1
00:00:00,000 --> 00:00:09,440
In this video, we'll talk about secure data removal.

2
00:00:09,440 --> 00:00:14,560
So when you delete a file, the problem is that it's not really gone.

3
00:00:14,560 --> 00:00:19,480
And that is because the directory entry, which is the file name, is removed, but the blocks

4
00:00:19,480 --> 00:00:24,440
that were used by the file stay in an unmodified way on disk.

5
00:00:24,440 --> 00:00:28,799
And that means with the appropriate tools, you could get it back.

6
00:00:28,799 --> 00:00:33,200
So when you delete a partition, what you really delete is the start and the end marker of

7
00:00:33,200 --> 00:00:34,400
the partition.

8
00:00:34,400 --> 00:00:37,000
And the data in the partition is not removed.

9
00:00:37,000 --> 00:00:38,000
Same story.

10
00:00:38,000 --> 00:00:39,639
You could get it back.

11
00:00:39,639 --> 00:00:45,160
If you want to remove data securely, you have a couple of extra options.

12
00:00:45,160 --> 00:00:47,520
First option is to use the DD utility.

13
00:00:47,520 --> 00:00:53,560
DD, I-F-S-W, U-Random, that reads the U-Random device.

14
00:00:53,560 --> 00:00:57,500
And the U-Random device generates random characters.

15
00:00:57,500 --> 00:01:04,339
Apply that to an output, for instance, to output DevSEC1, which will irrevocably override

16
00:01:04,339 --> 00:01:07,739
all blocks on DevSEC1 with random data.

17
00:01:07,739 --> 00:01:11,580
Then you can be sure that nobody will ever get it back.

18
00:01:11,580 --> 00:01:14,940
This is a little bit slower, but also more secure.

19
00:01:14,940 --> 00:01:23,620
You could also use DD, I-F-S-Dev0, and O-F-S-DevSEC1, which overrides all blocks with zeros.

20
00:01:23,620 --> 00:01:29,739
It's still very hard, but if you override with zeros, with high-end utilities, it could

21
00:01:29,739 --> 00:01:34,199
be possible in certain circumstances to get the data back.

22
00:01:34,199 --> 00:01:39,379
If you really want to be secure, better override your block device or your files with random

23
00:01:39,379 --> 00:01:40,379
data.

24
00:01:40,379 --> 00:01:46,099
There is a Thread utility as well, which can be used to delete files securely.

25
00:01:46,099 --> 00:01:51,459
And the Thread utility is automating the work of DD, I-F-S-Dev0, U-Random, because it will

26
00:01:51,459 --> 00:01:55,339
override the data blocks multiple times with random data.