How to: securely wipe files, flash drives and mobile phones

A study last week revealed that huge numbers of mobile phones were being sold on with the previous owner's personal information still intact and readily available. As smartphones are being used to organise our entire lives and acting as a replacement for media players and digital cameras this is a huge security risk.

What's most surprising is that the phones they bought from eBay included SIM cards. This is baffling - never sell a used SIM, cut it up and throw it away.

However, that still leaves the internal memory, plus any removable memory cards, and these can hold anything. Photos, videos, phone numbers, messages, browser history, passwords...someone could get up to serious mischief with the data stored on all the used handsets floating about eBay.

And it's not only phones, memory cards from cameras, USB flash drives and computer hard disks are equally at risk. Students from MIT once did a similar study on hard disks and discovered a treasure trove of private files on used hard disks including 5,000 credit card numbers, medical records and, inevitably, loads of porn.

Deleting isn't enough 

When you delete a file on your computer (or phone) it doesn't actually remove the data, only the reference to it, so though it may not be visible through your operating system the information is still stored and can be easily recovered with any number of software tools.

(Dropping files into the Windows Recycle Bin or Mac OS Trash Can is not deleting, they're still stored and referenced by the OS which is why you can just restore the files with a click, at a bare minimum empty the Bin/Trash to delete otherwise just anybody could come along and peek at your private stuff. Alternatively, on Windows press Shift+Del to skip the Recycle Bin and delete immediately).

In order to completely erase a file it must be overwritten. If you wait long enough and use a storage medium often this will happen naturally when the drive uses the space to store something else, but with the large drives available today this could take a ridiculously long time and hoping that a private file has been overwritten by something else is not a viable security method if you're selling an old phone or computer, you've got to take a more proactive approach.

Securely deleting files in Windows

Luckily the above is not an issue so long as you take advantage of the numerous applications which offer secure deletion. These overwrite the files to make it harder - if not impossible - to recover.

As a Google search will reveal there are loads of tools which do this, some paid-for such as BCWipe or equally as capable freebies like the excellent Eraser, which is what I'll use here.

During installation Eraser adds a context menu option for instantly shredding files and if you're concerned about secure wiping you should get used to that instead of just hitting delete. Simply right-click, choose Erase then Erase. Effortless.

Also note the 'Erase on restart' option. This is for files which won't delete because they're in use, if a file gives you hassle, select that and reboot and it should be gone.

You can control what kind of wipe Eraser performs by opening the main application window via the Start menu and clicking Settings. The important option here is 'File erasure method'. 

Opening this drop-down menu presents an array of different wipe methods with official-sounding names like US Army AR380-19. Government agencies have their own guidelines for how sensitive files should be deleted and this supposedly wipes files in accordance with said directives.

Does Eraser conform to United States Department of Defense standards? I don't care, and neither should you, because a simple 1 pass erase is all that is required.

Why a 1 pass wipe is all you need

The number of passes is the number of times the data is overwritten. It used to be recommended that to properly wipe a file it had to be overwritten multiple times. However this has now been shown to be false. One pass is all that is required to effectively render data unrecoverable.

According to Wikipedia's Data Remanence article "an analysis by Wright et al. of recovery techniques, including magnetic force microscopy, also concludes that a single wipe is all that is required for modern drives". References are provided if you don't believe Wikipedia.

Magnetic force microscopy is where a drive is examined using an electron microscope to discern the previous state of a bit of memory, so they could see that '0' used to be a '1' and from there build up a readable file. It's time consuming, inaccurate and there isn't a single example of this being done on a modern hard drive.

If you're seriously worried about someone going to such lengths to recover files then you must be a spy, and if not I don't want to know what it is you're trying to hide. For everyone else, just select a one pass overwrite on Eraser or any other deletion tool because that is all it takes to prevent someone getting hold of your credit card number, email login or holiday photos.

Wipe entire hard drives

When selling on your PC you shouldn't just delete a few files then format the hard disk. Formatting alone is not secure and files can still be recovered for the reasons mentioned above. Thankfully securely wiping a whole drive is as easy as individual files, if somewhat time consuming.

Eraser can wipe whole drives, just right-click on them in My Computer and choose Erase. That's a quick and easy method for handling secondary drives but it's obviously not going to work if you try to wipe the hard disk running Windows.

This is where a tool like Darik's Boot and Nuke comes in. As implied by the name this runs at boot so does not need Windows or any other operating system to work, and carries out a complete erase of the hard disk.

All you have to do is download the .ISO file and burn it to a CD, then make sure the PC is set to boot from the CD drive (post in the comments if you get stuck here) and it'll run B&N when switched on. It too has a variety of wipe methods but Quick Erase is the standard 1 pass.

There is a secure erase function built in to hard drives which is faster and more comprehensive than Boot and Nuke and Eraser, but not quite as easy to use. Boffins at the University of San Diego have created a Secure Erase tool, though this is no longer supported or updated.

 Securely wiping flash drives, memory cards and phones   

Wiping a USB flash drive, memory card or phone would, you'd expect, be the same as wiping a hard drive. Just use one of the methods above, right? However, a recent report suggests that files stored on flash memory (and that includes USB drives, memory cards, solid state hard drives and mobile phone's internal memory) are unusually resilient to deletion methods and files could be easily recovered even after several overwrites.

There's a discussion on the Eraser forums about this same subject, the conclusion being that deleting the files, formatting the memory and then using Eraser's 'Erase unused space' command (right-click on the drive to get this) will be fairly effective. It cannot be guaranteed, but the complexity of recovering any usable files after this is well beyond the capabilities of anyone who isn't funded by a government agency and really desperate to see what you had on there.

I've tested this on an 512MB SD memory card and a USB flash drive and was unable to get anything off the drives after. Do note however that this should not be done too often to flash memory as it will shorten its lifespan.

The same method should work on mobile phones, though this will depend on whether you can access the phone memory as a drive through a computer, as some handsets will not allow it, though in general if it is possible to store pictures and other data on the memory there will be a way of accessing it through a computer.

Before selling a mobile phone always factory reset to wipe all user data and restore it to default settings - consult the manual if you're not certain how to do this - as well as wiping any internal or removable storage if possible.

The only guaranteed method for permanently destroying data

Destroying the storage medium is the one way to prevent anybody ever getting hold of the data. And while it's overkill for the average home user, this extreme method would still be worth considering if you're just selling an old PC and can't be bothered to go through the hassle of making sure everything is properly wiped. Sometimes it's just easier to sell without the hard disk or buy a new, safely blank, drive on the cheap.

Search YouTube and you'll find a variety of creative methods for physical destruction of a hard drive. If you're not wanting to risk burns and shrapnel wounds though, then just snap the CDs, smash the flash drive with a hammer or dismantle the hard disk and remove the storage platters. As a bonus, hard disk platters make nice drinks coasters.