Data recovery and destruction are two sides of the same coin. To know when and how you can regain information, you need to understand how it can be destroyed forever. And in some situations it is simply necessary: \u200b\u200bfor example, the destruction of corporate information when disposing of equipment, the destruction of your personal data when transferring the disk to friends or for sale, or maybe you want to delete the history of correspondence with your mistress once and for all;) It is believed that the best specialists Data recovery teams work in special services, so we formulated the question in this way: how to erase information from a disk so that neither cops from department “K”, nor Q from James Bond, nor sales recover it e our StoreLab experts.
Software data destruction
If you still want to use the hard drive after data destruction, and don’t go anywhere, then you should look away software methods delete data.Full rewriting of a disk
There are many algorithms for erasing data through a complete disk rewrite. But they all come down to N-fold formatting and writing binary units, zeros and pseudo-random numbers to it. Since the speed of writing to disk usually does not exceed 70 MB / s, then armed with a calculator, we will calculate how much time it will take us?The formula is quite simple: Disk capacity (MB) / Write speed * Number of cycles \u003d Seconds;
500000/70 * 7 \u003d 50000 (sec.).
From this we can conclude that a 500 GB disk will “erase” for about 13 hours. But should we use 7 rewrite cycles? Modern storage media do not leave residual magnetization after overwriting data. Therefore, one cycle is enough for us. So the time we need is not 13 hours, but only 1.5.
Operating systems have tools to completely delete files.
Windows:
format c:
Instead of " c:"the letter of the logical partition must be specified.
For Windows Vista and older, previous generations of Windows only delete service information.
Linux:
dd if \u003d / dev / zero of \u003d / dev / sda bs \u003d 4k
Instead of " / dev / sda"must specify the device address for formatting.
Partial data overwrite
Using direct connection to the hard disk at the lower level through the disk driver API or its own driver, you can quickly spoil the information by overwriting data gaps with pseudo-random numbers. By directly indicating the memory address to which to record, we do not need to completely rewrite the disk. Also, through the disk driver API, you can get the addresses in which information is stored and overwrite only this memory area. This method the most complex in its execution, but on the other hand allows you to quickly destroy only confidential information, while maintaining the health of the disk.Work with the driver involves 2 stages. The first is getting the address and data length, usually one file is written in different places on the disk, so we get an array of addresses and an array of lengths. The second step is to write pseudorandom numbers to the data in the memory area; recording must also be done through the driver in order to operating system Did not block or redirect data recording to another area of \u200b\u200bthe disk.
Data destruction with disk
Let's complicate the task: imagine that we don’t have time for disk-safe data destruction. In this case, the only thing that can help you is to destroy the disk itself. And to be precise, you need to destroy only pancakes, which are recorded information.Mechanical data destruction
The picture shows the hard drive after placing it in the device for pressure hard drives (EDR Solutions) .
Once and for all, you can destroy the data if you ruin the pancakes of your hard drive. It is difficult and often impossible to recover data from scratched disks, do not forget to keep a screwdriver near you, because you have to remove the hard drive cover and you can scratch the hard drive with it. Naturally, the data will be erased in those places where the scratch was carried out and adjacent to it. In other places, the data can be restored in the laboratory. Do not spare your strength on scratches, light strips will not destroy data even in places where your screwdriver has been. And if you bend the pancake, as shown in the picture, then your data will definitely never be restored by anyone.
But dropping the disk to the floor will not be enough. Yes, it will not be detected by a computer, but the data will be successfully restored in the laboratory. HDD drive It will not survive a fall from the table, and when it is turned off, the height of the safe fall is greater than during the drive. SSDs were designed with this in mind, even a drop from a window on the first or second floor will not kill the disk. This is achieved due to the fact that there are no moving elements in the SSD, all actions are performed by the controller. Information can still be read programmatically or non-programmatically.
Modern discs are made of magnetic glass. It is enough to remove the disk cover, pull out magnetic disk and break it. The glass disk breaks easily, but it is worth observing safety measures so as not to cut yourself. A disk breakdown will lead to the destruction of the entire spraying layer and it will not be possible to restore the data.
Physically
“That which does not kill us makes us stronger.” It will be logical to assume the opposite: that which does not make us stronger kills us. From you could find out that cooling the disk adversely affects its performance. But can you kill him like that? By putting your carrier of important information in the freezer, you do not kill it. In your hands is a “time bomb” - the disk will work and you can read information from it programmatically. When the disk breaks, then all the data is easily restored in a “clean room."What do discs think about heating? Among all the disk devices, we are only interested in pancakes. The material with which the pancake is coated is able to demagnetize at a temperature of 450 ° C. When heated, the magnetic layer should oxidize and turn green. Another negative for the disc, but a positive result for us gives a temperature of more than 660 ° C.
