Destroy sensitive information

Cập nhật7 December 2021

Mục lục

...Đang tải mục lục...

    A phone or computer uses its memory like someone who works very hard to save paper: it writes in pencil, and piles up the files you tell it to delete (like temporary files or the files in your device's Trash, Recycle Bin, or Rubbish Bin). When it needs more space, it erases writing from paper in the "delete" pile, and writes on that part of the paper again for new files.

    So when you drag a file to the trash and empty it, your phone or computer does not really remove that file. What happens is more like removing labels from a filing cabinet, but leaving the files in it. "Deleting" a file only tells your phone or computer that it can use the space where the deleted file was saved for something else. Until your device saves another file in that space, the original file can still be seen by someone who has access to your device, and the right tools.

    The tools we recommend do more than just delete the file by erasing the words. They scribble over the top of every word with random nonsense several times so no trace of the original file is left behind. Security experts agree that "wiping" your phone's or computer's unused space in this way is effective enough to keep an intruder from reading your erased files.

    There is a big exception to this, in all phones and in newer computers. There is a risk that newer drives called solid state drives, or SSD, will not fully erase their contents because of a technique called "wear leveling." Learn more about the challenges of erasing SSDs here. To make it harder to recover what you have erased from an SSD drive it is crucial to encrypt these drives as soon as possible, particularly if you are going to dispose of them. It is also important to encrypt drives before you re-use them.

    Secure deletion tools will not erase files you have not deleted or specifically told it to wipe. Still, be careful with software like this. If it is your first time using these tools, follow these steps in order to erase files safely and effectively. There are a few ways to wipe sensitive data from your devices. You can wipe just a single file, the contents of your trash, the 'empty' space on the drive, or the entire drive.

    Clean traces of your work off your device

    • Set a regular schedule to wipe your device's unused memory securely, to continue to ensure sensitive files do not remain on your devices, hard drives, USB memory sticks, removable memory cards (SD cards) from cameras, mobile phones or portable music players, and any other device that saves sensitive information.

    Android

    Linux

    Mac

    Windows

    Learn why we recommend this

    We recommend cleaning traces of your work to remove history of your activity on the device, combat malware and to help your device work better. These files are hard to find and remove safely. In the next few paragraphs, we will tell you more about these files.

    Your web browser saves text, images, cookies, account information, the history of websites you have visited, and personal data used to complete online forms. Our section on Firefox can tell you more about that data, and how to delete it more often.

    Your device and the apps on it also save temporary versions of files you are working on. This way, if it crashes or there is a power outage, you don't lose all the work you have done. If you wipe the file you were working on, you remove the current version, but your device continues to store older temporary files in ways that are hard to find and remove without special tools. Apps and devices also save all sorts of other shortcuts to make our lives easier, including what you copy to the clipboard.

    To securely erase individual files

    Linux

    Windows

    Take identifying information out of your photos and other files

    Learn why we recommend this

    It may seem like simply using a face blur feature or covering sensitive details will protect the people or places in your images. However, it may still be possible for someone with the file to see what you are covering up if the blur is not done in a specific way. Obscuracam ensures the blur is done securely.

    Images also contain more information than just what is visible in the picture. All files have a small amount of information about where and how they were created. This information is called metadata. You can usually get a look at some of a file's metadata on a computer by right-clicking on the file and selecting "Properties" or "Get info."

    Some metadata may include your location or the device the file was made with: information that someone looking at the file could use to identify you. Scrambled Exif, MetaX, and Exifcleaner help you securely erase metadata. See this article for more information on metadata, and how you can clean it from your files.

    To fully wipe a device

    All devices

    Phones

    Android

    iOS

    Computers

    • It is not possible for a device to thoroughly erase itself. You will need to start your computer from an external drive to do this.
    • Consider using DBAN to thoroughly overwrite your drive. This may take some time, and you will need to download DBAN and run it from a blank USB drive.
    • Unfortunately, on newer computers that use a SSD (solid state drive), it is harder to guarantee that a drive is fully erased. However, you can take the steps listed below to do as much as you can.
    • Once you have wiped the entire disk, consider re-installing the operating system.
      • Be sure to set up full disk encryption.

