Guttman

[Lych]

I think that it would be cool to add the Guttman method of secure deletion. Its for paranoid people like me. 7 overwrites isn't enough... I need 35!!!!

[lokoike]

I think that it would be cool to add the Guttman method of secure deletion. Its for paranoid people like me. 7 overwrites isn't enough... I need 35!!!!

 

Yeah, I've seen that suggested before, and it isn't a bad idea! Plus, it wouldn't be difficult to implement, and it wouldn't take any more space (well, not more than a few bytes), so why not?

 

Also, a custom secure file deletion option would be good, so you can enter however many overwrites you want.

[Eldmannen]

CCleaner is just a little visual basic tool to remove some registry entries and files. It was never intended for secure deletion and paranoid security.

 

If you want secure deletion, then take a look at Eraser.

http://www.tolvanen.com/eraser/

[lokoike]

CCleaner is just a little visual basic tool to remove some registry entries and files. It was never intended for secure deletion and paranoid security.

 

If you want secure deletion, then take a look at Eraser.

http://www.tolvanen.com/eraser/

 

Right, but if the secure file deletion is already there, why not add those two simple entries? The Guttman would be for absolute nuts about security, and the custom option would let you choose how many overwrites to do. If you had a custom option, MrG would never have to tweak the secure file deletion option ever again, even if new erasing standards do come out.

 

With custom, you can simply choose how many overwrites you want. If 7 passes is too slow, but 3 isn't enough, you can do 5. It would be totally up to you. Plus, that way you would have no reason to have to resort to Eraser. All of your removal needs would be solved with one easy-to-use tool.

 

So MrG would have to make a simple tweak, and then 1. he wouldn't have to mess around with that feature ever again (saves him work and suggestions in the future), and 2. numerous CCleaner advanced users would be happy. Win-Win.

[Eldmannen]

Secure deletion is not just about the amount of overwrites/rewrites.

There is more to it such as random data, random data generation, entropy, etc.

[lokoike]

Secure deletion is not just about the amount of overwrites/rewrites.

There is more to it such as random data, random data generation, entropy, etc.

 

Well doesn't CCleaner overwrite with random data, and not just zero everything out? I assumed it did.

 

And also, why does it matter what random number generater is used for overwriting? Random is supposed to be just that, random. If you have a complex formula with all sorts of regulations that does the number generating, it isn't really random anymore.

[perkin]

The correct link for the current version of "Eraser" is:

http://www.heidi.ie/eraser/default.php

IMHO the need for a Guttmann overwrite,or indeed any more than 3-5 overwrites maybe,on a modern HDD,is distinctly overkill.Indeed,even with the excellent "Eraser",the recommended way to remove data pretty securely,is to overwrite the files a time or two,and then erase the free space on the HDD. There are so many factors involving the secure total removal of any data involved,that it could be said to be nigh on impossible,as Windows scatters data willy nilly in all sorts of areas! What about the paging(swap) file for example?

I feel that the current set up with CCleaner is very good,and if any further reassurance is required,the dilligent use of "Eraser" will more than suffice the average user.Of course,if you`ve really something to hide,a PC is not a good place to put it!

[cde]

The correct link for the current version of "Eraser" is:

http://www.heidi.ie/eraser/default.php

IMHO the need for a Guttmann overwrite,or indeed any more than 3-5 overwrites maybe,on a modern HDD,is distinctly overkill.Indeed,even with the excellent "Eraser",the recommended way to remove data pretty securely,is to overwrite the files a time or two,and then erase the free space on the HDD. There are so many factors involving the secure total removal of any data involved,that it could be said to be nigh on impossible,as Windows scatters data willy nilly in all sorts of areas! What about the paging(swap) file for example?

I feel that the current set up with CCleaner is very good,and if any further reassurance is required,the dilligent use of "Eraser" will more than suffice the average user.Of course,if you`ve really something to hide,a PC is not a good place to put it!

 

 

I agree on both points - DoD/Gutmann methods are indeed chosen for their overall effect (data destruction after a mix of zeros, random passes, fixed patterns, byte inversions, or whatever) and not because 35 is a higher number than 7. A good 3 pass wipe is probably better than 7 times with zeros... but a single pass should stop (most?) software recovery tools. It's the dust-free labs with big microscopes you need to worry about if you're wiping 100 times, and by the time your disk gets there you're in real trouble

 

Also using many passes will, eventually, shorten the life of your drive, especially if the drive has to seek around potentially fragmented and scattered files (as with CC) to find the sectors to wipe rather than just clearing a drive start to end.

 

The other point - don't hide anything on a PC. Totally - if you're that worried, run Portable Firefox (portableapps.com) from a Truecrypt drive. Or get PGP and encrypt your whole disk. With an encrypted volume, wiping is redundant unless someone can get to your PC while it's still turned on and unlocked.

[Eldmannen]

Well doesn't CCleaner overwrite with random data, and not just zero everything out? I assumed it did.

 

And also, why does it matter what random number generater is used for overwriting? Random is supposed to be just that, random. If you have a complex formula with all sorts of regulations that does the number generating, it isn't really random anymore.

 

Maybe it does, maybe it dont. Not sure about that.

Eitherway, generate truely random data isnt easy for computers, most random data produced by computers are actually pseudo-random.

 

http://www.random.org/essay.html

[lokoike]

Maybe it does, maybe it dont. Not sure about that.

Eitherway, generate truely random data isnt easy for computers, most random data produced by computers are actually pseudo-random.

 

http://www.random.org/essay.html

 

Very interesting article, Eldmannen. I found this part particularly informative:

True random numbers are typically generated by sampling and processing a source of entropy outside the computer. A source of entropy can be very simple, like the little variations in somebody's mouse movements or in the amount of time between keystrokes. In practice, however, it can be tricky to use user input as a source of entropy. Keystrokes, for example, are often buffered by the computer's operating system, meaning that several keystrokes are collected before they are sent to the program waiting for them. To the program, it will seem as though the keys were pressed almost simultaneously.

I never understood how a "random" number could be generated. I used to program my TI-86 graphing calculator (I know; lame), and I kept pondering how how the "random(" command could possibly work.

 

As far as random number generation goes in CCleaner, don't the Visual Basic 6 runtimes have a random function that CCleaner could use, so it wouldn't have to create its own? I would assume that is the way it works, but of course, once again, this is all speculation.

 

Does MrG have any documents explaining his method of secure file deletion? I realize it is still a fresh feature, but I would be interested in seeing that.

[Eldmannen]

Yes, Visual Basic probably have its own randomization functions, and it might also be possible to call other Windows API that do other randomization functions. But might not be good random functions.

 

That why I been saying, that its great that CCleaner offers this secure deletion function, but CCleaner was never intended for this purpose, so those serious about this should check a software crafted from bottom up with secure deletion in mind such as Eraser which purpose is just that, secure deletion.