At this temperature, aluminum begins to melt - the basis of a hard disk pancake. A temperature of 750 ° C at home can be obtained from a candle flame or a burning match. To achieve maximum temperature, it is necessary to substitute the flame with the very edge to the pancake.
You can also demagnetize a disk using an electromagnet, acting on the pancake with an alternating magnetic field with increasing distance from the magnet to the disk. For such purposes, special equipment was developed “Information destruction devices”. Impacting pulses on the hard drives, they completely demagnetize the drive, which makes it impossible to restore any data on it. These devices destroy everything in 2-3 seconds.
Chemically
As you probably already understood, in order to destroy data, you need to destroy the magnetic layer of a pancake pancake. It is enough to pour any liquid on the disk that can change the properties of ferromagnets. To change the structure of chromium oxide (ferromagnet with which pancakes are coated hard drives, is the magnetic layer of the disk), hydrochloric acid or water must be poured onto it at a temperature of 100 ° C.What else is important?
- If you do not need long-term storage of confidential data - write them to volatile (RAM) memory, then you do not have to worry about destruction.
- Make sure that you cannot restore your data from other media on which the copy was ever recorded.
Permanent deletion of files from a computer is necessary to ensure user privacy. Free program CCleaner has a built-in tool for securely erasing information from a PC.
They may ask me, what about privacy if the file is already deleted from the computer? It would seem that the file is no longer on the computer, then what to worry about? It is not so simple.
When deleting data from a computer, the Windows operating system changes the file attribute, marking the file as deleted. At the same time, the contents of the file are physically located in the same place hard drive. Therefore, this file can be restored using a specialized program, for example, R-Studio, EasyRecovery, etc.
If at the location of the deleted file, through certain time during the operation of the computer, other information was recorded, then it will not be possible to restore such a file, since the file was overwritten by other data. In the best case, separate fragments of the file that are located elsewhere on the disk will be saved if the file was fragmented.
Simply deleted filesthat have not yet been overwritten is quite possible to recover. There is one problem: completely deleted person can recover deleted data in some situations.
Permanent deletion of data is necessary when selling a computer, so that the new owner does not receive any confidential information regarding the previous owner of the PC. In other cases, when unauthorized persons have access to the computer, there is also the possibility of leakage of seemingly deleted confidential data.
For reliable irretrievable removal files using a special shredder program that erases information from the hard drive. This program overwrites parts of the disk where the deleted files were located. After that, it will be impossible to recover deleted data programmatically.
The process of erasing disks in CCleaner takes place in 4 stages:
- Choosing an erase method.
- Choosing a rewrite method.
- Select a disc to erase.
- The process of erasing data on a disk.
To start the mashing process, you must first select what to wipe on this computer. Two options are available in the program: "Only free place"And" The entire disk (all data will be destroyed). "
When you select to wipe only free space, the area on the disk does not busy files will be overwritten. After this, the areas of the hard disk on which the previously deleted files were located will lose all the information that was previously theoretically possible to recover.
Overwriting the entire disk will permanently delete files from the hard disk (the selected disk partition, external hard drive, removable USB drive).
- Easy dubbing (1 pass)
- DOD22-M (3 passes)
- NSA (7 passes)
- Guttman (35 passes)
In most cases, a simple rewrite of the data will be sufficient. If necessary, you can choose a more advanced method of information destruction.
Keep in mind that the process of erasing data will take a certain period of time, which depends on the size of the erased space and the method of overwriting ( large quantity passes will take more time). In any case, this is a rather lengthy process.
Select desired drive, and then click on the “Erase” button. In this example, I chose the following settings: erase only free space, simple dubbing (1 pass), disk - USB drive (flash drive).
After that, the process of cleaning free space will start.
After the dubbing process is completed, a program window opens with the message: "Erasing the disk has completed successfully."
Conclusion
Free cCleaner program can be used to permanently delete files from a computer. The program reliably wipes free space on the disk, or erases the entire disk, making it impossible to recover deleted files using software tools.
Among the capabilities of some utilities declared "safe deletion" of files, which promises to securely erase files from your hard drive, deleting everything without a trace. IN old version Mac OS X was able to perform a full recycle bin without the possibility of restoring files again. But in new versions of the Apple operating system, such a function was removed, because she simply could not work reliably on modern disks.
The problem with “safe removal” and “full cleaning of the basket” is that it causes a misleading sense of security. Instead of relying on this kind of solution, it’s better to take note of the possibility of full disk encryption. On a fully encrypted drive, both deleted and restored files will be fully protected.
Why did a feature like safe file deletion appear at all
The usual deletion of files from the hard drive does not actually delete their contents. The operating system marks files as deleted and will be overwritten over time. But they are still located on the hard disk and using specialized utilities you can scan the surface of the disk and recover deleted files. The same principle works with USB drives and SD cards.
