Time and again, cases are reported in which disposed hard drives still contained readable, confidential data. With a few Windows commands and the right tools, this won’t happen to you.
When an SSD, hard drive, or old notebook is sold, people usually delete their personal files beforehand. However, many users do not realize that the hard drive often still contains information that is of great interest to curious people or criminals, for example:
- The browser history can allow conclusions to be drawn about surfing behavior and bank details.
- Stored email traffic reveals details of business transactions and provides information on subscribed streaming services and times when no one is at home.
- FTP tools such as Filezilla offer to save access data so that the user does not have to enter it again and again, thus opening up access to FTP servers of companies and organizations.
- Browsers open the way to accounts and services of all kinds via their password managers.
IDG
Complete erasure of the hard drive required
Windows and applications hide your personal data in numerous places in the file system and in databases such as the registry, where it is almost impossible to find. It is therefore advisable to completely erase the drive before you hand it over. How you proceed depends on the type of storage medium.
In the private sector, practically every computer today contains an SSD. The drives are many times faster than hard disks and they are robust. With SSDs, it is very difficult and often even impossible to recover deleted files.
This is easier with mechanical hard drives, but they are almost only found in NAS devices and in company storage systems, where high capacities and lower acquisition costs are more important than speed.
USB sticks and external hard drives, on the other hand, obey completely different rules to internal models. Let’s start with the internal SSDs first.
Deleting data partitions on solid state drive
Foundry
The first step is to delete the data partition(s), if present, i.e. drive D:, E:, F: and the like.
This can be easily done by formatting with the disk management: Right-click on the Start icon in the taskbar, go to “Disk Management.” Alternatively, you can also use
diskmgmt
in the search field of the taskbar. Right-click on the partition you want to delete and go to “Format.”
In the following dialog window, delete the tick in front of “Perform quick format” — this will actually remove the files from the drive and not just their entries in the Master File Table (MFT). Then start the process by clicking “OK.”
Deleting the system partition with a boot CD or stick
Deleting the system partition, i.e. the C: drive, is a little more complicated. As Windows is installed on this drive and cannot delete itself, you need a bootable installation medium from which to carry out the deletion process.
If you have a Windows DVD, use it to boot your computer. If you do not have a DVD, you will need a bootable USB stick for the process.
Foundry
The easiest way to create such a stick is with the Media Creation Tool, which is available free of charge from Microsoft. After you have agreed to the license terms, click on “Next,” and specify under “Select medium to be used” that you would like to create a USB stick.
A stick with a capacity of at least 8GB is required. Insert the stick and click on “Update drives” if necessary. After clicking on “Next,” the Media Creation Tool deletes the existing files on the stick and populates it with the Windows installation files.
The finished stick is bootable. Start your computer with it and click on “Next > Install now” when the country settings appear. Click on “I don’t have a product key” and select one of the Windows versions offered.
Tick the box next to the license agreement, click “Next,” and select “Custom: Install Windows only.” Then select the system drive — you can recognize it by the name you have given the partition — and click on “Delete.”
You can then cancel the installation by closing the window. The SSD is now completely empty, drive C: no longer exists and is listed as unallocated storage space.
With an SSD, it is also virtually impossible to restore the data previously saved there. This is primarily due to the Trim function (see next section).
Making SSDs and hard disks unusable
If you’d rather not pass along an SSD or hard drive to another person, you can simply destroy both mechanically. This will ensure that no-one can read the data contained on them.
First remove the drive from the computer. This also works with most notebooks. They have a cover secured with a screw on the underside, behind which you will find the SSD. Normally, the data carrier is only plugged in.
To make the hard drive or SSD unreadable, either take a drill and drill a hole in it vertically. Or you can hammer a strong nail through the housing. Caution: Risk of injury! One hole is enough to damage the drive to such an extent that it is practically impossible to recover the data.
Secure deletion thanks to the Trim command
The Trim command ensures that SSDs are written to evenly, thus extending the service life of the drive. The command is now supported by practically all SSD drives for the SATA interface.
It has been included in Windows since version 7 and is active by default. Normally, you do not need to do anything else, the Trim function runs automatically in the background. If you delete data from an SSD, Trim informs the drive that these storage areas are no longer being used.
The next time the computer switches to idle mode, the drive’s Active Garbage Collection ensures that all areas marked by Trim as no longer valid are released for deletion.
Permanently remove data from hard drives
The situation is somewhat different with hard drives. They do not have a Trim command, so the data can still be recovered after deletion and even after formatting with some effort. Here too, however, there are ways and means of making the data permanently unreadable.
For data partitions, you can use tools such as Ascomp Secure Eraser. This will not only delete the files the drive contains, but also overwrite it with random data.
With Secure Eraser, click on “Securely erase hard drive/partition” on the start screen, select the drive in the following window, and click on the downward-pointing arrow next to the “Start erasure process” button.
This opens a drop-down menu in which several methods for overwriting with data are available. A single overwrite is sufficient to make the files unreadable, so select the “Low” or “Normal” setting. Then click on “Start deletion” to begin the deletion process.
ASCOMP
You have to proceed differently with a system partition. As Windows cannot delete itself, you need a live system with which you can boot your computer from a CD/DVD or USB stick.
You can then delete the data on C: from there. In contrast to an SSD, it is necessary to overwrite the deleted memory areas with new data afterwards so that the original content can no longer be reconstructed.
The freeware Darik’s Boot and Nuke, DBAN for short, has proven itself for this purpose. First download the ISO file. Then connect a USB stick to your PC. It does not need to be large; the tool only requires around 16MB of space.
Download and install the Rufus freeware and enter the DBAN ISO file in the “Startup type” field. Then let Rufus create a bootable USB stick and start your PC from this drive.
IDG
Darik’s Boot and Nuke is based on a stripped-down Linux system without a graphical user interface. After starting, you can use the command
autonuke
to automatically delete and overwrite all data on your hard drive. Alternatively, you can select the desired options by pressing the Enter key.
Securely erase USB drives
Although USB sticks and hard drives are closely related to SSDs, they do not support the Trim command. You should therefore also format the stored files after deleting them.
The aforementioned Ascomp Secure Eraser software can only erase and overwrite hard drives and SSDs. The freeware Disk Wipe is suitable for USB drives.
Open the program, select the drive, and click on “Wipe Disk.” In the first window, the wizard will ask you for the desired file system. Normally NTFS is the best choice. After clicking on “Next,” select how the data should be overwritten. Here, “One Pass Zeros” or “One Pass Random” is sufficient.
In both settings, Disk Wipe performs an overwrite process for the data. Click on “Next,” type erase all in the input field, click on “Finish,” and confirm the erasure process. The program will then first format the drive and then start overwriting the individual memory cells.
Deleting data on NAS devices
NAS devices contain several hard disks or SSDs, which they format with a Linux file system. For secure deletion processes, you should therefore use the commands of the NAS operating system.
Both Synology and Qnap devices are capable of securely deleting data. With Synology, open the “Storage Manager” in the main menu and select “HDD/SSD.” Select the drive you want to edit and click on “Action > Secure Erase.” You will probably need to remove the drive from the storage pool first.
For a Qnap model, open the Control Panel and then go to “System -> Backup/Restore > Reset to factory settings.” Then click on “Restore factory settings & format all volumes.”
Alternatively, you can also remove the hard drives/SSDs from the NAS enclosures, install them in your Windows PC, format them with NTFS, and then overwrite them as shown in the article.
This article originally appeared on our sister publication PC-WELT and was translated and localized from German.