?
Solved

Automatic, unattended deletion of data

Posted on 2007-07-24
20
Medium Priority
?
340 Views
Last Modified: 2010-04-11
Is anyone aware of a utility (preferably free) that will delete a file after a set amount of time?  Here's the scenario: I have a USB drive with sensitive information on it.  After a month, I would like to have the data wiped automatically (in case an unauthorized person has access to the drive), regardless of the computer it is plugged into.  I'm thinking that there might be some sort of portable app, or perhaps a way to turn the files into a self-executing file that "scrambles" the data after a set time....  Any suggestions would be appreciated.  Feel free to ask questions if anything is unclear.  Thanks for your help!
0
Comment
Question by:C_Sharp_Programmer
  • 5
  • 5
  • 4
  • +2
19 Comments
 
LVL 12

Expert Comment

by:zoofan
ID: 19562658
Maybe just a batch file/script setup with autorun of the drive to test the dates and delete if X days old.  Simple/Free/Effective.  Maybe not a total substitute solution but a thought for additional security assuming your running 2k or better check into the encrypted file system.  Http://www.microsoft.com/technet/security/prodtech/windows2000/w2kccadm/dataprot/w2kadm21.mspx


zf
0
 
LVL 12

Expert Comment

by:zoofan
ID: 19562823
Use caution as this will delete files AFTER you uncomment the delete line! Up till then it will only create a message box for each file.

I commented the lines that you need to change for the number of days, as well as which lines to suppress the message boxes and which lines actually do the deleteing.  Also you can specify a static path where noted or leave it as it is and it will start at the directory level the script is run from, so place it where you need it basically.  It will scan all directory levels below its location and delete any file x days older then the number specified.
open notepad and copy/paste the code below, save it as filename.vbs
'======start copy here=========
Option Explicit
Dim Date1,Date2,Hour1,Hour2,objFSO,objStartFolder,objFolder
Dim objFile, colfiles, subfolder, daysold
Set objFSO = CreateObject("Scripting.FileSystemObject")

'Start at the root of the drive this script is located on.
objStartFolder = "."
Set objFolder = objFSO.GetFolder(objStartFolder)
Set colFiles = objFolder.Files
For Each objFile in colFiles
Date1=Now()
Date2=objFile.DateCreated
DaysOld = DateDiff("d", Date2 , Date1)
'If file creation date is more then 30 days ago delete it.
If daysold > 30 then
wscript.Echo objFile.name
'UNREMARK THIS LINE TO ACTUALLY DELETE THE FILE
'objFile.delete
end if
Next

ShowSubfolders objFSO.GetFolder(objStartFolder)
Sub ShowSubFolders(Folder)
    For Each Subfolder in Folder.SubFolders
        Set objFolder = objFSO.GetFolder(Subfolder.Path)
        Set colFiles = objFolder.Files
        For Each objFile in colFiles
           Date1=Now()
         Date2=objFile.DateCreated
         DaysOld = DateDiff("d", Date2 , Date1)
         'If file creation date is more then 30 days ago delete it.
         If daysold > 30 then
           wscript.Echo objFile.name
         'UNREMARK THIS LINE TO ACTUALLY DELETE THE FILE
         'objFile.delete
         end if
        Next
        ShowSubFolders Subfolder
    Next
End Sub
'======stop copy here=========

Now I guess just get it to autorun upon inserting the flash drive, but I really would reccomend just manually running yourself every few days instead.

hope it helps!  If you have trouble let me know,

zf



0
 
LVL 12

Expert Comment

by:zoofan
ID: 19562850
Sorry I realized I pasted the code I hadnt finished commenting yet. this is it.