If you have sensitive data, such as business or financial records, tax returns, etc. You should think about how to protect yourself from recovering such data from a hard drive or removable storage device.
What tools can safely delete files?
Utilities that perform reliable file deletion mainly use the method of overwriting data with zeros or random values. Theoretically, after such an overwrite, data recovery is not possible.
This procedure is very similar to erasing. But when you erase the disk, the data will subsequently be written to the entire disk. Whereas permanent erasure will overwrite only the place where the file with unwanted data was stored.
There is a huge selection of utilities for permanently deleting files. Popular among them is CCleaner. Microsoft suggests using the sdelete command from windows utilities Sysinternals. In older versions of MacOSX, it was possible to completely empty the trash without recovery and Mac OS still suggests using the srm command to safely delete files.
Why do utilities not work reliably?
First of all, you need to make sure that the operating system did not backups before we started the program. The fact is that programs delete files only after starting the program itself. You can completely erase the data, but if the operating system is configured to automatically create backups, all deleted files are saved in its copies. Therefore, all secret files can be easily restored from backup copies.
But let's say you checked. Automatic archiving is disabled.
Modern SSDs work a little differently. Before data is written to a flash memory cell, it must first be cleared. The speed (read / write) of a flash drive, as a rule, slows down over time. To avoid this, a TRIM service was added to notify the operating system of which data blocks might be physically deleted. But the trouble is that this service works only with an internal SSD-drive and does not support external devices connected via USB or FireWire. In other words, a deleted file from external solid state drives can be recovered.
Even modern mechanical hard disks do not guarantee complete file deletion due to caching technology. Developers are trying to make drives smarter.
If you have sensitive data that you want to protect, do not try to delete it. There is no guarantee that they will be permanently deleted.
What to do?
Windows 10, supporting encryption of files, is already installed on a huge number of machines, and a professional version of the operating windows systems supports Bitlocker encryption tool. Mac OS X supports FileVault encryption, Linux offers similar tools, and ChromeOS encrypts by default.
Even if you have an unencrypted drive containing confidential files that you want to permanently delete, format the drive (or better several times), but rather mechanically disable it and use drives that support data encryption.
In the end, summarize. While you use encryption, your files must be protected. It is assumed that your computer is turned off and that the attackers are not aware of the encryption code. They will not be able to access files, including deleted ones. If you have important data, simply encrypt the drive and delete the files. Do not rely on file removal utilities. They may work in some cases, but more often than not they give a false sense of security. Permanent file deletion simply does not work reliably with modern hard drives. The only way to surely delete information is to completely disable the drive by mechanically damaging the surface of the drive (it is enough to drill through the drive through several places).
Deleting files is a common procedure when working with a computer, which is used several times a day. However, just sending files to the trash and emptying it, you leave traces of data in the system, which can then be restored deleted information. If this arrangement does not suit you, then it will be useful for you to find out how to delete files without the possibility of recovery.
Normal delete
Any user sent files to the trash: for this you need to right-click on him and select "Delete". After that, the basket is emptied and unnecessary information seems to disappear from the computer.
Another way to get rid of an unnecessary file is to erase it immediately, without first sending it to the trash. To do this, select it with the left button, and then press the key combination Shift + Delete.
A warning appears in which you need to confirm the action by clicking "Yes."
You can configure deletion so that the files, in principle, are not sent to the trash even without pressing a certain key combination.
Now the information will be immediately erased from the hard drive, bypassing the temporary storage for deleted data.
If you deleted files and then emptied the trash, then you should know that this information can be restored if you wish. Fortunately, there are a lot of programs for performing such an operation, both paid and free.
The only way to completely erase information is to overwrite other data in its place. It is advisable to do this several times to permanently destroy all traces of the deleted file.
Manually doing this will not work; but, having secured the support of special software, you will quickly perform the necessary operation.
Sdelete
To permanently delete data, you can use a utility from Microsoft called SDelete. This program acts through the command line, overwriting the deleted file with random numbers.
IN command line a message should appear stating that the destruction of information was successful. After that you can close all windows.
Recuva
Recuva is usually used to recover deleted files from a USB flash drive or hard drive. However her functionality they are often used not at full capacity, because with the help of this utility you can also erase information, leaving no chance of its recovery.
The first thing to do is to erase the files in the usual way, sending them to the trash and then emptying it.
To delete data completely, you must first start the procedure for their recovery:
So, you got a list of files that can be restored. Now you need to destroy them, permanently erasing from the hard drive.
Remember: the more rewriting cycles you specify, the higher the likelihood that the information will be deleted completely and permanently. Therefore, choose 35 cycles at once and click “OK”.
