Permanently deleting files is something that a lot of people aren't aware of. Actually, most people think that once a file is deleted, it is gone forever. This is not the case. Hard drives write to the disk via magnetic charges, positive and negative correlate to 1s and 0s for binary. This is then interpreted into information for the computer to use and access.
When you delete a file, all that happens is a little modification to the binary that tells the computer it can be written over. So that means when you delete a file, it actually is still there until it is written over. So the simple solution would be to write over it, yes? No, actually. Files can still be recovered by taking bits and pieces of files and "guessing" what comes next, effectively recovering the file. You can write over a file up to 7 times, from my personal experience, before it becomes unrecoverable.
So, today in this Null Byte, we are going to be shredding some files to make them unrecoverable. This is a useful technique for when you have private information containing your social security number, or maybe just some private text. Be sure to do this before selling your computer as well, as I know people who buy used computers just to steal and recover credentials and other sensitive files.
We will be using the free software CCleaner to shred our files in Windows. Linux and Mac users should use BleachBit and Onyx respectively. I won't be teaching Mac and Linux because it is literally the same to use both programs.
Step 1 Download & Install CCleaner
- Install CCleaner from their official page.
- Run the installer.
- Next > Next > Next > Finish.
Step 2 Run CCleaner to Shred Files
In CCleaner, you can specify how many times the program will write over your files or free space. For this I recommend using 10 passes. Anything beyond that is not recoverable for sure. Let's jump right into a video for a quick walkthrough of using this software.
This will protect your computer from ever having sensitive data like passwords and cookies recovered. It will also speed your computer up! I suggest people start using SSDs more frequently, as this issue doesn't exist with a solid state drive because it's flash memory. SSDs only require one pass before data isn't recoverable.
That's it for this Null Byte. Come join the IRC to talk with me and the rest of Null Byte.
Just updated your iPhone to iOS 18? You'll find a ton of hot new features for some of your most-used Apple apps. Dive in and see for yourself:
10 Comments
Coool stuff!! :D Thanks for sharing your awesome knowledge! :D
No problem :3 Get in IRC!
And on linux you can use shred. It's command based but you can tweak it depending on how paranoid you are.
sudo shred -fuz -n=10 is the way to go :D. I have it hacked into my right-click menu in KDE, superrrr helpful.
I use cybershredder on windows. But if the cops ever come blasting through the door there's always thermite, just to make sure xD
I can't WAIT to be able to use my SSD's on my new rig in a few weeks xD. I've never used cybershredder, but I've used WindowWasher and CCleaner, CCleaner was the better of the two (and free).
Thanks for the call on OnyX! Do you know anything about the security of using something like rm -P ? Not as good I'm assuming, but how good is it?
Not good at all afaik. I've deleted a whole directory and was able to recover it all. :O
Ouch O.O not that I've tried to delete anything sensitive that way, just saw the option in the man file the other day :p Here's another spot of curiosity for me: I see lots of anti-forensics but not a whole lot of forensics techniques/programs talked about. For instance you recovered a whole directory, but you recovered it with.. what exactly?
There is/going to be a tutorial on recovery and carving x]]. RAM carving is coming soon too! :D
Share Your Thoughts