Solved

Shred (Secure Delete) a file in NTFS

Posted on 2011-03-07
9
856 Views
Last Modified: 2012-05-11
I need a secure way to delete a file.
I've gone through the standard procedure of overwriting 6 times with 0 and 255 bytes and then with random data, but when I scan the disk, I see a copy of the information is there.
I've used:

  public static void secureDelete(File file, byte[] b) throws IOException {
    if (file.exists()) {
      long length = file.length();
      SecureRandom random = new SecureRandom();
      RandomAccessFile raf = new RandomAccessFile(file, "rws");
      raf.seek(0);
      raf.getFilePointer();
      byte[] data = new byte[50];
      int pos = 0;
      while (pos < length) {
        random.nextBytes(data);
        raf.write(data);
        pos += data.length;
      }
      raf.close();
      file.delete();
    }
  }

using as 'b' zeros, 255 and random numbers.
It works for FAT but not for NTFS
0
Comment
Question by:RNMisrahi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
9 Comments
 
LVL 92

Accepted Solution

by:
objects earned 300 total points
ID: 35061433
0
 
LVL 11

Assisted Solution

by:lenordiste
lenordiste earned 200 total points
ID: 35061561
Your code is rewriting random data inside a file making the assumption that the OS will actually write the data in place where the file is located. It probably works for some "old" file systems like FAT32 but it sure won't work for NTFS. I don't think this can be achieved without wiping the whole drive.
0
 

Author Comment

by:RNMisrahi
ID: 35061604
If it is true that on an NTFS Secure Delete is impossible (and you guys may be right), how come there are some applications that do that? I mean, they don't wipe all the empty space. So how do they do that? Or is it that there is no guarantee that they do work?
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 92

Expert Comment

by:objects
ID: 35061684
> I mean, they don't wipe all the empty space.

do you know that for a fact?
Native applications can operate at a much lower level than Java can
0
 

Author Comment

by:RNMisrahi
ID: 35061736
I'm ready to accept the fact that it is impossible to guarantee secure deleting on an NTFS, but I cannot imagine these utilities wiping all the empty space on a 1 TB disk in a few seconds. I have a 360GB disk, over half of it is free and when they delete (as far as I can see so far), the info is not there anymore. When I use an app such as HxD to scan the surface for a specific string, it is not there anymore. The HxD app takes hours to scan the whole disk.

But if Java cannot do this, can this be done with C# or Delphi?

0
 
LVL 11

Expert Comment

by:lenordiste
ID: 35061759
there's either no guarantee that they do work or they are written using a low level language
0
 

Author Closing Comment

by:RNMisrahi
ID: 35061842
Good to know what can and cannot be done.
0
 
LVL 11

Expert Comment

by:lenordiste
ID: 35061845
look at the comment from theUnhandledException (one of the last comments) since it's spot on about your problem:
http://stackoverflow.com/questions/4147775/securely-deleting-a-file-in-c-net

as he advises, the solution may be to reconsider the problem and encrypt the files you are writing to disk with a dynamic encryption key.
0
 
LVL 11

Expert Comment

by:lenordiste
ID: 35061856
I've never workd with Delphi, but I know for sure this cannot be achieved in Java or C#.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Blackberry and SMS logging 5 34
Samsung dvr sdr-5102n2t not working 7 54
array not updating 8 41
Utility to Scan for Unauthorized Access 4 25
Ransomware is a malware that is again in the list of security  concerns. Not only for companies, but also for Government security and  even at personal use. IT departments should be aware and have the right  knowledge to how to fight it.
Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
Viewers will learn about arithmetic and Boolean expressions in Java and the logical operators used to create Boolean expressions. We will cover the symbols used for arithmetic expressions and define each logical operator and how to use them in Boole…
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …
Suggested Courses

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question