Sarasota PC Monitor
Eraser 5.7
A Software Review
by John Inman
Member of the Sarasota Personal Computer Users Group, Inc.An article in the July issue of the Sarasota PC Monitor concerned deleting Information from hard drives. It explained that deleting a file does not remove the file from your hard drive. In order to permanently remove information, it is necessary to write blanks or zeros over the deleted information.
Eraser 5.7 is a security tool that uses advanced technology to completely remove access to data on a hard disk by overwriting it with carefully selected patterns. Sami Tolvanen, a Finnish graduate student, developed Eraser. It is based on the work of Peter Gutmann of the University of Auckland who authored "Secure Deletion of Data from Magnetic, and Solid-State Memory1." His thesis claims it is impossible to remove data that has been written to a hard disk. However, if you overwrite the data enough times with random patterns, you can make the data so difficult to recover that it becomes impractical to attempt it.
Eraser provides three ways to overwrite data: (1) Drag and drop files to the on-demand eraser, (2) Right click on an Explorer file extension and select erase from the popup menu, (3) Use an integrated scheduler to overwrite unused disk space at a convenient time.
There are options for the number of overwriting passes made depending on the degree of security required. In Method (1), the characters used for overwriting are zeros and ones. A single pass of random characters is equivalent to the protection of simply deleting a file. It is easily recovered with software that analyses the disk magnetization. It is handy if you are just trying to clean up a folder of unnecessary files.
Methods (2) and (3) meet the Department Of Defense standards for security developed in the early days of computing. Method (2) makes three passes using all zeros, all ones, and pseudorandom characters. It will protect your data from the average computer user, but not from hackers. Method (3) makes seven passes of random data of various types. This will protect you against all but sophisticated hackers, the FBI, and the National Security Agency.
Method (4) is the Gutmann method. It uses 35 passes of pseudorandom data and what Gutmann calls determinant data. The latter is combinations of zeros and ones that ensure the obliteration of data by removing its magnetic remnants. The National Security Agency can still recover a file erased with Gutmann, but it may take a year to do it. Are you really paranoid about file security? Then you should use the Department of Defense method for Top Secret material. Remove the hard drive from the computer and degauss it, or smash it into little pieces.
That's it for the technical details. How well does Eraser work? I found it was easy to download and install. It works with all versions of Windows from 95 to XP and 2000. Go to Preferences on the Edit menu to choose the overwriting option you prefer. An option with more passes takes a little longer, a few more seconds or up to minutes with Gutmann. I usually work from the Windows Explorer shell. Right clicking on a file opens a popup menu with the usual choices of open, copy, paste, delete, properties, etc. You now have an additional choice - erase. Selecting erase opens a confirmation box in which selecting "yes" will erase the file. The Demand Eraser works best when you have a lot of files to remove. You can drag them to the window individually and erase them all at once. Use the Scheduler once a month to overwrite unused areas of your disk. I set it to run after I have retired for the night.
Sami Tolvanen holds the patent for Eraser. He has declared it freeware. It is free for all to use, and may be freely redistributed. Sami has turned over development and distribution of Eraser to an Irish company, Heidi Computers. You can download Eraser at www.heidi.ie/eraser/download.php. If you are pleased with the program, Heidi will accept a donation from you. View at: www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html :
Copyright 2004. This article is from the August 2004 issue of the Sarasota PC Monitor, the official monthly publication of the Sarasota Personal Computer Users Group, Inc., P.O. Box 15889, Sarasota, FL 34277-1889. Permission to reprint is granted only to other non-profit computer user groups, provided proper credit is given to the author and our publication. We would appreciate receiving a copy of the publication the reprint appears in, please send to above address, Attn: Editor. For further information about our group, email: admin@spcug.org/ Web: http://www.spcug.org/
The Sarasota Personal Computer Users Group, Inc. has 1,100+ members and was established in 1982. We are members of the Assoc. of PC User Groups (APCUG), the Florida Assoc. of PC Users Groups, Inc., and we are members of the America Online Ambassador Program.
See http://www.spcug.org for all reviews from the Sarasota PC Monitor, go to the Newsletter Section.