This 'Wipe Free Space' option is a bit of a joke, isn't it? Any good intelligence or recovery professional could unencrypt this. I use Kill Disk, which wipes pre-boot, for obvious reasons.
Why was this option even added to the latest versions of CCleaner?
Just out of interest, how would any recovery professional 'unencrypt' overwritten data, and who advertises that they do this? I agree that for the overwhelming majority of the human race this is a waste of time, but people love gadgets and tweaking stuff.
Just out of interest, how would any recovery professional 'unencrypt' overwritten data, and who advertises that they do this? I agree that for the overwhelming majority of the human race this is a waste of time, but people love gadgets and tweaking stuff.
It's not hard, just like trying to hear the sounds of a tape you have recorded over.
Like, one wipe, not secure, two wipes, more secure..etc etc. CCleaner is like a half wipe.. Kill Disk is one , if not the only, secure deletion method. CCleaner is no better than Webroots 'shredder', or heaps of others.
And also, re un-encrytption, you may wish to refer to reported events in the news media, where 'so-called' deletion methods have been 'reversed', and contents shown.
A quick flick on Google with 'recover overwritten data' shows nobody is offering this service. To quote one hit, from Sean Barry (Ontrack's Remote Data Recovery Manager), ?There is no chance of recovery with overwritten clusters. The bit density on hard disk drives is so great now that when the magnetics are rewritten, the data is gone." Ontrack.com claims to be the world leader in data recovery.
A quick flick on Google with 'recover overwritten data' shows nobody is offering this service. To quote one hit, from Sean Barry (Ontrack's Remote Data Recovery Manager), ?There is no chance of recovery with overwritten clusters. The bit density on hard disk drives is so great now that when the magnetics are rewritten, the data is gone." Ontrack.com claims to be the world leader in data recovery.
Widely available disk overwriting software is one of the main reasons why data leaks continue to occur. Many corporate IT departments use these disk overwriting software tools to mitigate potential business risks and legal liabilities but these tools may have significant drawbacks which could compromise an organization's security.
According to a memorandum issued by the United States Department of Defense (DoD), (2001, May), overwriting software must have the following functions and capabilities in order to ensure the integrity of the sanitization process:
* The ability to purge all data or information, including the operating system (OS), from the physical or virtual drives, thereby making it impossible to recover any meaningful data by keyboard or laboratory attack.
* A compatibility with, or capability to run independent of, the OS loaded on the drive.
* A compatibility with, or capability to run independent of, the type of hard drive being sanitized (e.g., Advanced Technology Attachment (ATA)/Integrated Drive Electronics (IDE) or Small Computer System Interface (SCSI) type hard drives).
* A capability to overwrite the entire hard disk drive independent of any Basic Input/Output System (BIOS) or firmware capacity limitation that the system may have.
* A capability to overwrite using a minimum of three cycles (six passes) of data patterns on all sectors, blocks, and slack or unused disk space on the entire hard disk medium.
* A method to verify that all data has been removed from the entire hard drive and to view the overwrite pattern
If you are that paranoid why are you using a computer?
Of course, a typical, predictable, yet useless interruption to the conversation.
We were discussing the different wipe methods available, and in particular the usefulness/performance of the CCleaner Wipe Free Space function, but hey, thanks for the input..buddy.
That article discusses shortcomings in the disk wiper's ability to access every area of the disk (bad sectors etc), the bios not reporting the full size of the disk, and problems with raid configurations.
I don't think there's much doubt that, with the right tools and a little work, fragments of data can be retrieved from otherwise inaccessible areas on a disk that the user thought secure. There is a quote somewhere to the effect of "The pagefile is the policeman's friend." However there is no evidence or example of any data - barring a few isolated bits - being recovered after it has been overwritten by anyone anywhere.
I don't how CC's free space wipe works, and I don't think think that Piriform would claim that it is a forensic standard wiper. Still, the option appears to be quite popular.
That article discusses shortcomings in the disk wiper's ability to access every area of the disk (bad sectors etc), the bios not reporting the full size of the disk, and problems with raid configurations.
I don't think there's much doubt that, with the right tools and a little work, fragments of data can be retrieved from otherwise inaccessible areas on a disk that the user thought secure. There is a quote somewhere to the effect of "The pagefile is the policeman's friend." However there is no evidence or example of any data - barring a few isolated bits - being recovered after it has been overwritten by anyone anywhere.
