Monday, February 12, 2007

They know what you deleted last summer


If you're thinking about selling your computer for whatever reason, think about shipping it with a new hard drive. You might have heard how when you delete a file it isn't actually deleted. I've heard about this and was curious to know more. Even after a file is removed from the recycle bin/ trash, it still exists on the HDD. The only thing that the operating system removes is the link to the file. The file will remain on the hard drive until it is overwritten by another file (if ever.) And even then, special forensic methods can ressurect long lost files after they've been written over multiple times. And because there is constant research in the field of magnetic storage devices, it is likely that in the future it will be more difficult to make information disappear.

Of course, as there are programs which find these deleted files, there are also ones which make them more difficult to reconstruct. These file wiping programs basically write garbage data to the "free" spaces on your hard drive where these old files lay dormant. Thus, they effectively overwrite the files. When the U. S. Department of Defense wipes their drives, they overwrite the files at least seven times. These programs exist for both Windows and Mac, but lucky for Apple users, OSX has a built-in "Secure Empty Trash" option.

When emptying the trash with SET, OSX overwrites the file seven times before it is completely disposed of. But even that doesn't work most of the time. For example, if the file you deleted (Windows or Mac) was frequently used or modified, it was more than likely copied to various areas of the hard drive. This is done to increase read performance, but when it comes time to delete the file, apparently SET can't wipe all of the copied files that exist on the drive. But there still exists (only is OSX Tiger and above) an option in Disk Utility to write over all the free space on your disk - up to 35 passes.

While it's a noble effort from Apple to include a wiping program on their OS, some still believe that the safest thing to do is designate any sensitive information you might not want others to ever see to a separate partition or physical drive with a non-journaling file system. Because it is in a journaling file system's nature to protect the integrity of files against failures, they write data in places and in ways that a wiping program might miss. So keeping a seaparate non-journaling drive or partition might be a good way to go, but skeptics say that the most sure way to destroy data is to melt the physical drive itself. Trying to demagnetize it will allegedly not work.

The ethics of this issue are typical for annoying big-brother issues: bad for privacy, but I'm sure they'll argue that it's indispensable to wars on terror - like the fifteen-year-old punk down the street who downloaded a leaked video of the film 300 and Warner Bros. is wanting to prosecute. And while they're in there, they might as well get him for those pictures since his dad is running for a political office to help protect consumer privacy and they want to humiliate him.

I wouldn't expect these issues to change unless an outright violent revolution took place. And I'm sure the largest software manufacturer in the world, because they're in bed with lots of interests who enjoy less consumer privacy, won't be so sensitive to consumer complaints about this aspect of their product. Loss of privacy: expect this to be part of tomorrow.

No comments: