Avatar of ZeeK
 asked on

Secure Deletion

Hi guys. What's is the most robust secure and speedy solution to security delete files from server hdd. Have tried "eraser" it's take ages. Suggest some free / open source option.
Microsoft Server OS

Avatar of undefined
Last Comment
fred hakim

8/22/2022 - Mon
Dave Baldwin

'secure delete' always takes time because it does many passes over the data to make sure it is gone.

Ok. Say. I want to securely delete all data from D drive. What if I delete all files then format the drive and then run eraser over it?
John Tsioumpris

You can overwrite with dummy files...take a look here and also this
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
Adam Brown

View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
fred hakim

You have no way to know what sectors are written when you just write a file except to totally fill the disk.  Apps request sectors to write, and they are provided from a pool of unused sectors.  When you delete a file, just the directory entry is deleted and its data sectors returned to the pool with all the data intact... until its selected for a write operation in the future.  File systems try to use  the oldest sectors first, so newly deleted sectors could remain intact for a long time and the corresponding files retrievable by many widely available recovery utilities.

Secure erase programs will write over the sectors before they return to the pool.  The number of times those sectors are written over is what takes the time.  Some tools give an option of how many times to write a sector.  One time is good enough to prevent commonly available file recovery software from getting any data.  However more expensive devices can still extract the residual magnetic imprints.  Hence the need to rewrite many times using different bit patterns.  

If you are not concerned about law enforcement, industrial espionage or someone sophisticated intent on extracting the data, then one pass of 0s and one pass of 1s should prevent most theft attempts.   If you want to hide them from the IRS, Police, business espionage folks etc.  Then the department of defense or NSA levels of rewrite are fine.  The ultimate is a rotating 32 bit that takes a long time and over 32 passes.  

CCleaner for example includes a free space / drive wiper that has 4 levels:  Simple 1 pass, Dept of Defense 3 pass,  NSA 7 pass and a gutman 35 pass option (takes a long time).   however it only wipes the current free space pool or entire logical drives.  

This site compares some of the leading file shredding software.   These can shred file or directories and most have options for the number of passes.