JSI Tip 10088. SDelete freeware securely deletes one or more files, or cleans your freespace


SDelete.exe is a command-line utility that deletes one or more files and/or directories, or it can clean the free space on a logical disk.

When I type SDelete /? on my Windows XP workstation, I receive:

SDelete - Secure Delete v1.4
Copyright (C) 1999-2005 Mark Russinovich
Sysinternals - www.sysinternals.com

usage: sdelete \[-p passes\] \[-s\] \[-q\] <file or directory>
       sdelete \[-p passes\] -z \[drive letter\]
   -p passes  Specifies number of overwrite passes (default is 1)
   -s         Recurse subdirectories
   -q         Don't print errors (Quiet)
   -z         Clean free space
NOTE: Wildcard characters are allowed.

The SDelete page contains the following introduction:

One feature of Windows NT/2000's (Win2K) C2-compliance is that it implements object reuse protection. This means that when an application allocates file space or virtual memory it is unable to view data that was previously stored in the resources Windows NT/2K allocates for it. Windows NT zero-fills memory and zeroes the sectors on disk where a file is placed before it presents either type of resource to an application. However, object reuse does not dictate that the space that a file occupies before it is deleted be zeroed. This is because Windows NT/2K is designed with the assumption that the operating system controls access to system resources. However, when the operating system is not active it is possible to use raw disk editors and recovery tools to view and recover data that the operating system has deallocated. Even when you encrypt files with Win2K's Encrypting File System (EFS), a file's original unencrypted file data is left on the disk after a new encrypted version of the file is created.

The only way to ensure that deleted files, as well as files that you encrypt with EFS, are safe from recovery is to use a secure delete application. Secure delete applications overwrite a deleted file's on-disk data using techniques that are shown to make disk data unrecoverable, even using recovery technology that can read patterns in magnetic media that reveal weakly deleted files. SDelete (Secure Delete) is such an application. You can use SDelete both to securely delete existing files, as well as to securely erase any file data that exists in the unallocated portions of a disk (including files that you have already deleted or encrypted). SDelete implements the Department of Defense clearing and sanitizing standard DOD 5220.22-M, to give you confidence that once deleted with SDelete, your file data is gone forever. SDelete is presented with full source code so that you can verify yourself that it works as advertised. Note that SDelete securely deletes file data, but not file names located in free disk space.



Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish