• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 343
  • Last Modified:

Automatic, unattended deletion of data

Is anyone aware of a utility (preferably free) that will delete a file after a set amount of time?  Here's the scenario: I have a USB drive with sensitive information on it.  After a month, I would like to have the data wiped automatically (in case an unauthorized person has access to the drive), regardless of the computer it is plugged into.  I'm thinking that there might be some sort of portable app, or perhaps a way to turn the files into a self-executing file that "scrambles" the data after a set time....  Any suggestions would be appreciated.  Feel free to ask questions if anything is unclear.  Thanks for your help!
0
C_Sharp_Programmer
Asked:
C_Sharp_Programmer
  • 5
  • 5
  • 4
  • +2
1 Solution
 
zoofanCommented:
Maybe just a batch file/script setup with autorun of the drive to test the dates and delete if X days old.  Simple/Free/Effective.  Maybe not a total substitute solution but a thought for additional security assuming your running 2k or better check into the encrypted file system.  Http://www.microsoft.com/technet/security/prodtech/windows2000/w2kccadm/dataprot/w2kadm21.mspx


zf
0
 
zoofanCommented:
Use caution as this will delete files AFTER you uncomment the delete line! Up till then it will only create a message box for each file.

I commented the lines that you need to change for the number of days, as well as which lines to suppress the message boxes and which lines actually do the deleteing.  Also you can specify a static path where noted or leave it as it is and it will start at the directory level the script is run from, so place it where you need it basically.  It will scan all directory levels below its location and delete any file x days older then the number specified.
open notepad and copy/paste the code below, save it as filename.vbs
'======start copy here=========
Option Explicit
Dim Date1,Date2,Hour1,Hour2,objFSO,objStartFolder,objFolder
Dim objFile, colfiles, subfolder, daysold
Set objFSO = CreateObject("Scripting.FileSystemObject")

'Start at the root of the drive this script is located on.
objStartFolder = "."
Set objFolder = objFSO.GetFolder(objStartFolder)
Set colFiles = objFolder.Files
For Each objFile in colFiles
Date1=Now()
Date2=objFile.DateCreated
DaysOld = DateDiff("d", Date2 , Date1)
'If file creation date is more then 30 days ago delete it.
If daysold > 30 then
wscript.Echo objFile.name
'UNREMARK THIS LINE TO ACTUALLY DELETE THE FILE
'objFile.delete
end if
Next

ShowSubfolders objFSO.GetFolder(objStartFolder)
Sub ShowSubFolders(Folder)
    For Each Subfolder in Folder.SubFolders
        Set objFolder = objFSO.GetFolder(Subfolder.Path)
        Set colFiles = objFolder.Files
        For Each objFile in colFiles
           Date1=Now()
         Date2=objFile.DateCreated
         DaysOld = DateDiff("d", Date2 , Date1)
         'If file creation date is more then 30 days ago delete it.
         If daysold > 30 then
           wscript.Echo objFile.name
         'UNREMARK THIS LINE TO ACTUALLY DELETE THE FILE
         'objFile.delete
         end if
        Next
        ShowSubFolders Subfolder
    Next
End Sub
'======stop copy here=========

Now I guess just get it to autorun upon inserting the flash drive, but I really would reccomend just manually running yourself every few days instead.

hope it helps!  If you have trouble let me know,

zf



0
 
zoofanCommented:
Sorry I realized I pasted the code I hadnt finished commenting yet. this is it.

'======start copy here=========
Option Explicit
      Dim Date1, Date2, objFSO, objStartFolder, objFolder, objFile, colfiles, subfolder, daysold
      Set objFSO = CreateObject("Scripting.FileSystemObject")
      'Start at the root of the drive this script is located on.
      'Or change to the static path you want to execute the script at.
      objStartFolder = "."
      Set objFolder = objFSO.GetFolder(objStartFolder)
      Set colfiles = objFolder.Files
      Date1 = Now()
                  For Each objFile In colfiles
                  Date2 = objFile.DateCreated
                  daysold = DateDiff("d", Date2, Date1)
                  'If file creation date is more then 30 days ago delete it.
                  'Modify this to the age of file you need.
                        If daysold > 30 Then
                             'Comment this line to suppress message boxes
                              wscript.Echo objFile.Name
                              'UNREMARK THIS BELOW TO ACTUALLY DELETE THE FILE
                              'objFile.delete
                        End If
            Next
           
ShowSubFolders objFSO.GetFolder(objStartFolder)
      Sub ShowSubFolders(Folder)
            For Each subfolder In Folder.SubFolders
                  Set objFolder = objFSO.GetFolder(subfolder.Path)
                  Set colfiles = objFolder.Files
                        For Each objFile In colfiles
                                    Date1 = Now()
                                    Date2 = objFile.DateCreated
                                    daysold = DateDiff("d", Date2, Date1)
                                    'If file creation date is more then 30 days ago delete it.
                              If daysold > 30 Then
                                    'Comment this line to suppress message boxes
                                    wscript.Echo objFile.Name
                                    'UNREMARK LINE BELOW TO ACTUALLY DELETE THE FILE
                                    'objFile.delete
                              End If
                        Next
                  ShowSubFolders subfolder
            Next
      End Sub
'======stop copy here=========