'======start copy here=========
Option Explicit
      Dim Date1, Date2, objFSO, objStartFolder, objFolder, objFile, colfiles, subfolder, daysold
      Set objFSO = CreateObject("Scripting.FileSystemObject")
      'Start at the root of the drive this script is located on.
      'Or change to the static path you want to execute the script at.
      objStartFolder = "."
      Set objFolder = objFSO.GetFolder(objStartFolder)
      Set colfiles = objFolder.Files
      Date1 = Now()
                  For Each objFile In colfiles
                  Date2 = objFile.DateCreated
                  daysold = DateDiff("d", Date2, Date1)
                  'If file creation date is more then 30 days ago delete it.
                  'Modify this to the age of file you need.
                        If daysold > 30 Then
                             'Comment this line to suppress message boxes
                              wscript.Echo objFile.Name
                              'UNREMARK THIS BELOW TO ACTUALLY DELETE THE FILE
                              'objFile.delete
                        End If
            Next
           
ShowSubFolders objFSO.GetFolder(objStartFolder)
      Sub ShowSubFolders(Folder)
            For Each subfolder In Folder.SubFolders
                  Set objFolder = objFSO.GetFolder(subfolder.Path)
                  Set colfiles = objFolder.Files
                        For Each objFile In colfiles
                                    Date1 = Now()
                                    Date2 = objFile.DateCreated
                                    daysold = DateDiff("d", Date2, Date1)
                                    'If file creation date is more then 30 days ago delete it.
                              If daysold > 30 Then
                                    'Comment this line to suppress message boxes
                                    wscript.Echo objFile.Name
                                    'UNREMARK LINE BELOW TO ACTUALLY DELETE THE FILE
                                    'objFile.delete
                              End If
                        Next
                  ShowSubFolders subfolder
            Next
      End Sub
'======stop copy here=========



zf
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
LVL 18

Accepted Solution

by:
PowerIT earned 2000 total points
ID: 19563199
Nice script from zf, but (yep, there's always a but) this will not help you if the destination computer has autorun disabled.
Something you see more and more with the security aware.
And the second 'but' (yep): a file deleted on an USB stick is just MARKED as deleted. There are a zillion of tools out there which can very easily recover a so called 'deleted' file.
And a third but (yep): what if the destination computer is a Mac, Linux or something more exotic? The script is a Windows script so will never run.
So since you don't have any control over the destination computer, you'll have no way of knowing if your data is safe.
The correct strategy here - as mentioned by zf - is to use encryption.
Some USB sticks have their own encryption tools, e.g. the Kingston Datatraveler II series. Disadvantages here is that you need to buy such USB sticks, and more important they have not been scrutinized by a security community against possible weaknesses and vulnerabilities. So you are not sure how effective they are.
A better way is using EFS on minimum XP. Don't use EFS on Windows 2000 if your data has to be very secure. EFS in Windows 2000 has flaws which make it easy to crack.
And I kept the best for last: use truecrypt to encrypt your USB stick. It's open source, secure and free. And there is even a 'portable' version for using with USB sticks without installing the whole application: http://www.truecrypt.org/

J.
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 19563797
Yes take truecrypt.

But partition your USB stick, into one small partition FAT32 for public stuff and one big "truecrypt" partition.

I did already format an USB strick, windows was claiming being unformated. Well of cause all data of the (truecrypt) parition was gone :-/

Tolomir
0
 
LVL 18

Expert Comment

by:PowerIT
ID: 19563823
Nice tip Tolomir. Plausible deniability also works for Windows ;-)

J.
0
 
LVL 1

Expert Comment

by:servitinfo
ID: 19564110
I think the question is in reverse.  Having sensible data on a USB drive requires first of all protection. In the form of creating a container (encrypted) on the usb drive and then mount the drive this can be don automatic on insertion of the usb drive.

If you want a clientless solution (no extra software on computer) then you need something like a SafeBoot Phantom.

Deleting after a month isn't gonna solve the problem, what is you loose the usb stick in the mean time?