I don't how CC's free space wipe works, and I don't think think that Piriform would claim that it is a forensic standard wiper. Still, the option appears to be quite popular.
"and I don't think think that Piriform would claim that it is a forensic standard wiper. Still, the option appears to be quite popular."
That was a good answer, however, any recovery professional will tell you that a single wipe of free space area is probably quite useless, but as you mention, it seems to be a popular option with CCleaner users, for whatever reason.
* A capability to overwrite using a minimum of three cycles (six passes) of data patterns on all sectors, blocks, and slack or unused disk space on the entire hard disk medium.
NOTE: As a mentionable tip, if anyone is interested in wiping out free space or old data prior to selling or throwing out their old PC, or for any reason, I'd suggest this: http://www.killdisk.com/
I found that the advice Don't argue with an idiot; people watching may not be able to tell the difference works well and they are of the Ferrous Cranus type of troll:
After slumping in front of a Top Gear rerun (the Vietnamese trip - excellent) thers's not much wit and wisdom left now.
The link you posted has nothing to do with whether you can recover overwritten data, but appears to be some misuse or malfunction of Eraser. Indeed the last but one post indicates that overwriting data (by using any method) makes it unrecoverable.
One overwrite of data makes that data unrecoverable. That's all there is to it.
any recovery professional will tell you that a single wipe of free space area is probably quite useless, but as you mention, it seems to be a popular option with CCleaner users, for whatever reason.
This is complete FUD. Where did you get this info? There is no reputable data recovery company who will claim to be able to recover data that has been overwritten.
The fact that you compare analog audio tapes to a computer HDD, and refer to recovering overwritten data as "unencrypting" it, should be a warning to anyone reading this thread that you have a limited grasp of the technology.
Instead of spreading misinformation, maybe you should concentrate on the more important question - whether or not CCleaner does overwrite all of the data it claims to.
john_a, how does the ccleaner DOD & NSA deletion options factor into this thread topic. Does that mean they're no more effective than the normal option? (:/
Well, if you agree with the statement that one overwrite makes the previously written data unrecoverable, then any more than one would be superfluous. I guess the DOD etc are just super cautious, or perhaps Mr Gutmann was on board as an advisor.
I found that the advice Don't argue with an idiot; people watching may not be able to tell the difference works well and they are of the Ferrous Cranus type of troll:
Well, if you agree with the statement that one overwrite makes the previously written data unrecoverable, then any more than one would be superfluous. I guess the DOD etc are just super cautious, or perhaps Mr Gutmann was on board as an advisor.
"Well, if you agree with the statement that one overwrite makes the previously written data unrecoverable.."
Where did I say that?
"According to a memorandum issued by the United States Department of Defense (DoD), (2001, May), overwriting software must have the following functions and capabilities in order to ensure the integrity of the sanitization process: -
A capability to overwrite using a minimum of three cycles (six passes) of data patterns on all sectors, blocks, and slack or unused disk space on the entire hard disk medium. "
I guess we'll have to leave it to them to recheck their research, I'm sure there will be an amendment if they come across this thread.
Funnily enough the DoD did check their research, and no version of the manual since 1997 specifies any method of data sanitisation, as they call it. The responsibility for this lies with the Cognizant Security Authority: one of these, The Defense Security Service, provides a Clearing and Sanitization Matrix which does specify methods. In the June 2007 edition of the DSS C&SM (phew!) overwriting is no longer acceptable for sanitisation of magnetic media; only degaussing or physical destruction is acceptable. A problem with disk-wiping is that it can't clean hard drives that have physically failed, presumably why degaussing or physical destruction is specified.
Furthermore in late 2004 the U.S. National Security Agency (NSA Advisory LAA-006-2004) found that a single 'DoD' overwrite instead of the three passes is sufficient to render electronic files unrecoverable.
There is no way on God's earth that a hypothesis is true because an authority, no matter how high, guards against it. It must be proven, and nobody can prove or show that overwritten data can be recovered. It can however be shown that it is not physically possible to read any magnetic track 'overlays', and if it were it is statistically impossible to recover a single error-free byte.