Mining all the personal stuff out of the registry would be an epic nightmare and would be more likely to leave you with a machine that will not boot as clean it.
He restored to factory settings. Hasn’t that dealt with the registry?
Fileshredder is a free app that has an option to overwrite all unused space on the drive. So files that have been deleted and removed from the recycle bin can be erased beyong the reach of casual recovery. Casual being defined as techniques available to the average person.
Right but what you did was reformat the drive, NOT overwrite it.
As everyone probably knows, “deleting” a file doesn’t erase the file from the disk, it just tells the operating system to forget about that file. Formatting the drive doesn’t erase the drive either.
If you filled the drive with random data that would erase your previous data, unless some professional forensics people got ahold of your drive. If you’ve got something on the drive that could get you sent to prison, or you could lose millions of dollars over, or would compromise national security, then you should pop out the drive and physically destroy it.
If you just don’t want the next owner to know what kind of porn you’re into, then deleting all files and overwriting all empty disk space with random data would be enough.
The question is, what kind of risk are you willing to assume? What are the chances that the person you’re selling to will try to recover the data, and what are the consequences if they are able to recover the data? If the value of the money you get by reselling the machine is smaller than the risk, then don’t sell. And you can reduce your risk by various methods. Physical destruction is the only way to guarantee no risk. Just make sure your data isn’t backed up elsewhere!
He specified not reloading windows via the restore partition or not. There are more than a few non destructive restores out there that will not reset keys that are not part of a basic windows install.
Out of wonder, would putting a big ol’ electromagnet near the hard drive wipe it or just break it?
If it was strong enough, it would partially erase it and break it. Any magnetic field strong enough to erase the data is also strong enough to erase the servo data that the drive uses to position the read/write head over the right location on the disk.
It would have to be very strong. Modern recording media is very difficult to erase. I’ve seen systems designed to erase hard drives, and they are serious pieces of industrial equipment with huge power requirements. Even then, they don’t meet the NSA’s standards for complete erasure of data. You have to physically destroy the drive if it’s been used to store sensitive information.
You can say that again. I have a big, honkin’ bulk eraser designed to handle up to 1/2" audio tapes and VHS carts ca. 1975. It worked very well then, but it can’t completely erase a modern DV mini video cassette which is much smaller, even if I turn it over and make several passes. The magnetic properties of the media must be quite different.
But remember, there’s a difference between “Erased so well that not even the NSA or the KGB or the FBI can recover the data” and “Erased so well that the guy you sell your used computer to can’t recover the data”.
Just rewriting the entire disk with random data is enough if all you want to do is prevent subsequent users from snooping your porn stash.
If you’ve got something more sensitive on the disk–something that could get you sent to prison, or compromise national security, or get people killed–then physical destruction is the way to go.
But even then, simple encryption is often enough. There are plenty of examples of people arrested for child porn, but the files are encrypted, and the local law enforcement people can’t access the files. The guys at the NSA might (or might not) be able to break into the machine, but the local DA isn’t going to get the NSA’s help. The risk is that you might have encrypted your files, but you didn’t do it right, or left an unencrypted backup somewhere, or in some temporary cache. But even then, that’s only a risk if the guys who get ahold of your drive know what they’re doing.
It all comes down to weighing the risk factor. What is the likelihood that the data could be recovered? And what are the consequences if that data is recovered? And again, if your judgement is that the risk is greater than the value of reselling the machine with an intact hard drive, you don’t sell the machine. But this is a very subjective judgement. However, for an average person, the likelihood that a snoop would recover simply deleted data is small, and the likelihood of recovering randomly overwritten data is vanishingly small. And the consequences if that data is recovered are likewise probably very small…you might be embarrassed if you see that guy at the PTA meeting next month.
Why try to save the hard drive? Do you know how cheap new hard drives are nowadays? At $100 per terabyte, why take chances?