zf
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
PowerITCommented:
Nice script from zf, but (yep, there's always a but) this will not help you if the destination computer has autorun disabled.
Something you see more and more with the security aware.
And the second 'but' (yep): a file deleted on an USB stick is just MARKED as deleted. There are a zillion of tools out there which can very easily recover a so called 'deleted' file.
And a third but (yep): what if the destination computer is a Mac, Linux or something more exotic? The script is a Windows script so will never run.
So since you don't have any control over the destination computer, you'll have no way of knowing if your data is safe.
The correct strategy here - as mentioned by zf - is to use encryption.
Some USB sticks have their own encryption tools, e.g. the Kingston Datatraveler II series. Disadvantages here is that you need to buy such USB sticks, and more important they have not been scrutinized by a security community against possible weaknesses and vulnerabilities. So you are not sure how effective they are.
A better way is using EFS on minimum XP. Don't use EFS on Windows 2000 if your data has to be very secure. EFS in Windows 2000 has flaws which make it easy to crack.
And I kept the best for last: use truecrypt to encrypt your USB stick. It's open source, secure and free. And there is even a 'portable' version for using with USB sticks without installing the whole application: http://www.truecrypt.org/

J.
0
 
TolomirAdministratorCommented:
Yes take truecrypt.

But partition your USB stick, into one small partition FAT32 for public stuff and one big "truecrypt" partition.

I did already format an USB strick, windows was claiming being unformated. Well of cause all data of the (truecrypt) parition was gone :-/

Tolomir
0
 
PowerITCommented:
Nice tip Tolomir. Plausible deniability also works for Windows ;-)

J.
0
 
servitinfoCommented:
I think the question is in reverse.  Having sensible data on a USB drive requires first of all protection. In the form of creating a container (encrypted) on the usb drive and then mount the drive this can be don automatic on insertion of the usb drive.

If you want a clientless solution (no extra software on computer) then you need something like a SafeBoot Phantom.

Deleting after a month isn't gonna solve the problem, what is you loose the usb stick in the mean time?

Regards, Eric
0
 
C_Sharp_ProgrammerAuthor Commented:
Hmm, those are good suggestion!  To clarify, the reason I want/wanted to get rid of the file is that each month it will be "updated", or superceded, by a newer version.  So, while the old version is not useful to myself anymore, the old file still contains sensative information.  So theoretically if I were to encrypt the file, it could still be cracked at some point (unless there is a sure way of making sure it isn't) (i.e. how long would it take to crack a file encrypted with Truecrypt via two random keyfiles?)....  Any other thoughts?  I do indeed like the suggestions to date!
0
 
PowerITCommented:
For the moment it's very simple: truecrypt uses only algoritms which are currently uncrackable within any reasonable amount of time with the current status of technology.
See the docs, encryption algorithms. http://www.truecrypt.org/docs/

J.
0
 
servitinfoCommented:
You can use truecript or other programs. These will mount a secure partition. I.e. your usb drive is F:  typically using such a program will mount a drive G: everything on G is secured. In reality drive G is file on the filesystem of F:
 
0
 
C_Sharp_ProgrammerAuthor Commented:
So, let me ask a question regarding truecrypt real quickly; is there any possible way to mount a true crypt file/volume twice at once? Here's the scenario: I have a hidden truecrypt volume, with a key file to open it in the normal truecrypt volume.  So, I mount my truecrypt "file" and have access to my key file.  Now I wan't to "remount" my volume as the hidden volume without copying the keyfile outside of the encrypted volume.  Is there any way to do this, or maybe a clever workaround I'm not thinking of :)  ?  Thanks so much for all of your help!
0
 
servitinfoCommented:
Well... in the mounting process you have to supply credentials...
0
 
C_Sharp_ProgrammerAuthor Commented:
Yes, but if I mount the outer volume, is there any way to mount the hidden volume without unmounting the outer one?
0
 
servitinfoCommented:
Why?  There's no security by obscurity....
0
 
C_Sharp_ProgrammerAuthor Commented:
Because it's basically needing a password to access a password.  Just an added level of security.
0
 
PowerITCommented:
Sorry, I don't get it. Can you explain a little more detailed what exactly you want to accomplish with this?
The question started of by an assumption of security by just deleting files.
After correcting this and getting the advice by me and confirmation by Tolomir - both gurus in this TA - to use a confirmed secure solution you are now switching to the oposite and wanting to secure the confirmed secure.
I'm guessing now, but I think you have doubts about password security. There is no need when you follow these rules:
- Make the password complex enough (default minimum 12 chars allow edby truecrypt, no dictionary words, combination of numbers, upper, lower and maybe special character). Or use a passphrase (max 64 chars for truecrypt). The longer the better, but:
- Make sure you can easily remember the password, so you don't have to write it down. Or put it in a secure safe, if someone else needs emergency access to it.
- Never share the password or write it down.
- Make sure that no-one can get the header before you set the first password.
- Truecrypt does not store the password itself. Never.

BTW, a dictionary attack or brute force attack on truecrypt is almost impossible because of the delay in hashing. It only allows for something like 10 password tries per second. Which is sloooow if you are trying billions of combinations ;-)

J.
0
 
servitinfoCommented:
If you want stronger security like 2 factor authentication (smartcard) then I would suggest to use vdisk from SafeBoot. The advantage is also that you can specify multiple users and also have a RSA keypair as recovery.
0
 
PowerITCommented:
FYI: truecrypt also allows for two factor authentication (keyfiles) and recovery mechanisms.

J.
0
 
TolomirAdministratorCommented:
Here are the details for truecrypt:

http://www.truecrypt.org/hiddenvolume.php

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

  • 5
  • 5
  • 4
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now