Mixing
How secure is reinstalling Windows?
Clash Royale CLAN TAG#URR8PPP
up vote
1
down vote
favorite
I've got a set of computers that have had privileged information on that I want to be able to re-use. If I used a Windows boot drive to re-install Windows, how sufficient would that be towards keeping the old data safe?
I'm aware that the only sure way to secure the data is by grinding the hard drives into a fine powder, but how 'good enough' is it? If it's not good enough, is there an alternative that leaves the hardware intact that is functionally good enough, assuming that incredibly powerful people don't want my data, who'd just break out the pliers and get it anyway.
Extra points that I'm interested in, but are tangentially related to the question so aren't required for an answer is; what other issues am I likely to run into if I were to give/sell these computers on? (My organisation owns the computers and the licences for Windows, and would like to offer them to employees once we're done with them). I believe there's an issue with transferring the Windows licence, for example.
windows hard-drive security
asked 3 hours ago
Yann
139110
 |Â
show 2 more comments
up vote
1
down vote
favorite
I've got a set of computers that have had privileged information on that I want to be able to re-use. If I used a Windows boot drive to re-install Windows, how sufficient would that be towards keeping the old data safe?
I'm aware that the only sure way to secure the data is by grinding the hard drives into a fine powder, but how 'good enough' is it? If it's not good enough, is there an alternative that leaves the hardware intact that is functionally good enough, assuming that incredibly powerful people don't want my data, who'd just break out the pliers and get it anyway.
Extra points that I'm interested in, but are tangentially related to the question so aren't required for an answer is; what other issues am I likely to run into if I were to give/sell these computers on? (My organisation owns the computers and the licences for Windows, and would like to offer them to employees once we're done with them). I believe there's an issue with transferring the Windows licence, for example.
windows hard-drive security
asked 3 hours ago
Yann
139110
2
After re installation overwrite all free space then you are good to go....howtogeek.com/137108/…
– Moab
3 hours ago
3
You do understand you can just Reset Windows 10, choose to keep nothing, and and you will get the results you want? If these are Enterprise editions, it will be more difficult, for the new owners since they won’t be able to activate them due to loss of the KMS. Volume licenses must communicate with the KMS once every 180 days.
– Ramhound
3 hours ago
1
Once old data is overwritten by re installation and free space overwrite, nothing can be recovered.
– Moab
3 hours ago
@Moab That sounds like an answer to me, pulling the contents of that article into one would get my upvote :)
– Yann
3 hours ago
2
@Yann - So instead just install Windows with the generic key, and leave it to the new owner, to change the license key. I personally would, encrypt the data with BitLocker, then just format the HDD and reinstall an unlicensed installation of Windows. This makes data recovery impossible and the burden of getting a license somebody’s else problem
– Ramhound
3 hours ago
 |Â
show 2 more comments
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I've got a set of computers that have had privileged information on that I want to be able to re-use. If I used a Windows boot drive to re-install Windows, how sufficient would that be towards keeping the old data safe?
I'm aware that the only sure way to secure the data is by grinding the hard drives into a fine powder, but how 'good enough' is it? If it's not good enough, is there an alternative that leaves the hardware intact that is functionally good enough, assuming that incredibly powerful people don't want my data, who'd just break out the pliers and get it anyway.
Extra points that I'm interested in, but are tangentially related to the question so aren't required for an answer is; what other issues am I likely to run into if I were to give/sell these computers on? (My organisation owns the computers and the licences for Windows, and would like to offer them to employees once we're done with them). I believe there's an issue with transferring the Windows licence, for example.
windows hard-drive security
asked 3 hours ago
Yann
139110
I've got a set of computers that have had privileged information on that I want to be able to re-use. If I used a Windows boot drive to re-install Windows, how sufficient would that be towards keeping the old data safe?
I'm aware that the only sure way to secure the data is by grinding the hard drives into a fine powder, but how 'good enough' is it? If it's not good enough, is there an alternative that leaves the hardware intact that is functionally good enough, assuming that incredibly powerful people don't want my data, who'd just break out the pliers and get it anyway.
