Hi Dopers,
I am thinking of selling my pc.One thing that concerns me is that the new owner may be able to retrieve files (i had some sensitive financial data)that i previously had on my hard drive.I hear that deleted files can be restored?I have also been told that doing a complete re-format may not “wipe” the hard drive completely i.e Ghost Files?
So,my question is-How do i remove everything,permanantly?
Thanks for any input.
Over to you guys
Moo™
A large magnet 
moves over for the folks bearing useful advice
The conservative and safe approach is to remove the hard disk and physically destroy it. That is the standard practice at many organizations. Hard disks are cheap.
It depends on how paranoid you are. A utility that does a low level format erases the data pretty well but it still can be recovered by one of those data recovery services or the CIA. That doesn’t mean that the average Joe can just hit a few keys and restore your files however.
If this computer has the notes of your clandestine activities in the Soviet Union circa 1986, then you might need to do something better like physically destroy the drive.
If it has embarrassing chat logs and last years tax returns, then a low level format should be Ok.
If you’re selling the PC, destroying the hard drive cuts into the profit potential. There are software applications for performing secure wipes of hard drive space. The PGP suite includes one that overwrites free space (erased files) multiple times with different data (e.g. a pass of all zeros, a pass of all ones, a pass of random sequences, rinse, lather, repeat). You can probably find other apps on download.com or tucows that do the same thing since it’s basically a simple principle. This allows you to leave some OS and apps installed (if that’s desirable) while wiping the free space in a fairly secure manner. Even if you plan on doing a format of the whole disk, you might start by wiping the free space in this way.
Note that someone could still recover data from a disk wiped in this way by carefully analyzing the fringes of each bit on the harddrive. This requires sophisticated hardware and expertise, but it’s unlikely you’re under that kind of threat.
Generally the only people who are doing data retrieval at this level are the FBI and intelligence services, and even then the amount of actual data recovered will be fairly small. And if they’re after your hard drive, you’ve got bigger things to worry about.
I agree. I can’t find a link now, but I seem to remember a review site sending five hard drives to five large data recovery firms after simply overwriting the data on the drives once with zeroes (similar to a low level format). Not a single one was able to recover anything. Most of these services make their money recovering files that were simply deleted, not overwritten, or by reading drives where the platter is fine but the motor died. The technology to read the tiny levtover magnetic fields left over after a bit is overwritten just doesn’t seem to be available at the consumer level.
Whenever I sell a computer, I run Darik’s Boot and Nuke (DBAN) on the hard drive. It writes data over the entire drive, making it impossible for ordinary people to retrieve the data. Just download it to a floppy or CD, stick it in, and go. DBAN is part of the National Nuclear Security Administration suite of security tools.
I wouldn’t risk just deleting the files you think are sensitive and wiping the free space. You never know if and/or where applications store backup copies, temporary files, caches, and so forth. The Windows swap file may also contain sensitive data.
The foolproof solution to security issues like this is to use whole-disk encryption software. All the data on the drive is encrypted using an algorithm that will take millions of years for even the most determined government agency to crack. You either enter a password on bootup, or plug in a USB key.
If you use a human-entered password, then it would not take anywhere near millions of years for a determined party to crack. There’s a limit to how much of a password a human can remember and input, and that’s the space that would need to be brute-forced. This is, of course, made considerably easier by the sloppy passwords typically used by most humans. A USB key, however, could be made considerably more secure, but then you have the problem of disposal of the key.
The idea behind removal and destruction of the hard disk is not to foil NSA-class attackers, although it does that. It is to provide assurance that the data will not be accidentally disclosed to outsiders, regardless of the state of the hardware and software. It doesn’t matter how the disk is partitioned, what operating systems are installed, whether parts are missing, flakey, broken or misconfigured, whether the disk is password protected, etc. It can be done by anyone with minimal mechanical skills, several screwdrivers, and a limited amount of time. It does not require special software or technical knowledge. It is cost-effective, simple to verify, and idiot-proof.
I decided to open up a faulty hard disk to destroy possible sensitive information and although I have a good selection of screw bits I failed to find the type needed.
They look a bit like Torx screws but weren’t quite the same.
Anyone know what type of bits I need? Are they standard for all manufacturers?
If you just want to destroy a drive, take a stout screwdriver and a hammer and drive the screwdriver through the drive’s cover. Don’t go right for the center, as the hub is there - you want to bend or break the platters. A lot of newer drives have glass platters which will shatter when struck. Notebook drives will usually succumb to being stomped on so the whole drive is bent.
The hardware used to assemble drives isn’t particularly easy for consumers to obtain. Just smash it.
OK, but I trained to be able to re-assemble things I dismantle and I would have liked a look inside a hard disk 
I take your point though.