• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1292
  • Last Modified:

Secure destruction/deletion of data on a USB memory stick

Hi,

Any one know how to prevent recovery of deleted files from a USB memory stick, either while in situ (format/overwrite type options) or external from the PC (degaussed).

Additional 50 points pointing from storage.

Thanks
0
MandyC
Asked:
MandyC
  • 2
  • 2
  • 2
  • +3
5 Solutions
 
CaseybeaCommented:
A USB memory stick is typically formatted using the FAT file system; therefore, any tools that work on typical FAT media (floppies, hard drives) in windows will work here as well.

The concept is simple; you need to OVERWRITE the existing data and free space with zeros and ones; multiple times.   This prevents disk recovery tools from recovering so-called "deleted" files.    There are multiple ways and multiple algorithms to accomplish this.

HERE are some tools that are FREE that should work fine:

http://www.thefreecountry.com/security/securedelete.shtml

0
 
Jimoc2kCommented:
If you just want a quick and dirty solution and the device is small enough then just completely fill the device with windows system files or some other non sensitive data like music files etc.
Then format the device.
If you have information on it that you want to keep then don't format the device but just fill it up, delete the rubbish and defragment the drive.
I have found defragmenting usually works since AFAIK once you defragment it screws up the allocation tables for deleted data.
0
 
cwalter9Commented:
We perform a few steps to make sure our memory sticks are totally clean between uses and when they need cleaned. We just wrote a short batch job that is called usbclean.bat and basically it determines the size of the memory stick and then copies an appropriate size file to the stick, erases the stick and repeats 2 more times for a total of 3.

In short if you want to clean a 128MB stick just create a 128MB word file or any kind of file really of just junk. Copy it to the stick delete, copy to stick delete copy to stick and delete. You can also have different files you use or whatever but basically to clean it just write-wipe-write-wipe-write-wipe to make it clean.
0
Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

 
burrcmCommented:
BCWipe from http://www.jetico.com/ is very slick. Trashes freespace including slackspace within used blocks, so you can leave required files on the drive, and everything else is cleaned.

Chris B
0
 
MandyCAuthor Commented:
Thanks for all of these, any ideas on a mass non connected method similar to magnetic destruction for floppies.

Thanks
0
 
CaseybeaCommented:
Due to the fact that a USB stick actually has electronics in it, you won't have the option of an external mass-erase like a "magnetic eraser" that is typically used for tapes/floppies.    You would end up toasting the stick and it would be permanently unuseable.
0
 
Ron MalmsteadInformation Services ManagerCommented:
just delete the files....i use my stick all day...and if i delete a file...trust me...you can't get it back.  Solid state memory leaves no signature readable by electron microscope....The electron microscope method is used by the FBI to recover a formatted hdd or floppy disk.  A signature from the earased bits are visible and a very tidious process of converting them back into readable data results in a rebuild of the drive which is possible only with sophisticated equipment, not reasonable for your average hacker to attempt...this is not something to worry about with a usb memory stick.  Especially if your data isn't worth $$.
0
 
cwalter9Commented:
The reason to overwrite the the area with something else is not because of a microscope or anything. When you delete a file on a memory stick or hdd you don't actually delete anything except the reference to the file in the file allocation table. In order to really delete the file you need to zero out or modify the existing data that the file allocation link pointed to before the deletion. Thus by copying a file over the saem area few times you are ensuring that what you deleted can not remain or leave remnants since you have since reused the same area of disk with new data thus overwriting or totally removing the old data.

When you format a disk sometimes the format does nothing more than wipe out the file allocation table and build a new blank table. Notice I never said that it erased the data on the disk! All of the data remains in place and overwritten as needed by new files placed on the disk. If you were to ignore the allocation table and read the disk raw then you will find most if not all of the data that was on the disk before the format, of course minus any new files or modified sections of disk.
0
 
MandyCAuthor Commented:
Thanks for all this, I'll increase the points in this question and PAQ with split points then close/delete the question from the storage area. (Points there taken into acount by the increased points but saves you haveing to post else where)

M
0

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

  • 2
  • 2
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now