The Windows Recycle Bin has saved many a person who deleted files and quickly regretted having done so. The ability to recovery
deleted files is a welcome feature. But what if you really want to completely wipe a file or drive so that it is unrecoverable? Most people would simply reply that all you have to do is empty your Recycle Bin. The truth is that it is much harder to completely delete a file. In fact, it is extremely hard to do if one does not have the proper tools.
Data can indeed be recovered long after it has been erased. If you want to know the technical details about this, check out Peter Gutmann's seminal paper on the topic, "Secure Deletion of Data from Magnetic and Solid-State Memory," at ww.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html.
In technical terms, these topics deal with the concept of data remanence, which is that data will continue to reside on a drive, even though it has been presumably erased. The security issue with data remanence is that it can easily make disclosure of confidential data possible if one gets physical access to the drive. To counteract the problem of data remanence, drive wiping was created to permanently remove all data.
There are many ways to permanently make data unavailable. The most drastic is the actual destruction of the drive. A less drastic way is to use software such as DriveScrubber 08 to wipe the disk such that any sort of data recovery is impossible. This need is so significant that the US Department of Defense created a standard (DoD 5220.22-M) on how to permanently wipe data, and DriveScrubber supports that.
Last year, security researcher Simson Garfinkel purchased a number of used computers on eBay. On those hard drives that were not wiped, he found thousands of credit-card numbers and financial records, along with medical information, trade secrets, and other highly personal information.
The bottom line is that if you have personal data on a storage device, you need to wipe it before you trash it.
