Securely deleting flash mediaPosted: Updated:
How can I securely erase the data from a flash drive or camera card? - Morris
As you seem to be aware, erasing electronically stored data in a manner that makes it unrecoverable requires much more than simply using the delete function on your computer.
Most folks understand that moving files to the Recycle Bin or Trash simply moves the file, but does not delete it which allows you to easily restore a file later. What most folks don't understand is that when you delete the files from the Recycle Bin or Trash, they still exist.
The delete function on most operating systems simply removes the 'file pointer' and marks the file as 'ok to overwrite' but leaves the actual file intact. Think of it as erasing the entry in the table of contents of a book but not actually tearing the page out; the reference to the info is gone, but not the actual info.
This quick and dirty process of 'deleting' is incorporated for performance reasons. If the computer actually removed the file and scrubbed the area clean, it would take far too long.
The assumption is that the majority of what you delete isn't that sensitive, therefore the tradeoff between security and performance is worth it.
To securely erase a file requires that the space occupied by the file be overwritten multiple times. At the very least, it needs to be overwritten at some level so that a simple 'undelete' utility can't bring it back to life with the click of a mouse.
It's also assumed that over time, regular use of the computer (adding programs, saving new files, defragmenting, etc.) will slowly cover the tracks of the files that were marked for deletion.
The reality is this is a very random process; our data recovery and data forensics labs recover data every day that was thought to have been deleted long ago, so if it's important, you need to do more.
If you really want to make sure that no one can ever gain access to the files without an extraordinary effort, you will need to use a special utility designed to repeatedly overwrite the entire device.
There are many utilities designed to do this for traditional magnetic hard drives but most of them don't work properly with flash media such as that found in USB drives, camera cards, hybrid or solid state drives.
For those types of media you can use a free utility from Roadkil called Disk Wipe.
WARNING: The results of using this utility are irreversible and will remove ALL data on a device. It should be used with extreme caution!
Disk Wipe gives you the option to wipe the device and leave it blank or overwrite it with random data and it allows you to choose how many passes you want to make.
The more passes you make, the more secure the deletion. Department of Defense protocols often call for 100 passes, but you should be just fine with 20-30 (unless you are a double agent or international spy).
This utility is for Windows only and does require you to be an administrator on the computer that you are running it on or you won't be given access to the wipe anything.
If you aren't sure you are setup as an administrator, you can right-click on the diskwipe.exe file and tell Windows (Vista or 7) to 'Run as administrator'. If you are asked for a password and your password doesn't work, you will know that you don't have administrator rights and need to contact whoever setup the computer.
Ken Colburn, President
Data Doctors Computer Services
Data Doctors Data Recovery Labs
Data Doctors Franchise Systems, Inc.
Host of the award-winning Data Doctors Radio Program
Follow me on Twitter: www.twitter.com/TheDataDoc
Real-time updates & threat warnings via our Facebook Fan Page: www.facebook.com/DataDoctors