Lake Barcroft  


Donate Your Computer Safely

Wipe Data From Old PC's For Good
PC Magazine      April 20, 2004
By Jay Munro


Selling or giving away an old computer or hard drive is something we all do at one time or another. Whether it's getting a few dollars on eBay, or taking the tax deduction by giving it to a school or charity, it feels good to clear out that old machine. However, are you also giving away personal and financial information that could be used for identity theft? Even if you don't run your business or do your banking on your PC, it collects information such as ISP passwords, names, addresses and phone numbers, or personal e-mail that, in the wrong hands, could be used maliciously. So what do you do?

The typical process for many people is to go into Windows Explorer and delete personal files. This usually includes deleting all their e-mail, My Documents, and maybe files on the desktop. Unfortunately, Windows doesn't really let you off that easy. Deleting email from the inbox can leave messages in sub folders, as well as leave all the account information. You can manually delete the account information files, but don't forget to empty the recycle bin. Even emptying the recycle bin does not totally remove data from the disk. When Windows deletes a file, it doesn't delete the data, only removes the file name from the directory tables. With readily available tools, a savvy user can view the hard drive, undelete and ferret out information you thought was gone.

There are several ways to remove personal data from a hard drive, from a simple format to a government security-approved overwriting process. The simplest way to eliminate old data is to delete the disk partition and format the disk. Note that removing the partition does not remove the data, and formatting can be undone. However, for casual users, this is enough to cover your data.

This technique uses two command line utilities, Fdisk and Format. Fdisk manages the disk partitions, which is the lowest level of a disk drive a user can manipulate. Most manufacturers currently ship with a single partition (virtual drive) on a physical drive. To use these utilities, you need to boot with a floppy disk. If you don't have a floppy drive, it is possible to create a bootable CD-rom disk. Consult your CD burning software on how to do that. Just make sure you have and utilities on the disk. If you're using Windows 98, you can create a boot disk from the Add or remove programs option in the control panel. For Windows XP/2000, you can format and create a system disk through the Windows Explorer.

Figure 2, Fdisk menu
To remove the partition(s) from a hard drive, you need to reboot with the floppy. At the command prompt (usually A:\), type Fdisk and press enter. A little text utility will come up (Figure 2) . If it asks you whether you want to support large disks, answer yes. Fdisk by default uses Disk 0 (or the primary master disk). If you have more than one partition, you may view it by selecting option 4, "Display Partition Information". If you have more than one partition, you'll need to delete each separately. To delete the partition, select option 3, delete partition. Follow the prompts. At one point, it will ask you to confirm the volume label, which you will see in the listing it brings up. Type in the volume label (it may be blank, too), and then type yes. The drive will run for a moment and return. If you try to boot at this point, you'll get an error on the computer saying missing operating system. If you try to do a "DIR C:\" at the command prompt, you'll get an invalid media error. Now select option 1, create partition. At the prompts, just select the default, which creates a single partition, and make it active. This can take a little time, depending on the size of the drive. After this process is done, you need to reboot the machine. Leave the floppy disk in the drive, since there is now no operating system on the hard disk.

Next you need to format the drive, There are two methods of formatting, quick or complete. The quick format just wipes the file allocation table (list of file names and folders). It doesn't remove the data, just the file names. A full format will blank out the data, though with forensic techniques, the data can be retrieved. Make sure the floppy has on it. At the A:\ prompt, type

Format C:\ /u /s

This will format the C drive (system) and transfer the system files so the drive will boot (without Windows). The /u tells format not to save any un-delete information which it normally does by default. The /u is actually redundant, since when you use Fdisk first, format will ONLY do a full format because the file allocation tables no longer exist.

At this point you can give away the machine or hard disk knowing that the casual user probably can't mine your old data. If you have the original Windows installation disk, or better yet, the original manufacturer's Recover disks, you can install fresh copy of the OS, which will overwrite some of the hard drive making it even more difficult to get to your old data. If you have the recovery disks, you may be able to skip the Fdisk and format steps, as they are often included in the recovery process. If you need to install Windows from the original disk, boot with the floppy, go to the CD drive, and run either Setup or OEMSetup (depending on the version and manufacturer). Note that you will need the license key, which is either on a sticker on the side of the PC (newer computers), or on the OS manual (older ones).

Formatting and using the recovery disks are effective deterrents for casual data snoops, but a determined hacker can dig into the guts of the hard drive and eke out old data. The magnetic surface of the hard drive has residual traces of the data, which, with perseverance and the right tools, can be recovered. If you are either very paranoid, or in a profession that requires absolute secrecy, then you'll need to use a disk wiping program. For government security usage, the US DOD 5220.22 spec dictates a drive (or file) must be over written with all binary ones, all binary zeros, and then random characters. This is repeated a minimum of three times. When repeated a certain number of times, the data is effectively removed from deepest recesses of the drive. Here are a few tools you can get to do a full secure disk wipe.

  • Symantec System Works - Disk Wipe utility (part of Norton Utilities)
  • O&O Safe Erase - O&O Software
  • cyberCide -- Cyberscrub LLC
  • Tune-Up file shredder Tune-up software.

(please note, we have not tested all these products, and do not endorse them)

There are also a large number of free or shareware tools available. Do a Google search of Disk Wiping Tools, or Secure File deletion to find some. Lifted without permission from