File Shredders – Beyond emptying recycle bin.
Bob Elliott – October 17, 2006
Bob Elliott is security business consultant at AKS-Labs software development company. His interests include sensitive file security, security policies, preventing information leakages, security audit methods. AKS-Labs has developed Shred Agent, a background-mode file shredder that we will be happy to recommend to all users, including users of our QuickWiper. Learn more at www.shredagent.com
What is better than file shredder?
Any file shredder is great, but is it secure enough? actually not, it will not do for all files: it will not catch temporary or cached files. Is there an option? Sure, background-mode file shredders.
Is it worth wiping sensitive files?
If you are concerned about your privacy then I’m sure you know about file shredders and what they do. These tools address the security problems associated with deletion operation. In Windows ® operation system user cannot do a secure deletion of files. This means that anyone who has access to your computer or to the hard disk of your computer can recover your deleted files.
Let me list some facts and questions that are often discussed when we talk about secure deletion of files.
- The first fact is that any deleted file can be recovered. There is no need to buy expensive tools, even freeware file recovery utility can do this job for you or for other person.
- The second fact is that pressing delete + shift keys don’t make file irrecoverable. Anyone can still recover your sensitive information.
- The third fact is that emptying Recycle Bin will not help secure your files too.
So why developers of operation system don’t include this feature? A good question, and the answer is that we actually don’t want all files to be irrecoverable. There is a chance that you might delete some really important file. Developers of operation system give you a choice – to use or not to use file shredders. Those who are concerned about security prefer to user file shredders.
Why use file shredders?
There are a lot of ways to secure your files. Some works well, other don’t actually help. The most popular approach is wiping free disk space regularly. This is a good idea, but you must have in mind that you will be able to wipe free space only in the end of working day or week, so some files and information could be recovered before this. Also, some software products silently delete and create files, so wiping free space is not a 100% guaranty of file security. Our research shows that wiping free space will cover only 90% of all deleted information. What are others 10%? It’s temporary files and cached files. In other words it’s your sensitive data and internet browser history. More over, wiping free space is a routine, time-taking computer task that may be a real hassle for your security administrator.
Another idea is to use a file shredder every time you wish to securely delete your file. It’s a great idea as you know what files are really important and should be deleted without possibility to recover. The bad news is that you will need to do some additional steps to process file to file shredder. But in most cases it is just few more clicks. Not a big price to stay secure.
What are typical security holes?
Actually, there are some security holes. First, we should consider files that are created by programs silently, these files can be a cached data or temporary file that office programs always creates. In this case file shredder simply doesn’t know what to wipe! As temporary file may actually appear at your hard disk for a second, but will contain a valuable information.
For sure, wiping free space is performing better, but remember that it will wipe only space that is actually free. It will not consider cached data (the history and cache or your internet browser), it will not consider some sectors just because the shredder could damage your data.
Another security risk is remote users that may access your hard disk by network. You don’t know what do these users do, if they delete files or not. Due to security limitation, these users will not be able to use a file shredder at your hard disk.
How to wipe all deleted files?
What you need to look at is a file shredder that works in background mode. Actually, you need a file shredder that will capture all deletion operation that your system do. In this case, you won’t need to drop files to file shredder, as it captures all deletion operation and can “see” all file that you do delete. Also, the problem of temporary files will be solved as other program utilize a common system interface to delete files and it will be possible to capture all operations with temporary and cached files.
What is associated with temporary files?
Are temporary and cached file a great security risk? Actually, they are. For instance, temporary files of office wording tools contains a copy of all file text data. So anyone who recover temporary file will have access to your sensitive data. For sure, wiping free space can do 90% of job you need to be done for deleted sensitive files, but there are still from 2-5% of files that could be recovered and might contain sensitive information.
For instance, if you clear cookies or cache of your web-browser, you cannot use file shredder utility. Also, the hard disk space dedicate to cached file will still be occupied, this means that wipe free space will not actually secure this information. In this case only background mode file shredder will be able to wipe files in a proper way.
It’s a good idea to use background mode file shredder to stay secure now. Does this method guaranty 100% privacy? Actually not. There still might be some chance of recovering files. So, if you will ever need to completely destroy data, then you will need to destroy computer hard disk physically. As for other purposes, for instance when you need to provide day to day file security– using background file shredder is a great option.
File shredders: conclusion.
Actually, it was the art when only security admin knew about tools we had to use. Various file shredders, wiping free space every weekend and so on. For now, ask your security admin to install a background mode file shredder and …forget about your security risks. Well, you still might face a problem as wiping operation is a little longer that deletion. So it would be great if you could fine tune your shredder to wipe only specific files or files within a specific location. In this way you will save your time and will still stay secure.
Note : (at) = @