DestroyIt & DiskSanitizer Pro
98 through Vista, 16MB RAM, Pentium or faster processor,
3MB disk space, Internet Explorer 6 or higher
package, looking suspiciously like a brightly colored
box of laundry detergent (albeit vastly lighter in weight),
contains two programs - DestroyIt Pro (for files and
folders) and a handy little item (on floppy disk no less)
called DiskSanitizer Pro v2 which is designed specifically
as a boot program for completely destroying the entire
contents of hard drives, including the operating system.
DestroyIt is specifically designed to permanently delete
files and folders in a way which makes them absolutely
know what you're thinking. Paranoia. You're a typical
computer user who really doesn't think there's anything
incriminating stored on your computer. Besides, if
there ever was, you can always delete it. The porn
you deleted last month? Some important or confidential
bit of personal or business information that you
deleted last week or last month? I'll bet you think
that because it was deleted, it's gone forever. But
that's just not so - not so at all. In fact, there's
a whole tech industry segment which has grown up
over the past 20 years or so completely focused on
recovering data from hard drives and other storage
media, digging up data that's been accidentally 'deleted',
digging up the 'goods' on someone who has committed
a crime, resurrecting incriminating (or just lost)
files, e-mail, etc., etc. It's a profitable business,
fed by, among other reasons, our insistence on not
doing proper backups, the propensity of some criminals
to leave digital traces, and the absolute likelihood
that hard drives and other storage media are guaranteed
to fail when you least expect it.
that all means is that if you really want to destroy
data on your computer, simply clicking Delete just
won't do. We can't emphasize it enough. Your computer
contains a gold mine of information about you: every
file you save, every letter you write, every e-mail
you send, every Web page you visit; even your company's
database and financial information. Data that was
deleted months or even a year ago can be lurking
underneath your present data, waiting to be recovered
by anyone who knows how to restore it. Data restoration
or recovery is surprisingly easy to do with available
installs quickly - it's a small program - and will run
on almost any Windows PC you can find. Configuring the
program reveals the permanence of its actions, with no
less than 7 selectable confirmation levels meant to prevent
even the dumbest and most error-prone among us from accidentally
destroying something. You can choose to destroy individual
files, folders and entire directories. Depending on the
destruction method used, data which you choose to destroy
is gone forever.
interface is simple, easy to understand and offers a range
of data destruction options:
Secure - fastest but least secure method. This method
will defeat casual investigation and most consumer-level
undelete software utilities.
Secure - a reliable method of destroying data designed
to be human-readable. Defeats all software recovery methods
such as undelete tools, cluster viewers and hex editors,
etc.). Seems more than adequate for most users.
Department of Defense (DoD) 5220.22-M Standards - meets
the guidelines set by section 8.306 of the DoD's 5220.22-M
DoD 5220.22-M Standards - more like a bulk eraser for
hard disks, thereby defeating virtually all known software
and hardware recovery techniques.
Security (Peter Gutmann method) — provides protection
against all recovery methods. Defeats even the most sophisticated
data recovery equipment. It seems to work effectively on
all types of disks, but the process is time consuming and
should only be used on a drive you don't need for a morning
(and which contains data serious enough to warrant the
additional paranoia). Mr. Gutmann presented his original
paper on Secure Deletion of Data from Magnetic and Solid-State
memory in the Sixth USENIX Security Symposium Proceedings
in San Jose, California in 1996. Read about his theories
of Data stored on Magnetic Media.
Defined — multiple data passes, each one of which
can be customized, plus choice of data destruction character
to use for the overwrite process.
know that data overwritten once or twice may be recovered
by subtracting what is expected to be read from a storage
location from what is actually read? Even data which is
overwritten an arbitrarily large number of times can still
be recovered provided that the new data isn't written to
the same location as the original data (for magnetic media),
or that the recovery attempt is carried out fairly soon
after the new data was written (for RAM). For this reason
it is often effectively impossible to sanitize storage
locations by simply overwriting them, no matter how many
overwrite passes are made or what data patterns are written.
However by using the relatively simple techniques in the
Gutmann method the task of an attacker can be made significantly
more difficult, if not prohibitively expensive, and that's
why we recommend the setting. On the other hand, the other
settings are OK if your data is really not particularly
desirable. The final setting in the security method dialog
- User Defined - in our opinion is primarily for hobbyists
interested in experimenting with this kind of technology.
DestroyIt works quickly and uses very few system resources.
We keep a variety of data recovery tools around our research
offices mainly for those times when one of us accidentally
deletes some crucial (and sometimes expensive) file. What
we quickly discovered is that destroying a file with DestroyIt
confirmed the software's claims - all settings from Adequately
Secure through even only mildly complex User Defined configurations
rendered the destroyed file gone forever. DestroyIt effectively
defeated all of the commercially available file recovery
software we use including Executive Software's Undelete,
O&O Unerase, Restorer2000, OnTrack EasyRecovery, LCTechnology's
PhotoRecovery and Active@Uneraser.
Pro is another story. It's a cross platform application
which can be used to sanitize any type of hard or floppy
disks connected to the computer. It is usually installed
and operated from a system (bootable) floppy disk, but
it can also be installed on a hard drive and run from a
Command prompt (for non-booting disks, floppies and removable
drives). The version supplied in the package is good for
two hard drives and you can obtain additional licenses
directly from Business Logic. If you're selling a PC, giving
away old computers to schools, upgrading hard drives or
repurposing a hard drive (or multiple) drives in an organization,
you really don't want to leave any traces or recoverable
data lying around.
sanitizing is a simple and almost foolproof process. Place
the floppy disk in the computer to be sanitized then reboot.
At the DiskSanitizer DOS screen select the drives to sanitize,
select the sanitization method, select sanitization options
then confirm the drive and sanitization process. The sanitization
methods you can choose from are essentially the same as
the destruction methods found in DestroyIt. DiskSanitizer
adds the option to generate random data streams using ISAAC
Pseudo-Random Number Generating algorithm.
DiskSanitizer on two different machines, both of which
contained thousands of recoverable files and directories.
We proved recoverability prior to running DiskSanitizer
by using Executive Software's Undelete and OnTrack EasyRecovery
Pro to recover or undelete several dozen files. We also
manually restored a handful of files using the venerable
HexEdit. We then rebooted with DiskSanitizer and sanitized
the hard drives. Attempts afterward to detect recoverable
or otherwise undeletable data on the drives using the Undelete
and EasyRecovery emergency floppy disks proved to be impossible.
HexEdit and some other DOS hex editors were also useless
because there was nothing on the hard drives except completely
random data. Simple put, there was absolutely nothing to
of choices but the most secure destruction method for sensitive
data is limited to one selection - the Gutmann method.
The software's main strength is also it's primary danger,
so you have to be very careful about what you select for
destruction. We can't emphasize this enough - once DestroyIt
destroys it, it's gone. Ditto for DiskSanitizer.
file name destruction for FAT and FAT32 drives which not
only destroys the data file itself but also any trace of
the file in the File Allocation Table. The bonus DiskSanitizer
Pro disk is a nasty little item which will unalterably
wipe any hard drive, a great little tool to have (and use)
prior to selling your PC. DiskSanitizer has a nifty BIOS
Free feature which lets you fully sanitize large hard drives
even on older computers which don't support today's enormous
disk capacities. In corporate environments, at home, in
small offices - anywhere data is at risk - DestroyIt can
be successfully used to ensure that nobody gets to see
data they're not supposed to see. Paranoid? Maybe. Secure?