SecureDelete

Purpose

Program to walk the directory tree (from a nominated starting point) and securely delete every file it finds, and remove directories.

The purpose of this is to remove files and/or directories in a way that they cannot be later recovered by someone armed with a delete-recovery or disk editing program.

You might, for example, use it to delete files when:

• The files are highly confidential
• Your PC is being given to someone else (eg. at work, or by selling it)
• You don't want other people using software you bought
• The files contain commercially sensitive data (eg. source code)

Method

The program does this by:

1. Walking the directory tree from a nominated starting point or considering a single file name supplied on the command line
2. Counting files and directories
3. Displaying the total and asking if you want to proceed
4. For each file, it then opens the file for writing, and writes seven passes over the top of the existing data in the file
5. The first pass consists of all zero bits, the second pass all one bits, and the subsequent passes randomly generated bits. The purpose of this is to defeat people armed with low-level disk analysers that might conceivably reconstruct your data if it was only changed to zeroes or ones.
6. After the seven passes, the file is then removed from the disk directory.
7. After each directory is processed the directory itself is removed

Warning

• You should watch for error messages - if a file is in use, read-only, or has "permissions" that don't allow you to change or delete it, then the program cannot process that file. Look for error messages, and if you see them, fix the problem (eg. change file security) and then try again.
• For hopefully obvious reasons, the files cannot be recovered after they are deleted. Please ensure that you are deleting the directory or file(s) that you want to delete. For example, deleting C:\ is probably a bad idea.
• The program deletes all subdirectories below a nominated directory. Make sure nothing important is in a subdirectory.

Usage

On the command line, specify the file or directory you want to delete. You cannot use wildcards. You either delete a single file, or a single directory.

Security considerations

This program was designed to help protect your old unwanted files from being viewed by other people. However if your files are highly confidential there are other steps it would be prudent to take, for example, encrypting them when you are not actually using them.

You should also consider taking steps to overwrite any old data that might be lying around on the hard disk from when files were deleted using an insecure method. To address this the companion program DeleteUnused has been written, which overwrites all unused sectors with random patterns.

In addition, make sure that "backup" files (eg. files ending in .BAK, and possibly other extensions) do not contain earlier versions of sensitive data.

Disclaimer

The author does not accept responsibility for any files you may accidentally delete with this program. Use it with care.

This program does not pretend to solve all of your security problems on your PC. You are recommended to read some of the very good books on computer security and encryption to further your understanding of those issues.

Availability

To download, click on the "downloads" button at the top of this page.

Fee

This program is supplied free of charge. It is copyright 1998 by Nick Gammon. Source code is available from the downloads area.

Comments to Gammon Software support