Everyone knows how to delete a file.
But do you really know how to delete a file?
What Happens When You Click Delete
Although deleting a file and emptying the Recycle Bin may not display the file in Windows Explorer any longer, the data still exists on the hard drive. Computers use a system similar to the old library card catalog system. In this metaphor, there is an index, the card catalog, and the actual file, the book on the shelf. Imagine removing the index card from the card catalog, but never going out to the shelves and physically removing the book. Anyone can browse the shelves and still find the physical book which still exists.
A similar process exists with a computer’s file system. When you think you have deleted a file, the only thing that has been deleted is the index pointer to the file. The computer marks the index that this location is free to be used again. Until new data is stored at that exact location on the hard drive, those files are recoverable.
To recover data from a functioning old hard drive, assuming the space hasn’t been overwritten, a person only needs a SATA to USB cable costing about $5. Using this cable, it’s possible to connect the drive to a different computer and the drive shows up like a USB thumb drive. Using one of many free deleted file recovery tools, files you thought were deleted can be found and recovered.
If you’re talking to professionals at Pegasus, advanced cybercriminals, or even industrious high school kids with lots of time on their hands, many of the methods to more securely delete a file can be overcome (at least partially). Often data recovery doesn’t lead to a full restoration of the file as it originally existed but instead reveals parts of the file, sometimes in a raw form. If you’re a criminal or someone who’s highly motivated to see the file, maybe that’s all you need.
Easy Way to Delete a File
In Windows, when you delete a file, it typically goes to the Recycle Bin. You can right-click the Recycle Bin and select “Empty Recycle Bin.” This makes the file a little harder to restore. If you’re deleting a file and want to save a step when you know you don’t want it to land in the Recycle Bin, you can hold down the Shift key and then press Delete. The file will go directly disappear without stopping at the Recycle Bin. Following the metaphor earlier in this article, note that these methods only delete the “index card” and not the file itself.
To delete a file and make it a little harder to recover, keep reading.
Securely Wiping a File
It is possible to use 3rd-party utilities to write nonsense 1s and 0s to the “spot on the bookshelf” where a file is stored. This method is certainly more secure than emptying the Recycle Bin, but it’s not as secure as wiping an entire hard drive.
On Windows:
- Download and install Eraser.
- Use Windows Explorer to browse to the file or folder you want to delete.
- Right-click the file, select Eraser, and click “Erase.”
On Mac (steps can vary based on OS, but these steps work often):
- Download and install CleanMyMac X.
- Grant CleanMyMacX access to your files in documents, desktop, and downloads
- In the left tab, click “Shredder,” then click “Select Files” to select the files you would like to delete.
- Upload the file for deletion and click “Shred.”
More Secure: Wipe the Entire Drive
File-based wipe utilities certainly make recovery harder, but they’re not perfect. Traces and cached versions of the file can remain even after a file is “securely” deleted. Wiping an entire hard drive is a better way to make recovering its data harder. The process of wiping a drive varies significantly, depending on whether you’re wiping a traditional drive with magnetically stored data on disk platters or if you’re wiping a modern solid-state drive (SSD) with memory circuits and no moving parts.
AOMEI Partition Assistant and DBAN are two good options to securely wipe an entire hard drive. Some SSD hard drive manufacturers have released free utilities to securely wipe the hard drives they make since traditional programs will not work effectively. Using a traditional drive wipe program on an SSD may not only leave data behind but also significantly reduce the life of the SSD.
Most Secure: Give It to Pegasus
Pegasus uses a variety of methods, including writing gibberish to the drive repeatedly, using special hardware wiping devices, and physically destroying the drives to ensure they cannot be recovered.
It’s important to know that many types of devices, even copy machines, often have internal disk drives now. It’s critical they are wiped clean of your sensitive data before they are trashed, recycled, returned, or repurposed. When in doubt, please contact Pegasus, and we will be happy to help.
