Free tool lets you “shred” your data
A Markham, Ont.-based company is urging Canadians to “shred” – not simply delete – data on their computer’s hard drive before donating it or ditching it.
A Markham, Ont.-based company is urging Canadians to "shred" – not simply delete – data on their computer’s hard drive before donating it or ditching it.
Before you donate your computer to an organization — such as a church, youth centre or school — keep in mind sensitive data might still reside on its hard drive – even if you delete or even format it ahead of time.
If it falls in the wrong (and capable) hands, personal or financial information about you or your company can be easily retrieved, such as passwords, credit card numbers, corporate secrets, and so on.
And so a Canadian company, CBL Data Recovery Technologies, is offering a free downloadable tool for individual or corporate Windows XP or DOS users to safely and effectively wipe sensitive, private information from the hard drive.
Called CBL Data Shredder, this executable program provides a variety of destruction techniques to completely "shred" your data, making it inaccessible to anyone who gets their hands on your old PC. The company says this program satisfies the Royal Canadian Mounted Police DSX Method, the U.S. Department of Defense Standard 5220.22-M, as well as the German BSI Verschlussachen-IT-Richtlinien (VSITR) Standard.
Simply click here to grab this tool.
"Even though data can be lost due to physical damage or human error, it’s not irretrievable," says Bill Margeson, president and CEO of CBL Data Recovery Technologies Inc. "That’s why it’s especially important that computers changing hands, either for reuse or disposal, are properly cleansed of all personal information."
–
i guess it would be a good idea to do it on a hard drive that needed to be replaced before returning to the manufacturer… will definitely have to try out this tool!
Would it work if I am still running Millenium Edition?
Mr. Saltzman,
I cannot disagree more with your statements in this article. The information provided is clearly not correct on many counts.
First off, there is no standard or common criteria established for the destruction of legacy hard drive data. Period.
DOD 5220 is an antiquated technology that is no longer recognized by the US or any other government, regardless of what the software vendors want you to believe.
DSX is a product produced by the RCMP for data sanitization, and is not a standard. It is also a technology that the RCMP is looking for a suitable replacement for, as they no longer with to support it.
Second, software based data sanitizing solutions are woefully inadequate in doing an effective job. This is due to the nature of the construction of a hard drive. With embedded controllers, these devices internally manage their own bad sectors and tracks. As such, once the drive attempts to write data to a bad track or sector, and the device determines the track or sector bad, the drive will lock these bad tracks or sectors, leaving remnants of the legacy data in these locked sectors, and reallocate the active data to reassigned slip tracks or sectors. Although these tracks and sectors are marked bad, there is a very high probability that the original data is locked in these areas in either an intact or semi-intact state. As the drive controller has locked these sectors. The PC is incapable of accessing these areas when using a data overwrite software package.
Overwrite technology functions by overwriting existing data with additional data patterns in an attempt to obfuscate the existing data. Considering the operation of writing data, the device is using short bursts of magnetic energy from the drive head to achieve coercion of the magnetic media on the disk platter. This action will accomplish coercion of the top layers of magentics, and only over time will lower layer magnetics realign to the same polarity. This is how companies such as Ontrack are capable of restoring data from overwritten drives. These lower level magnetics leave an artefact capable of being recovered.
Furthermore, the reason that most software products use multi-pass processes is due to the fact that there is a 10% skew rate on the head landing position on the track. The multi-pass process attempts to use the law of averages to make sure that the areas to the left or right of the track center are effectively overwritten. Any data not overwritten by this process will render recoverable data artefacts on either side of the track.
In the past few months, there has been some recognition of Secure Erase as a viable means to effectively destroy legacy hard drive data. See the National Institute of Standards and Technologies published recommendation NIST 800-88 for more information. The NIST states that Secure Erase is the single most means of data destruction second to effective physical destruction (meaning granularization of the data medium to a particle size smaller than can accommodate a complete 512kB block, or less than 1/125th of an inch). Unfortunately, secure Erase cannot be reliably invoked as software, as most BIOS manufacturers have inhibited the passing of this string to the drive due to the potential devastation that SE can cause if exploited by virus or malware authors.
Considering other means of destruction such as Degaussing, this technology is a connectionless technology that is limited in effectiveness in sanitizing hard drives. As the chemistry of drive platters reaching 1Tb require up to 15,000 Oerstead of Magnetic energy to accomplish coercion, present degaussing technology, originally designed for tapes and low density magnetic media, will not be able to effectively destroy hard drive data. Additionally, having no connection to the device, they are not capable of maintaining an automated audit log of devices processed.
Like Degaussing, physical shredding is typically carried out by external service providers. This service requires the shipping of the device to an external service provider, whereby costing the client the loss of Care, Custody and Control of the storage device. In a day and age where there is a lot of focus on network security, the volume of information that can be captured from a network breach is a drop in the bucket compared to the volumes of data contained in a hard drive. A savvy hacker would go after poorly protected legacy storage devices than go after perimeter vulnerabilities.