Extra points that I'm interested in, but are tangentially related to the question so aren't required for an answer is; what other issues am I likely to run into if I were to give/sell these computers on? (My organisation owns the computers and the licences for Windows, and would like to offer them to employees once we're done with them). I believe there's an issue with transferring the Windows licence, for example.
windows hard-drive security
windows hard-drive security
asked 3 hours ago
Yann
139110
asked 3 hours ago
Yann
139110
asked 3 hours ago
Yann
139110
asked 3 hours ago
Yann
139110
asked 3 hours ago
Yann
139110
139110
2
After re installation overwrite all free space then you are good to go....howtogeek.com/137108/…
– Moab
3 hours ago
3
You do understand you can just Reset Windows 10, choose to keep nothing, and and you will get the results you want? If these are Enterprise editions, it will be more difficult, for the new owners since they won’t be able to activate them due to loss of the KMS. Volume licenses must communicate with the KMS once every 180 days.
– Ramhound
3 hours ago
1
Once old data is overwritten by re installation and free space overwrite, nothing can be recovered.
– Moab
3 hours ago
@Moab That sounds like an answer to me, pulling the contents of that article into one would get my upvote :)
– Yann
3 hours ago
2
@Yann - So instead just install Windows with the generic key, and leave it to the new owner, to change the license key. I personally would, encrypt the data with BitLocker, then just format the HDD and reinstall an unlicensed installation of Windows. This makes data recovery impossible and the burden of getting a license somebody’s else problem
– Ramhound
3 hours ago
 |Â
show 2 more comments
2
After re installation overwrite all free space then you are good to go....howtogeek.com/137108/…
– Moab
3 hours ago
3
You do understand you can just Reset Windows 10, choose to keep nothing, and and you will get the results you want? If these are Enterprise editions, it will be more difficult, for the new owners since they won’t be able to activate them due to loss of the KMS. Volume licenses must communicate with the KMS once every 180 days.
– Ramhound
3 hours ago
1
Once old data is overwritten by re installation and free space overwrite, nothing can be recovered.
– Moab
3 hours ago
@Moab That sounds like an answer to me, pulling the contents of that article into one would get my upvote :)
– Yann
3 hours ago
2
@Yann - So instead just install Windows with the generic key, and leave it to the new owner, to change the license key. I personally would, encrypt the data with BitLocker, then just format the HDD and reinstall an unlicensed installation of Windows. This makes data recovery impossible and the burden of getting a license somebody’s else problem
– Ramhound
3 hours ago
2
2
After re installation overwrite all free space then you are good to go....howtogeek.com/137108/…
– Moab
3 hours ago
After re installation overwrite all free space then you are good to go....howtogeek.com/137108/…
– Moab
3 hours ago
3
3
You do understand you can just Reset Windows 10, choose to keep nothing, and and you will get the results you want? If these are Enterprise editions, it will be more difficult, for the new owners since they won’t be able to activate them due to loss of the KMS. Volume licenses must communicate with the KMS once every 180 days.
– Ramhound
3 hours ago
You do understand you can just Reset Windows 10, choose to keep nothing, and and you will get the results you want? If these are Enterprise editions, it will be more difficult, for the new owners since they won’t be able to activate them due to loss of the KMS. Volume licenses must communicate with the KMS once every 180 days.
– Ramhound
3 hours ago
1
1
Once old data is overwritten by re installation and free space overwrite, nothing can be recovered.
– Moab
3 hours ago
Once old data is overwritten by re installation and free space overwrite, nothing can be recovered.
– Moab
3 hours ago
@Moab That sounds like an answer to me, pulling the contents of that article into one would get my upvote :)
– Yann
3 hours ago
@Moab That sounds like an answer to me, pulling the contents of that article into one would get my upvote :)
– Yann
3 hours ago
2
2
@Yann - So instead just install Windows with the generic key, and leave it to the new owner, to change the license key. I personally would, encrypt the data with BitLocker, then just format the HDD and reinstall an unlicensed installation of Windows. This makes data recovery impossible and the burden of getting a license somebody’s else problem
– Ramhound
3 hours ago
@Yann - So instead just install Windows with the generic key, and leave it to the new owner, to change the license key. I personally would, encrypt the data with BitLocker, then just format the HDD and reinstall an unlicensed installation of Windows. This makes data recovery impossible and the burden of getting a license somebody’s else problem
– Ramhound
3 hours ago
 |Â
show 2 more comments
4 Answers
4
active
oldest
votes
up vote
3
down vote
Create a DBAN USB or CD and wipe the drive. This utility is designed to wipe a hard drive by overwriting it. DBAN only works on hard drives, not SSDs.
You do not need to do a multipass wipe. A single pass is all you need to prevent others from reading your drive. The 7 pass wipe is a myth that still persists to this day.
Reinstalling Windows can overwrite some, none, or all of the data. Creating a simple DBAN boot disk and using it mitigates all the risk.
