. So, if
you want to permanently delete files or folders in a secure way, you must use a special
program for secure delete files and folders and this is what the shredder from Xidie is
doing.
The process of deleting files
The process of deleting files involves two major steps:
1. Overwrite file name Securely deletes a file's original name by renaming it several
times. This works by changing each non-'.' character in the file's name to random
alphabetic characters, thus overwriting the name many times regard delete method selected.
2. Secure overwrite file Standard DOD 5220.22-M states that hard disk media is cleaned
by overwriting with a character, then the character's complement, and then with a random
character. Note that the standard specifically states that this method is not suitable for
TOP SECRET information TOP SECRET data cleaning is only achievable by a Type 1 or 2
degauss of the disk, or by disintegrating, incinerating, pulverizing, shredding, or
melting the disk.
How to delete files and folders from Windows Explorer or Desktop
For common files and folders Xidie adds another two items to contextual menu:
- Secure delete file using Xidie
- Secure delete older using Xidie
Both commands call Xidie to delete selected files respectively folders using DoD
standard .
Top
Using Shredder utilities
There are two utilities in shredder section: shredder and system cleaner.
Shredder
There are two steps in order to delete files:
1. Select files and folders. If you select a folder every file in it and files in
subfolders (in which match the file mask and the attributes) are going to be deleted. If
you select the Explorer like interface you could simple drag and drop unnecessary files
and folders to selected list. Use special keys from windows (by pressing Ctrl button you
could select more then one file, keeping shift button pressed select a group of files
and/or folders etc.) Right click on any item for more contextual menus (Open file, Find
target, Open file with Wordpad, Refresh etc). 2. Select the number of cycles. You can
choose between different delete methods for faster execution or more overwrite cycles. By
pressing the Run shredder button Xidie starts to delete all the files and folders you have
selected. Please be careful - deleting means destroying! Xidie removes all selected files
and folders. Please remember that items deleted with Xidie will not go to the Recycle Bin!
If a file has been deleted (except of being deleted only) its original data will be lost
forever and cannot be restored even with low-level disk editing utilities!
System cleaner
This utility allow user to secure delete some information stored in computer, like
cookies, temporary Internet files etc. There are seven categories of info that could be
removed from system: Temporary files Temporary Internet files Cookies Favorites History
Recent documents Files stored in Recycle bin You must select (check) the categories you
want to delete. By pressing view files all documents will be loaded into a list. Use
check/uncheck all to select deselect all categories. From the documents list select the
documents you want to delete (use check/uncheck all to select deselect all documents).
Select the delete method (like on normal shredder) then press the delete files button.
Please be careful - deleting means destroying! Xidie removes all selected files and
folders. Please remember that items deleted with Xidie will not go to the Recycle Bin! If
a file has been deleted (except of being deleted only) its original data will be lost
forever and cannot be restored even with low-level disk editing utilities!
Delete method
There are four major delete methods for destroying your data
- Delete Only Files will only be deleted, not overwritten. Due to the fact that if files
are deleted, their original contents remain un-erased on the hard disk for an uncertain
time, this method is not recommended.
- Simple Files will be overwritten once with static random data. Useful for wiping huge
amounts of data very quick.
- DoD Method The original data will be deleted by overwriting it according to the
NTSC-TG-025 regulations (Version 2, Sep 1991). This is the recommended delete method.
- SFS Method This method overwrites 35 times with special patterns killing every
information on a magnetic storage. Please remember that wiping files with this method will
take much time, even on fast SCSI drives. This method is recommended for high level
security.
Top
More about secure delete files
Reasons for use
The common problem with sensitive data is that deleted files are not really deleted and
so may be recovered by interested parties. Most file systems only remove the link to data.
But even overwriting the disk with something else or formatting it does not guarantee that
the sensitive data is completely unrecoverable. To deal with this, there are programs that
write random data to the target regions on the disk many times over and over, so making
data recovery unlikely. And the most reliable way of destroying data is, of course,
destroying the physical media (e.g. incinerating it). File wiping is useful for
confidentiality, because files are not entirely deleted using the operating system's
default delete function. Typically, standard delete functions consist of marking the space
occupied by the file as free and updating file system metadata structures, leaving the
actual file contents intact on the physical medium. If the file system continues to be
used, eventually this space will be assigned to other files and overwritten. However, if
the file system has not been used intensively since the file was deleted, recovery or
forensic tools have a good likelihood of retrieving deleted data in part or in whole by
accessing the medium at low level. The "Recycle bin" in Microsoft Windows and
the "trash folder" in Mac OS move files to a temporary place where they are kept
until one is really low on free space. In MS-DOS the deleted files are not really deleted,
but only marked as deleted - so they could be undeleted by using undelete command. Some
research in the field of magnetic storage media has indicated that it is theoretically
possible to recover information from magnetic disks even after overwriting, using hardware
methods. File wiping with multiple overwrite passes was devised as an attempt to defeat
such methods.
How it works
File Wipe programs work not only by unlinking a file but also specifically overwriting
them with garbage data. For very high security reasons, overwriting the file several times
is advised. Many government institutions have specific protocols for file deletion. For
instance, the U.S. DoD specification 5220.22 standard says a file must be overwritten
three times. Some researchers believe that the U.S. DoD standard is weak, yet others
believe the standard was created for archaic MFM/RLL encoding, being written in 1995.
Wiping a file takes a considerably longer amount of time than just deleting it. Very large
files, typically over 100MB, can take a prohibitively long amount of time to remove.
Besides destroying file's contents, some file wiping software also makes an attempt to
ensure that, once wiping has been performed, no information about the file is left in the
file system's metadata, such as directory entries. FAT file system, for example, only
replaces the first character of the filename in the corresponding directory entry, when a
file is removed. This may be a problem if the user doesn't want to leave traces, such as
partial file name and, possibly, creation and modification dates on the physical medium.
The solution to this problem is to wipe deleted entries in the directory containing the
file after wiping the file itself.
Data remanence is
the residual physical representation of data that has been in some way erased. After
storage media is erased there may be some physical characteristics that allow data to be
reconstructed. As early as 1960 the problem caused by the retentive properties of computer
storage media was recognized. It was known that without the application of data removal
procedures, inadvertent disclosure of sensitive information was possible should the
storage media be released into an uncontrolled environment. Degaussing, overwriting, data
encryption, and media destruction are some of the methods that have been employed to
safeguard against disclosure of sensitive information. Over a period of time, certain
practices have been accepted for the clearing and purging of storage media.
Degaussing
Degaussing is a process whereby the magnetic media is erased. Degaussing requires a
degausser device that is designed and approved for the type of media being purged. The
U.S. General Services Administration maintains a list of approved degaussers. Degaussing
often renders hard drives inoperable. This can prevent computers from being recycled, say
for educational use. The sensitivity of the data stored on the computer and the
feasibility of software purging should be weighed before degaussing hard drives.
Top
2_thumb.jpg)