Select the files you want to destroy, and then right-click in the main program window. Select “Securely delete marked”. 
A warning will appear on the screen in which you need to click “Yes” to start the process of permanently deleting information. 
After the end of the procedure, run Recuva file search and recovery again. Check that the data that you securely deleted no longer appears in the list. If they are, try again the steps above.
Using this file manager, you can not only manage the data stored on your computer, but also permanently delete it from your hard drive.
If you delete one file, it will be destroyed immediately. When deleting a folder, another warning will appear in which you will again be asked to confirm your intention. 
Why can erasing data with Far Manager be considered reliable? Because the file will be first overwritten with zeros, then it will be renamed randomly, and only then it will be sent to nonexistence.
Eraser HDD
Another convenient and functional utility that allows you to permanently get rid of unnecessary information is called Eraser HDD and is distributed as a portable application. The only drawback of this program is that it cannot delete individual files; you can only clean the entire disk.
Important: since the program completely erases the disk (removing Windows and even itself), you need to run it from the second hard drive.
After confirming the deletion of all data from the hard disk, a notification of this kind will appear: 
By the way, in a similar way, you can delete undeletable files without the help of other applications such as Unlocker. Finally, another way to destroy data is to use CCleaner.
Deciding to clean hDD, users usually use formatting or manual removal Files from the Windows Recycle Bin. However, these methods do not guarantee complete erasure of the data, and using special tools you can restore files and documents that were previously stored on the HDD.
If you need to completely get rid of important files so that no one else can restore them, standard methods operating systems will not help. For these purposes, programs are used for the complete deletion of data, including deleted data by conventional methods.
If the files have already been deleted from the HDD, but you want to erase them permanently, then you need to use a special software. Such software solutions allow you to overwrite files so that subsequently it will be impossible to recover them even with the help of professional tools.
In short, the principle is as follows:
- You delete the file "X" (for example, through the "Basket"), and he is hiding from the field of your visibility.
- Physically, it remains on the disk, but the cell where it is stored is marked free.
- When new files are written to disk, a cell marked with a free space is activated, and the file is overwritten "X" new. If the cell was not used when saving the new file, then the previously deleted file "X" continues to be on the hard drive.
- After repeatedly overwriting the data on the cell (2-3 times), the file that was initially deleted "X" finally ceases to exist. If the file takes up more space than one cell, then in this case it is only a fragment "X".
Therefore, you yourself can delete unnecessary files so that they cannot be restored. To do this, you need to write down any other files 2-3 times to all free space. However, this option is very inconvenient, so users usually prefer software tools that, using more complex mechanisms, do not allow you to recover deleted files.
Method 1: CCleaner
A program known to many, designed to clean the hard drive of debris, also knows how to reliably delete data. At the request of the user, you can clear the entire drive or only free space using one of four algorithms. In the second case, all system and user files will remain untouched, but the unallocated space will be securely wiped and inaccessible for recovery.
Method 2: Eraser
Eraser, like CCleaner, is simple and free to use. It can reliably delete files and folders that the user wants to get rid of, in addition to this, cleans up free disk space. The user can choose one of 14 deletion algorithms at his discretion.
The program is embedded in the context menu, therefore, by clicking on unnecessary file with a right mouse button, you can immediately send it for removal to Eraser. A small minus is the lack of a Russian language in the interface, however, as a rule, basic knowledge of English is sufficient.
Method 3: File Shredder
Program File shredder its action is similar to the previous one, Eraser. Through it, you can also permanently delete unnecessary and confidential data and erase free space on the HDD. The program is embedded in Explorer, and can be called by right-clicking on an unnecessary file.
There are only 5 mashing algorithms, but this is quite enough for the safe removal of information.
Note: Despite the fact that using such programs is very simple, this does not guarantee complete deletion of data if only part of the disk is erased.
For example, if there is a need to delete an image without the possibility of recovery, but at the same time thumbnails are displayed in the OS, then simply deleting the file will not help. A knowledgeable person will be able to restore it using, storing thumbnail photos. A similar situation exists with the swap file, and other system documents that store copies or thumbnails of any user data.
Method 4: Multiple Formatting
The usual formatting of the hard drive, of course, will not delete any data, but only hide it. A reliable way to delete all data from the hard drive without the possibility of recovery is to conduct full formatting with a change of type file system.
So if you use file nTFS systemthen it is necessary to carry out complete (not fast) formatting to FAT format and then back to NTFS. Additional you can mark up the drive, dividing it into several sections. After such manipulations, the chance of data recovery is practically absent.
If you have to work with the hard drive where the operating system is installed, then all the manipulations must be performed before loading. To do this, you can use a bootable USB flash drive with the OS or special program for working with disks.
We will analyze the process of multiple full formatting with changing the file system and partitioning the disk.
