Posted on 12/10/2018 12:55:25 PM PST by outofsalt
With Windows 10 (and probably many other OS's) when you delete a file, be it email or others, it is not really deleted but is recoverable. I have a large bunch of "deleted" emails and quite a few personal records that I want to permanently remove from the hard drive. I am looking for suggestions on "shredder" programs (or are they all, "Apps" now?)
HDD + driveway + hammer. It worked for Hillary.
Send in “da Clenser”
She’ll take care of it.
SDelete (https://docs.microsoft.com/en-us/sysinternals/downloads/sdelete)
written by Mark Russinovich who is now the Chief Technology Officer for Windows Azure
This is what I’m looking for!
Say I have a tax form saved in documents and I want it gone; How do I move it to “cipher/w:C:” or does it go to recycle bin first?
Dumb 2nd grader!
Unless it’s an SSD in which case, the FBI could still recover some of the data. Might want to melt it instead.
Just delete it, empty the recycle bin and then run cipher /w:C:\Documents\blahblahetc\
There are lots of free alternatives.
https://www.lifewire.com/free-data-destruction-software-programs-2626174
What’s her name?
SSD? No problem break out the blow torch.
Analog rules!
All your 2nd graders a very smart!
Question - why 521 not 512, in the Windows help file?
Microsoft Windows [Version 10.0.17134.407]
(c) 2018 Microsoft Corporation. All rights reserved.
C:/cipher /help
Displays or alters the encryption of directories [files] on NTFS partitions.
CIPHER [/E | /D | /C]
[/S:directory] [/B] [/H] [pathname [...]]
CIPHER /K [/ECC:256|384|521]
CIPHER /R:filename [/SMARTCARD] [/ECC:256|384|521]
CIPHER /P:filename.cer
CIPHER /U [/N]
CIPHER /W:directory
CIPHER /X[:efsfile] [filename]
CIPHER /Y
CIPHER /ADDUSER [/CERTHASH:hash | /CERTFILE:filename | /USER:username]
[/S:directory] [/B] [/H] [pathname [...]]
CIPHER /FLUSHCACHE [/SERVER:servername]
CIPHER /REMOVEUSER /CERTHASH:hash
[/S:directory] [/B] [/H] [pathname [...]]
CIPHER /REKEY [pathname [...]]
/B Abort if an error is encountered. By default, CIPHER continues executing even if errors are encountered.
/C Displays information on the encrypted file.
/D Decrypts the specified files or directories.
/E Encrypts the specified files or directories. Directories will be marked so that files added afterward will be encrypted. The encrypted file could become decrypted when it is modified if the parent directory is not encrypted. It is recommended that you encrypt the file and the parent directory.
/H Displays files with the hidden or system attributes. These files are omitted by default.
/K Creates a new certificate and key for use with EFS. If this
option is chosen, all the other options will be ignored.
Note: By default, /K creates a certificate and key that conform to current group policy. If ECC is specified, a self-signed certificate will be created with the supplied key size.
/N This option only works with /U. This will prevent keys being updated. This is used to find all the encrypted files on the local drives.
/R Generates an EFS recovery key and certificate, then writes them to a .PFX file (containing certificate and private key) and a .CER file (containing only the certificate). An administrator may add the contents of the .CER to the EFS recovery policy to create the recovery key for users, and import the .PFX to recover individual files. If SMARTCARD is specified, then writes the recovery key and certificate to a smart card. A .CER file is generated (containing only the certificate). No .PFX file is generated.
Note: By default, /R creates an 2048-bit RSA recovery key and certificate. If ECC is specified, it must be followed by a key size of 256, 384, or 521.
/P Creates a base64-encoded recovery-policy blob from the passed-in certificate. This blob can be used to set DRA policy for MDM deployments.
/S Performs the specified operation on the given directory and all files and subdirectories within it.
/U Tries to touch all the encrypted files on local drives. This will update user's file encryption key or recovery keys to the current ones if they are changed. This option does not work with other options except /N.
/W Removes data from available unused disk space on the entire volume. If this option is chosen, all other options are ignored. The directory specified can be anywhere in a local volume. If it is a mount point or points to a directory in another volume, the data on that volume will be removed.
/X Backup EFS certificate and keys into file filename. If efsfile is provided, the current user's certificate(s) used to encrypt the file will be backed up. Otherwise, the user's current EFS certificate and keys will be backed up.
/Y Displays your current EFS certificate thumbprint on the local PC.
/ADDUSER Adds a user to the specified encrypted file(s). If CERTHASH is provided, cipher will search for a certificate with this SHA1 hash. If CERTFILE is provided, cipher will extract the certificate from the file. If USER is provided, cipher will try to locate the user's certificate in Active Directory Domain Services.
/FLUSHCACHE Clears the calling user's EFS key cache on the specified server. If servername is not provided, cipher clears the user's key cache on the local machine.
/REKEY Updates the specified encrypted file(s) to use the configured EFS current key.
/REMOVEUSER
Removes a user from the specified file(s). CERTHASH must be the SHA1 hash of the certificate to remove.
directory A directory path.
filename A filename without extensions.
pathname Specifies a pattern, file or directory.
efsfile An encrypted file path.
Used without parameters, CIPHER displays the encryption state of the current directory and any files it contains. You may use multiple directory names and wildcards. You must put spaces between multiple parameters.
There’s a couple of ways to do it.
One will destroy the data on the drive - have a utility write random bits to every single sector of the drive seven times.
The other is to physically destroy the disk. Bring magnets, a metal cheese grater, and a sledgehammer.
I’m only looking to overwrite specific files not the whole enchilada.
bkmk
I use BleachBit, only worthwhile thing Hillary provided in my life. I used to use CCleaner, but read they had security issues.
First defrag your drive to concatenate all data ... then run a program that erases all fields with repeated overwrites INCLUDING slack space.
First encase the hard drive in a plastic bag, lest powdery, glassy debris fly all over the place. I learned the hard way.
Be careful on those if you have an SSD. SSD have a limited number of times that they can be written to, and the way your average file shredder works is to write several times over that location.
Unless you have reason to believe someone is diving on your system, deleting it and doing your normal routine should be enough, just making sure that you remove the drive when you get rid of the system. Just the normal creating more files will help to scramble deleted data.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.