Regards, Eric
0
 
LVL 4

Author Comment

by:C_Sharp_Programmer
ID: 19569677
Hmm, those are good suggestion!  To clarify, the reason I want/wanted to get rid of the file is that each month it will be "updated", or superceded, by a newer version.  So, while the old version is not useful to myself anymore, the old file still contains sensative information.  So theoretically if I were to encrypt the file, it could still be cracked at some point (unless there is a sure way of making sure it isn't) (i.e. how long would it take to crack a file encrypted with Truecrypt via two random keyfiles?)....  Any other thoughts?  I do indeed like the suggestions to date!
0
 
LVL 18

Expert Comment

by:PowerIT
ID: 19569768
For the moment it's very simple: truecrypt uses only algoritms which are currently uncrackable within any reasonable amount of time with the current status of technology.
See the docs, encryption algorithms. http://www.truecrypt.org/docs/

J.
0
 
LVL 1

Expert Comment

by:servitinfo
ID: 19572370
You can use truecript or other programs. These will mount a secure partition. I.e. your usb drive is F:  typically using such a program will mount a drive G: everything on G is secured. In reality drive G is file on the filesystem of F:
 
0
 
LVL 4

Author Comment

by:C_Sharp_Programmer
ID: 19576869
So, let me ask a question regarding truecrypt real quickly; is there any possible way to mount a true crypt file/volume twice at once? Here's the scenario: I have a hidden truecrypt volume, with a key file to open it in the normal truecrypt volume.  So, I mount my truecrypt "file" and have access to my key file.  Now I wan't to "remount" my volume as the hidden volume without copying the keyfile outside of the encrypted volume.  Is there any way to do this, or maybe a clever workaround I'm not thinking of :)  ?  Thanks so much for all of your help!
0
 
LVL 1

Expert Comment

by:servitinfo
ID: 19576886
Well... in the mounting process you have to supply credentials...
0
 
LVL 4

Author Comment

by:C_Sharp_Programmer
ID: 19578968
Yes, but if I mount the outer volume, is there any way to mount the hidden volume without unmounting the outer one?
0
 
LVL 1

Expert Comment

by:servitinfo
ID: 19578976
Why?  There's no security by obscurity....
0
 
LVL 4

Author Comment

by:C_Sharp_Programmer
ID: 19579100
Because it's basically needing a password to access a password.  Just an added level of security.
0
 
LVL 18

Expert Comment

by:PowerIT
ID: 19580705
Sorry, I don't get it. Can you explain a little more detailed what exactly you want to accomplish with this?
The question started of by an assumption of security by just deleting files.
After correcting this and getting the advice by me and confirmation by Tolomir - both gurus in this TA - to use a confirmed secure solution you are now switching to the oposite and wanting to secure the confirmed secure.
I'm guessing now, but I think you have doubts about password security. There is no need when you follow these rules:
- Make the password complex enough (default minimum 12 chars allow edby truecrypt, no dictionary words, combination of numbers, upper, lower and maybe special character). Or use a passphrase (max 64 chars for truecrypt). The longer the better, but:
- Make sure you can easily remember the password, so you don't have to write it down. Or put it in a secure safe, if someone else needs emergency access to it.
- Never share the password or write it down.
- Make sure that no-one can get the header before you set the first password.
- Truecrypt does not store the password itself. Never.

BTW, a dictionary attack or brute force attack on truecrypt is almost impossible because of the delay in hashing. It only allows for something like 10 password tries per second. Which is sloooow if you are trying billions of combinations ;-)

J.
0
 
LVL 1

Expert Comment

by:servitinfo
ID: 19580714
If you want stronger security like 2 factor authentication (smartcard) then I would suggest to use vdisk from SafeBoot. The advantage is also that you can specify multiple users and also have a RSA keypair as recovery.
0
 
LVL 18

Expert Comment

by:PowerIT
ID: 19580740
FYI: truecrypt also allows for two factor authentication (keyfiles) and recovery mechanisms.

J.
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 19581343
Here are the details for truecrypt:

http://www.truecrypt.org/hiddenvolume.php

0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s a season to be thankful, and we’re thankful for users like you who engage on site, solve technology problems, and network with others in the industry. What tech are we most thankful for? Keep reading.
Your business may be under attack from a silent enemy that is hard to detect. It works stealthily in the shadows to access and exploit your critical business information, sensitive confidential data and intellectual property, for commercial gain. T…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question