?
Solved

Shred (Secure Delete) a file in NTFS

Posted on 2011-03-07
9
Medium Priority
?
918 Views
Last Modified: 2012-05-11
I need a secure way to delete a file.
I've gone through the standard procedure of overwriting 6 times with 0 and 255 bytes and then with random data, but when I scan the disk, I see a copy of the information is there.
I've used:

  public static void secureDelete(File file, byte[] b) throws IOException {
    if (file.exists()) {
      long length = file.length();
      SecureRandom random = new SecureRandom();
      RandomAccessFile raf = new RandomAccessFile(file, "rws");
      raf.seek(0);
      raf.getFilePointer();
      byte[] data = new byte[50];
      int pos = 0;
      while (pos < length) {
        random.nextBytes(data);
        raf.write(data);
        pos += data.length;
      }
      raf.close();
      file.delete();
    }
  }

using as 'b' zeros, 255 and random numbers.
It works for FAT but not for NTFS
0
Comment
Question by:RNMisrahi
  • 4
  • 3
  • 2
9 Comments
 
LVL 92

Accepted Solution

by:
objects earned 1200 total points
ID: 35061433
0
 
LVL 11

Assisted Solution

by:lenordiste
lenordiste earned 800 total points
ID: 35061561
Your code is rewriting random data inside a file making the assumption that the OS will actually write the data in place where the file is located. It probably works for some "old" file systems like FAT32 but it sure won't work for NTFS. I don't think this can be achieved without wiping the whole drive.
0
 

Author Comment

by:RNMisrahi
ID: 35061604
If it is true that on an NTFS Secure Delete is impossible (and you guys may be right), how come there are some applications that do that? I mean, they don't wipe all the empty space. So how do they do that? Or is it that there is no guarantee that they do work?
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 
LVL 92

Expert Comment

by:objects
ID: 35061684
> I mean, they don't wipe all the empty space.

do you know that for a fact?
Native applications can operate at a much lower level than Java can
0
 

Author Comment

by:RNMisrahi
ID: 35061736
I'm ready to accept the fact that it is impossible to guarantee secure deleting on an NTFS, but I cannot imagine these utilities wiping all the empty space on a 1 TB disk in a few seconds. I have a 360GB disk, over half of it is free and when they delete (as far as I can see so far), the info is not there anymore. When I use an app such as HxD to scan the surface for a specific string, it is not there anymore. The HxD app takes hours to scan the whole disk.

But if Java cannot do this, can this be done with C# or Delphi?

0
 
LVL 11

Expert Comment

by:lenordiste
ID: 35061759
there's either no guarantee that they do work or they are written using a low level language
0
 

Author Closing Comment

by:RNMisrahi
ID: 35061842
Good to know what can and cannot be done.
0
 
LVL 11

Expert Comment

by:lenordiste
ID: 35061845
look at the comment from theUnhandledException (one of the last comments) since it's spot on about your problem:
http://stackoverflow.com/questions/4147775/securely-deleting-a-file-in-c-net

as he advises, the solution may be to reconsider the problem and encrypt the files you are writing to disk with a dynamic encryption key.
0
 
LVL 11

Expert Comment

by:lenordiste
ID: 35061856
I've never workd with Delphi, but I know for sure this cannot be achieved in Java or C#.
0

Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Considering today’s continual security threats, which affect Information technology networks and systems worldwide, it is very important to practice basic security awareness. A normal system user can secure himself or herself by following these simp…
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question