Often, an anon will delete files from his computer, but that is only half the story, as those files are still really there. And if the careless anon doesn’t take steps to fix that, when his door gets kicked in and the FBI takes his hard drive, they will be able to see everything. Don’t be that anon.
What Is Computer Forensics? The People on ‘CSI’?
Computer forensics is the collection, preservation, analysis and presentation of computer-related evidence. In summary, it helps determine the who, what, where, and when related to a computer-based crime or violation. When the feds are finished arresting you and boxing up your belongings into evidence crates, they will ship them off to the FBI data lab in Washington, D.C.
In addition, an examiner will work to uncover all files on the subject’s system. This includes existing active, invisible, deleted, hidden, password-protected, and encrypted files. In many cases, information is gathered during a computer forensics investigation that is not typically available or viewable by the average computer user, such as fragments of data that can be found in the space allocated for existing files (known as “slack space”). Special skills and tools are needed to obtain this type of information or evidence.
How to Protect Yourself
While erasing files simply marks file space as available for reuse, data-wiping overwrites all data space on a storage device, replacing useful data with garbage data. Depending upon the method used, the overwrite data could be zeros (also known as “zero-fill”) or could be various random patterns. This is why simply deleting information is never enough. You must take proactive steps to ensure your removal is complete.
We are going to use a great boot disk called DBAN to perform this operation.
Step 1 Obtain and Burn DBAN
You can download the 2.2.6 Beta release from Sourceforge. Once you have the .ISO, all that’s left to do is burn it to a blank CD/DVD. Place the media into your drive and restart the computer. Most computers are set to try and boot from the CD drive before the hard disk. If this is not the case, and your computer does not boot the CD drive, you will need to enter your BIOS setup and change the boot priority order.
Step 2 Boot and Run!
After the CD starts, you will be greeted with this screen:
We want to simply press enter here to start DBAN in interactive mode. The main menu shown below should display your hard drive to be wiped.
The next screen shows us DBAN is ready to get down to work, the default method is a DoD Short wipe, and it will work fine for us.
DBAM is a great tool to clean a hard drive. I carry a copy of it in my laptop bag when I travel and you should do the same. It is quick and easy and works better then most other tools I have used. Be careful as (obviously) it is impossible to recover if you zap the wrong hard drive!