As for the Windows licenses, if the license came bundled with the computer, or were bought individually, they can be given to someone else. You can always call Microsoft to confirm the validity of selling a license.
answered 1 hour ago
Keltari
46.2k16107155
What about NSA or FBI level technology? I believe they are technically capable of recovering some data from such a wiped disk. And what about the legal aspects of perhaps giving Windows? In many cases, you are not allowed to do that.
– Basile Starynkevitch
1 hour ago
2
@BasileStarynkevitch The 7 pass wipe only applied to an uncommon hard disk from 30+ years ago. There is no evidence that a government agency can read an overwriiten disk. On top of that, a friend of mine in the CIA & DIA says if they wanted your data, they got it before you erased it. Of course, that is assuming they would actually want to.
– Keltari
1 hour ago
My opinion is that once you have cleared the disk (either with myddcommand on Linux, or with DBAN) you have acted reasonably and legally. But NSA guys could still read it. The main issue is to be allowed to give corporate computer, and the OP probably is not legally allowed to redistribute/give corporate Windows licenses to private persons.
– Basile Starynkevitch
1 hour ago
1
@BasileStarynkevitch “But NSA guys could still read it.†Nope. You still don’t understand what 7 pass wipe was designed for. This is not an opinion but fact. Read the info under the “The Reality†heading in this article. It was a method devised in 1996 when hard drive tracks were wider. So—if you had the proper tools—you could faintly detect magnetic fields in the gap area between tracks. Nowadays modern hard drives are so dense no such gap exists.
– JakeGould
1 hour ago
1
@BasileStarynkevitch And as Keltari states, “…if they wanted your data, they got it before you erased it.†That is not a magical statement but the truth. The vast majority of people in the world who are not being monitored by a government agency will never be a target. If you wipe a hard drive and they are not after you, there is no chance of recovery by them or anyone. But if you are doing something potentially illegal, they are already monitoring you to such a degree the would have the data already or they will be able to deduce they can raid you before you delete anything.
– JakeGould
1 hour ago
 |Â
show 9 more comments
up vote
1
down vote
After Windows format and clean re installation of the OS overwrite all free space using the cypher command using the command prompt.
cipher /w:F
F would be the drive letter of the system volume which is usually C
Nothing can be recovered now, by anyone.
answered 1 hour ago
Moab
50.5k1393157
Theby anyoneis optimistic, and might simply be against the laws.
– Basile Starynkevitch
1 hour ago
There is not one documented case of overwritten data being recovered.....nber.org/sys-admin/overwritten-data-guttman.html
– Moab
1 hour ago
Also this...security.stackexchange.com/questions/26132/…
– Moab
1 hour ago
My point is that if your organization has rules (such as : no used disk is allowed to go outside; or every refurbished disk should be cleared by such and such procedure) you'll should follow them. The fact that such rules are based on urban legends, against scientific knowledge, etc, is not relevant. If my employer required me to burn a black cat before giving a disk, I'll either burn the cat or refuse to give the disk. Don't matter how unscientific it is (my belief is that every organization is dumber than its individual members)
– Basile Starynkevitch
1 hour ago
They never mentioned any such policy or if the pc were company property, your comment is irrelevant to the question or my answer. Please stop trolling.
– Moab
1 hour ago
 |Â
show 3 more comments
up vote
1
down vote
Prologue: before acting on any computer which is not your personal one, ask permission and rules.
If you have some minimal knowledge of Linux (or any other similar free software OS like FreeBSD), you might boot Linux from an USB flash drive, and use its "rescue mode" to wipe entirely the disk. If Linux sees your disk as /dev/sda you could run the following command
dd if=/dev/zero of=/dev/sda bs=4k
The above command write all zero bytes on your disk. It might last an hour. By wiping the disk (either like above, or with some other way that you reasonably trust) you have at least followed common sense (and if you are later asked what did you do with the old data, you have some answer to give).
That should be enough for ordinary use (and legally it should be enough, you have done something reasonable to clear the disk). If you care about the FBI or NSA investigating your disk, that might not enough (and indeed, the reliable way is to physically break your disk and grind it into powder; but I don't want to discuss precisely what the NSA could technically do). These FBI or NSA labs could have resources we ordinary people don't even imagine to get some of the previous disk content (that is the folklore explanation about some rules requiring disk grinding). That is why some disks cannot be given even after such wiping and have to be destroyed. Actually large organizations have strict but well defined rules: data of confidentiality XXX can be wipped out, data of higher confidentiality YYY should be on physically destroyed disks. You need to ask for such rules (if your organization has some) and get approval from your boss.
