Option to zeroize files for overwriting

[Fortiscue]

Currently, for files that CCleaner is deleting, you can choose to simply delete them (where they are not overwritten) or delete and overwrite them with one or more passes of pseudo-random data.  I would like to see an option to have the final (or only) overwrite pass be to zeroize data.

 

Pseudo-random is used for a couple reasons, and I'm not going to get into them or start a debate on this.  But having the option to zeroize instead of or as a final pass after pseudo-randomizing has many benefits.  Not the least of which is your drive becomes a whole lot more compressable if you are making compressed disk images.  It is also beneficial for those who are concerned about disproving the pressence of hidden data on their drive.  This is important... in fact vital... in certain circumstances.

 

[Augeas]

In my limited experience with multi-pass overwrites (I generally use one-pass) I've found that CC's last pass is always zero bytes. Is there an overwrite option that doesn't result in zeroes?

[login123]

Some softwares claim to set the file size to zero after the wiping is done.  

Maybe that is what Fortiscue is suggesting.  

 

And I think Sdelete by Sysinternals leaves the files full of ZZZs, but doesn't resize them to zero bytes.  

Pretty sure of that but I would have to check again to be 100 percent.  

[Fortiscue]

I meant overwriting, not setting the file to zero length.

 

CCleaner has several methods of secure overwriting, none of which to my knowledge involve overwriting with zeros.  The methods currently are:

• Single pass -  one pass of pseudo-random data
• 3-pass - Labelled as "DOD 5220.22-M", which is one pass each of zeros, ones, and pseudo-random data
• 7-pass - Labelled as NSA, but there is no specification I know for this, so I don't know what CCleaner is doing here, but given that none of the other ones end with a zeroizing pass, I doubt this one does either.
• 35-pass - Guttman, this is the unfortunate researcher that started the multi-pass overwrite craze.  His method involves 4 passes of pseudo-random data, a whole bunch of passes that aim to mimic specific MFM patterns, then a final 4 passes of more pseudo-random data.

I am proposing that:

1. There be a single-pass overwrite-with-zeros method added
2. A setting to add a final "zero" pass to the other methods, so you can still do a pass with pseudo-random data but end with zeros.

Multi-pass overwriting is not required.  Guttman was tinfoil-hat paranoid back in the 90's when he wrote his paper, and the need for it has only diminished with increasing data densities.  That's not my point, though.  Let the paranoid people have multiple-pass overwriting.  I just want to see the ability to overwrite with zeros because it makes things a whole lot easier in some cases.

[Augeas]

Have you had a look at what CC actually does?

 

One pass overwrite is with zeroes.

Multi-pass overwrites end with a pass of zeroes.

 

What you are suggesting is already being done.

[Fortiscue]

Have you had a look at what CC actually does?

 

Hi Augeas,

 

Thanks for the reply.  Yes, I have now looked at CCleaner's behaviour with a sector editor and verified that it does zeroize files.  This is excellent - I appreciate letting me know of this change.

 

However, I will note, this is a marked change from earlier behaviour and currently undocumented.  Previously it was documented as being pseudo-random data for the single pass, and the methods iterated above for the multi-pass. Either the specifications noted in the documentation are being modified, or an aditional zeroizing pass is being performed.  For me either is fine, I really just want the data zeroized.  But perhaps I could suggest a modification to the documentation to state exactly what is being done.

 

Thanks again for the reply.

[Fortiscue]

Oh, I forgot to mention, during my testing there was some inconclusive results regarding files with data that were contained entirely within their MFT entries.  Can you verify whether or not CCleaner is supposed to do be able to securely delete those?

[Augeas]

As far as I know the one pass has always been zero, and the multi-passes have always ended in zero, whatever the specifications of these methods say. The documentation doesn't say one way or another. In my mind whether or not CC sticks to the specs is of minor importance, seeing as we both agree that multi-pass overwrites are well, an archaic nonsense really.

 

CC's secure deletion overwrites the content of files held in the MFT, and Drive Wiper runs a wipe MFT, so yes, What were your inconclusive results?