    Mac

    • On older Macs that have Intel chips, you can erase your hard drive securely using Disk Utility or Erase Assistant.
    • On Macs with SSD chips, do the following:
      • First, enable full disk encryption on the drive you want to erase. This ensures the contents of your hard drive look like random nonsense to anyone who does not have your device password.
      • Next, follow these instructions to erase your SSD drive using Disk Utility.

    Windows

    • Plug the drive you want to erase into a computer with Eraser installed.
    • Delete everything on the external drive.
    • Then use Eraser to wipe all of the drive's unallocated space. You might need to let this procedure run overnight, as it can be quite slow.
    Learn why we recommend this

    When you wipe an entire hard drive, you will need to run your computer's operating system off a different drive because a program like Eraser cannot thoroughly erase the device that is running it. This will require physically removing from your computer the drive you want to erase and essentially turning it into an external hard drive.

    Before you sell, give away, or dispose of an old computer or phone

    • Fully wipe the device using the instructions above.
    • Remove USB drives, CDs, DVDs, SD cards, SIM cards, dongles, or other small devices that may be inserted or plugged into your device.
    • If possible, when you are selling or giving away an old computer, do not give the new owner the hard drive; but if you must, be sure you have followed instructions on how to erase it first.
    • If you are disposing of an old hard drive, consider destroying it physically as well as wiping it. You can do this by hammering nails through the drive, or with a drill. Do not burn or pour acid on a drive, and do not put it in the microwave. Physically destroying data storage is always the safest option.
    • You can also keep a wiped drive that is in good condition to re-use yourself, in a new device or as an external hard drive.
    • Use the following instructions as an additional checklist when taking the steps we have listed above in the section on securely erasing your device.

    Android

    • Follow these instructions to remove this device from the list of devices associated with your online accounts.
      • Follow the instructions above for fully wiping a device securely.

    iOS

    Linux

    • Follow these instructions to remove this device from the list of devices associated with your online accounts.
      • Follow the instructions above for fully wiping a device securely.

    Mac

    Windows

    • Follow these instructions to remove this device from the list of devices associated with your online accounts.
    • Follow these instructions to securely prepare your computer for disposal.
    • Follow the instructions above for fully wiping a device securely.
    Learn why we recommend this

    The process of wiping a drive may take quite some time. When you are giving a computer to someone else, it may be difficult to negotiate not giving them the hard drive. But when you are selling or otherwise disposing of a device, it is worth taking these precautions to ensure you are not accidentally giving away your sensitive files to someone else.

    Destroy CDs and DVDs before disposing of them

    • Use sturdy scissors to cut unwanted CDs or DVDs containing sensitive information into small pieces.
    • Some paper shredders also give you the option to shred CDs and DVDs. Just be sure your shredder does before trying to shred discs!
    • Dispose of the pieces in various locations far from your home or office to make reconstruction harder.
    Learn why we recommend this

    Even if a CD or DVD lets you save additional data on it (if it is "rewritable"), it is better to destroy the disc. It is surprisingly difficult to erase the contents of a CD or DVD by writing over data that is already there.

    You may have heard stories about information being recovered from CDs or DVDs after they were cut into small pieces. While this is possible, reconstructing information in this way takes a great deal of time and expertise. Judge for yourself whether someone is able and likely to expend that level of resources to rebuild a disc you have shredded.

    Advanced: Remove the traces deleted information leaves in your smartphone

    We recommend periodically wiping all of the "empty" space on your device.

    If you do a factory reset of your phone some traces of information may still be in its flash memory.

    • Use Extirpater to permanently erase everything you have deleted previously with CCleaner or after a factory reset. Notice it is not in the Google Play store. Install F-Droid's APK first and install Extirpater then. Use it with care as it can permanently damage the memory if you run it too often.