Where does my background come from??? Well, my Company Converge Net is a solution provider focusing on delivering data Loss Prevention solutions to enterprise looking to convert stagnant policy into actionable IT objectives. We aid clients in a variety of sectors in attaining realistic levels of protection to meet their required compliance levels. In delivering our solution we have found that one of the single most ignored components of any compliance or security policy is the decommissioning stage of legacy stored data. As such we had researched the practices and technologies available to address this important concern. To say the least I was astonished to see the range of 'solutions' practiced or recommended. Many of these ranging from plain old foolish to just outright dangerous.
What we did find is a technology produced by a company called Ensconce Data Technology Inc. called Dead on Demand. This product is sold as an appliance that effectively decommissions 3 drives at a time using secure erase. At the end of the cycle, the device is rendered forensically unrecoverable, and is left with a standard format or standard image ready for re-deployment.
Unlike overwrite technology, the legacy data is unrecoverable by any means, and takes 1/8th of the time required by overwrite type methods. Typically a 100Gig drive will be processed in under an hour.
The dead on Demand is presently in use by a number of government offices worldwide, as well as, being adopted as a standard for a variety of enterprises, banking and finance orgs, and compliance practitioners as their standard for in-house data sanitization technology.
That is why I prefer the cordless drill method. Then hit it with some earth magnets to be sure.
Dear grandma,
You obviously have a lot of time on your hands and your own company's interests to promote.
I suggest you check out
http://en.wikipedia.org/wiki/Gutmann_method
also:
http://www.rcmp-grc.gc.ca/tsb/pubs/it_sec/index_e.htm
http://www.rcmp-grc.gc.ca/tsb/pubs/it_sec/dsx-faq_e.pdf
http://www.rcmp-grc.gc.ca/tsb/pubs/it_sec/dsx-userguide_e.pdf
CBL's Shredder is free and effective.
Anyone can download it
http://www.cbltech.ca/data-shredder.html
http://www.cbltech.ca/downloadform.php
It can "shred" 1TB in about 12 hours. How fast is your program?
Look for CBL Shredder 2 , currently under development at http://www.rp.edu.sg/
Seems like a fair question Bill. Are there any compatibility issues with DataShredder and Windows ME?
The data shredder is free, so you get what you pay for, and since it's free, then it's probably as good as it's going to get.
Simon, I'm sure Bill was talking about that windbag Ryk Edelstein, not grandma…
CBL is perfect, and FREE!!!
Bill and Very Satisfied,
I have a close relationship with the Canadian Government, and more specifically the folks responsible for DSX. These folks own and have evaluated the Digital Shredder as it is understood that there is a need for a replacement for DSX due to it's limitations. You can expect to see a publication in follow up to public document B2-001 that will position the Digital Shredder as a Canadian Government recognized solution for data overwrite technology.
I appreciate the references you have provided, and I will be posting a reference to a white paper that is soon to be published on the limitations of software as an effective means to decommission Hard drives.
Please look at NIST 800-88 on page 19 where it illustrates how the NIST classifies technologies. You will see that it is clearly stated that software is recognized as a CLEAR technology, to be used on non-secret information, whereas, Degaussing, Physical destruction, and Secure Erase are PURGE technologies that can be used for the decommissioning of confidential information.
I am not employed by anyone associated with manufacturing Secure Erase technology products. I have licensed some of my work to Ensconce Data Technology on my studies on Secure Erase, and have spoken on Secure Erase on a number of occasions. I am involved with a VAR that does sell the EDT products in Canada. I get no personal benefit from the statements I provide or from the sale of these products, so, my commentary is not financially motivated.
I respect your opinion of my commentary as being a 'windbag', yet contend that considering the amount of half baked solutions and out dated products on the market, and above all the lack of common criteria or a standard, the closest technology to being a standard is Secure Erase. After all, the reason the US Government, and the hard drive manufacturers had engaged the Center for Magnetic Recording research at the University of California San Diego to develop Secure Erase was to establish a common technology by which Hard Drives could be effectively and efficiently decommissioned.
I being called a wind bag is the cost of bringing light to this technology, then it is worth the price. Besides, I am sure my wife would agree with you on that count.
If you want to know more about Secure Erase, I am not hiding behind an anonymous posting and will gladly discuss Secure Erase. I can be reached on my direct line at 514-267-2767.. or call me at the office at 877-205-6806. Or skype me at FEDELST.
Speed… Secure Erase purges data in a single pass at a rate of 100Gig per hour… Is that fast enough?
With Secure Erase multi-pass is not required to achieve destruction beyond forensic reconstruction. Independent forensic lab studies are available on request.
Thanks for very interesting article. I really enjoyed reading all of your posts. It’s interesting to read ideas, and observations from someone else’s point of view… makes you think more.
If CBL Data Shredder is so good , then why doesn’t it work under Vista . I have try to use it under Vista but it can’t seem to identify any of my hard drives , leaving me with listing that say unknown , rather then the name of the drive … useless tool .