When you delete a file on your system, it just removes the reference to that file rather than literally delete it from the system. A good analogy here is to think of your file as a page in a book. When you delete the file you are ripping out the contents page of the book, removing the reference to your page so it can no longer be easily looked up. But the page itself still exists, and it can be found by anyone who is willing to just look through the entire book until they find it. Lots of people have discovered that the hard way, giving away or selling an old computer full of sensitive financial information and suffering fraud, or worse.
To truly remove data from a device, such that it can no longer be recovered, you need to overwrite it by replacing the old data with new, gibberish data. Below are the procedures I would recommend
Type Of Device | Procedure | HDD | Download and boot ShredOS on a live USB and run the 3-pass DoD wipe on the HDD |
---|---|
SSD | No Longer Recommended See here for why, and an alternative method |
Android | Factory Reset the device
Set a new 16 character passcode (the longest Android allows) Fill up the device with random data Factory Reset the device. Set a new 16 character passcode and fill it up with random data again Factory reset a third time. At this point, there is virtually no chance of recovering any old data on the device |
iPhone | To Be Added |
USB Flash Drive | On Linux, open a terminal and run dd if=/dev/urandom of=/path/to/usb to overwrite the entire USB stick with pseudorandom data. You must run this command twice, in order to be reasonably sure that you've also wiped any overprovisioning space
On Windows, download Eraser and run the 3-pass DoD wipe on any files currently on the USB. Once this is done, run the "Erase unused space" option on the USB. Once completed, run the "Erase unused space" option once more, to account for any overprovisioning space. |
SD Card | Same process as USB flash drive |
Individual Files | On a HDD use the secure erase feature on Eraser or CCleaner to overwrite specific files. Use the 3-pass wipe, or optionally more passes if you like. On an SSD you can't reliably erase individual files. The only way to be sure you've properly deleted something is to wipe the entire drive but that is often not practical. What you should do is use Full Disk Encryption on the drive before storing any sensitive data on it, then it's protected by the encryption. I recommend Truecrypt (Version 7.1a - Download here) for full disk encryption if you are using Windows, and LUKS for Linux systems. |