By the way, Windows versions from XP onwards (and especially 7) will randomly cache old versions of your files for the System Restore and Previous Version functions using something called “shadow copy”. I don’t know if Eraser handles those, so look into that if it’s a big deal (along with your page file and RAM).
Ensure - nothing. After 9/11 the company I was working for was reconstructing data off drives that were security wiped, shot with a shotgun, burned, disassembled, and the discs scattered in the sand. It wasn’t 100%, but it was better than 50%.
But I assume you aren’t worried about Homeland Security or the NSA trying to get data off your drives., so either Eraser or DBAN should work fine.
From a comment on that page, it seems like the way to do it is to disable that functionality altogether, delete all the existing shadow copies, delete your file, and then secure wipe all free space on the disk.
You would still have to deal with the page file and RAM.
IIRC, doesn’t VSS stop and start on demand? You need to go to the properties of the disk, and disable VSS and then delete all shadow copies, erase free space.
OTOH, when they arrested Moussaoui for suspicion of involvement in 9-11, they took a bunch of Kinkos (?) PCs and tried to retreive his data. These PC’s had been reformatted several times since then? If they had gotten anything useful I’m sure it would have shown up in court, as it’s no secret that overwritten data sometimes might be retreivable.
The good cleaners will write random patterns up to 35 times over top of deleted data. This gets rid of any residual magnetization and any chances of finding data left on the edges of the recording tracks from variations in the accuracy of the head tracking (Theoretically).
If you’re concerned enough, insert a second hard disk, and in advanced system properties change the page file to the second drive so you can wipe the pagefile.sys space on the C: drive.
What are the potential consequences if the deleted information is recovered? Will people die? Will people go to jail? Will people lose custody of their children, or be divorced by their spouses? Will people lose their jobs? Will people lose significant amounts of money?
Your efforts to protect your data require risk assessment. That is, the probability that various bad things will happen, and an assessment of how bad those bad things will be. And the reasonable amount of effort you expend mitigating those risks depends on your assessment of the risks.
If you face death or jail if the NSA gets ahold of your data, then total physical destruction of the disks is the only possible answer, because there’s no way you can tell what tools the NSA might have available if they’re interested in your data.
On the other hand, if you’re just worried that your used PC will end up being bought by a sleazy hacker guy, and he’ll get your credit card number, then a different level of protection is indicated. Note that hackers have a lot easier methods of getting credit card numbers than buying up old PCs and trying to find erased credit card numbers. When hackers buy and sell lists of stolen credit card numbers they typically go for a few dollars or less. That gives you an idea of how much effort a hacker will go to to get your credit card information–a few minutes of work.
So the freeware mentioned above is sufficient, because someone would have to know the data was on your hard drive, would have to want the data, would have to have physical access to the drive, and would have to have a pretty sophisticated forensics lab to recover the data. If none of those things is likely to happen, then even just deleting the data is probably fine. Because while normally deleted data CAN be recovered, it requires a lot of effort.
The average home user or small business is not worth the time and effort to even bother trying to harvest some useful nugget. A drive from PC at the IRS or DMV could have “identity theft starter kit” for 50,000 taxpayers on it. Whole different scale of problem.
Damn, I didn’t know they could do that. I thought the CT school shooter outsmarted police just by physically destroying his hard drive, and nothing could be recovered from that. I don’t have anything illegal on my PC that the NSA would be interested in, I am just wondering how I can wipe things off my hard drive (w/o erasing the whole hard drive) if I loan my computer to someone and don’t want them trying to dig up my porn or personal files (which I have moved onto a USB).