I’ve got an HP laptop. There’s a problem, it’s under warranty, and HP wants me to ship it to them. What are my options for securely erasing files?
I’m running Windows 8.1 and I don’t believe I was sent any OEM disks with the OS on it when I received the laptop (but I’ll have to look around).
If you want to reinstall there is a recovery partition on the hard drive. You can do a reinstall by I think F11 on startup. You should see some instructions on startup if F11 isn’t right.
Will a reinstall from the recovery partition securely erase files? Thanks.
No, merely re-installing (or “formatting” a drive/partition, for that matter) will not securely erase your files.
(By “secure erase”, I am assuming you are meaning the commonly agreed upon term of overwriting your files [usually by writting a series of 0 across the entire harddrive] multiple times in an effort to stifle deletion recovery).
You will need third party tools to accomplish such a task.
One such tool is SDelete, distributed by Microsoft themselves on their Technet website:
I’m not sure what the rules are regarding double posting, but it seems like the duration (5 minutes) for editing my previous post have already elapsed, so I’ll add this addendum in this post:
It should be noted (as per the documentation itself) that SDelete suffers from one flaw (which may or may not matter for your use case):
This means that any files you’ve already “deleted” on the drive (and thus no longer exists as far as Windows is concerned) may expose their file name. So if you had a file named “My SSN 000-00-000.doc” which you’ve already deleted from the disk prior to running SDelete, it’s theoretically possible that the document name can be recovered (but not the document’s content).
Thanks! I think SDelete would work.
But, if after I use SDelete, if I then re-install the OS from the recovery partition, that would clear out the filenames, wouldn’t it?
No, that can not be safely assume to be the case. It’s certainly possible that the sectors in which the old file name resided could be overwritten during the re-install, but that is not guaranteed and should not be relied upon if your file names are that sensitive.
No problem.
Ah, ok. Thanks. I don’t think I need to really worry about filenames, but I’ll do a quick search of my directories for any of the obvious gotchas before I ship. I do tend to put a lot of info in filenames just to keep them ordered for me, but it’s not my habit to put secure info into filenames.
Just get DBAN: Darik's Boot and Nuke download | SourceForge.net
It’s probably not a good idea to trust Microsoft for anything security-related. They don’t exactly have a stellar track record.
That level of carto cult science is really unwarranted. By the way, the tool’s author Mark Russinovich is a well respected Windows security researcher, even prior to joining Microsoft in 2006.
At least SDelete “implements the Department of Defense clearing and sanitizing standard DOD 5220.22-M, to give you confidence that once deleted with SDelete, your file data is gone forever.” (quoting from the documentation).
In fact, on DBAN’s homepage, it even explictly states:
If bullet number 1 doesn’t already scare the bejeesus out of you (after all, you’re trying to securely erase your harddrive, the tool itself claiming it might not even accomplish that goal is at best useless, and at worst a potential liability!), then I’m not sure what else to say.
To be fair, none of these generic tools is going to be able to erase data in places that a drive “hides” from normal software. This includes reallocated sectors on hard drives, over-provisioning on SSDs, etc. As an example, I have some enterprise SSDs here that report that they are 160GB to the operating system. They are actually 256GB, but the extra space is not directly available. Instead, the drive shuffles things around so that deletes are “instantaneous” from the point of view of the operating system, even though the drive will be doing housekeeping for some time.
The second point is addressed by the software that DBAN advertises when it finishes - Blancco. That annoying ad (which disables control-alt-delete) is a valid reason to dislike DBAN. If you want software that provides legal assurances, you’re going to have to pay for it.
The third point is trying to say that if you use DBAN on a RAID volume on something like a 3Ware 9000 card, you’ll end up with erased disks, but you can’t take those disks and stick them on another controller, because the 3Ware card has reserved them. Once they are erased, you need to break up the RAID set using the controller menu. Newer 3ware cards don’t do this, and neither do most other RAID controllers. But it is something to be aware of if you plan on re-using the drives.
The most secure way to avoid your data being recovered is to not return the drive in the first place. Some vendors will let you remove the hard drive and will ship you a replacement system with no hard drive installed, so you just re-use your original one. For servers and enterprise systems, it is possible to purchase “keep your drive” for an additional charge when you order the system - if the drive goes bad, they just send you another one and don’t ask for the original back (if you elected that option when you bought the system).
By the way, I recycle hundreds of drives per quarter via a commercial recycler (who re-sells relatively recent, working drives and scraps the rest). They get thousands of drives a month, and they tell me that I am the only site that marks drives as “Wiped/good” or “Wiped/bad” and actually does the wipes - 90% of the rest of the drives they get that are marked “Wiped” are not wiped (they check, so they can sell the drives as tested and wiped).
DBAN will erase the entire drive, including nuking all partitions including the HP recovery/restore partition. BrightNShiny won’t be able to reinstall the OS after DBAN does its thing.
With Windows-8, you can restore the system from the recovery partition by going to Settings -> Change PC Settings -> Update and Recovery -> Recovery -> “Remove everything and reinstall Windows”.
When you select it, it gives you a choice between “erase data quickly” and “thoroughly”. According to Microsoft:
So it sounds like the “erase thoroughly” option overwrites all data. It may not meet DoD standards for erasing classified information, but I think it’s perfectly sufficient for returning or selling a home PC. That’s all I did when I sold my old laptop on eBay.