My organisation owns the computers and the licences for Windows, and would like to offer them to employees once we're done with them
Then you probably (unless some contract or EULA specifies otherwise) cannot legally leave Windows. But you could install (both legally and technically) Linux for them (because most Linux distributions are free software). The employees could buy (or steal, but that is their business) Windows on these computers by themselves.
I believe there's an issue with transferring the Windows license, for example.
Very probably yes (to be sure, read carefully the contract with MicroSoft or EULA relevant at your organization, perhaps with the help of your lawyer). Some large organizations (such as my employer, CEA - grossly the small French equivalent of DoE in the USA) negotiate other contracts with Microsoft (and the details are not public and could vary from one contract to another). So I recommend installing Linux, or at least wiping the disk like suggested.
You could of course replace Linux by some other free and open-source OS, perhaps as simple as FreeDOS or HaikuOS. To be safe, use anything with an OSI license. Most Linux distributions (Ubuntu, Debian, CentOS, Gentoo, etc ...) qualify.
AFAIK, a proprietary software license like a Windows one might (perhaps) not be resellable or given to an employee. You need to check carefully (the particular contract used between Microsoft and your corporation). Legal details vary with the contract and the legal system (country), and I am not authorized to tell any details about the contract between my employer and Microsoft.
Don't give away corporate computers (and their OS license, if relevant) without explicit written permission (probably at least an email) from your boss. You want to "cover your ass" (and you might not even know or understand how sensitive was the older information in them), so ask for explicit permissions and rules to follow. Details are specific to your organization, your country, to the kind of data that was on the disk (and you might not even know it), etc... If your employer has a rule as stupid as "burn a black cat before giving a disk" 😊, you'll better follow the rule or refuse to give the disk. BTW, a disk is quite cheap these days (so in doubt, and after having asked permission, don't give the disk and destroy it with permission or burn that black cat 😸 if the rules at your place require that).
You don't offer these computers (they are not yours); you are asking your organization to offer them, and to give you instructions about that.
PS. I have nothing against black cats, I even had one ten years ago - the current one at home is brown, and I am not discussing the legality of burning black cats (probably that is illegal in some places), and my employer (or anyone else) never asked me to burn any kind of cat. The mention of burning black cats is supposed to be a joke (with an humorous reference to superstition and witchcraft).
PPS. Discussing the actual ability of NSA or FBI is by hypothesis irrelevant. We don't know them, and those who do are not allowed to speak about them. It is irrelevant what the NSA or FBI can do today (my guess is that with the Trump administration, things are messy inside them; but that is not relevant here).
PPPS. Obviously, I am not guessing what rules apply to your particular cases. And I don't know the context of your question and don't guess them (your boss and perhaps you also should care about the "privileged information" and what that means about which rules to follow).
answered 2 hours ago
Basile Starynkevitch
98048
Please do not bring politics into, since those are short-lived (4 and 8 years maximum), and any government's policies are actually irrelevant to this question.
– Ramhound
17 mins ago
Yes, that is why the black cat is a more humorous way to explain. The "wipe the disk once" hint is to be able to answer later that the OP did something reasonable. The "ask permission and rules" hint is to cover ass. OP didn't give any details, I am not able to guess most of them. In some organizations (e.g. my employer) government policies are fixing (indirectly) the rules.
– Basile Starynkevitch
14 mins ago
add a comment |Â
up vote
-1
down vote
To answer your initial question first; you are not safe by just reinstalling windows, since you cannot guarantee that the data in question will be overwritten.
You may want to overwrite the (deleted) sensitive data using one of some available options;
You can use the DiskPart command - Clean All - but make sure that you know what disk you are working with.
You can (after deleting the sensitive data) use the Cipher command with the /W option.
You can also make yourself a simple BAT file or two - a couple of samples below;
One additional comment: If you wipe the disk/data 2-3 times, thereby alter the magnetic patterns beyond recognition, then even 'incredibly powerful people' will not be able to recover the data.
---
@echo off
rem Simple Disk Wipe Utility - wipedfast.bat
rem ---
rem --- 1) Delete all unwanted content from disk, leaving possibly only the command interpreter to run this script.
rem --- 2) Delete content from trashcan/recycled, if any.
rem --- 3) Run this script until it reports file system full.
rem --- 4) Delete WASH*.TMP files on each drive to reclaim space or to rerun utility.
rem --- Do this for all file systems/drives (C:, D:) on system, at least a couple of times.
rem ---
echo Grow file system test (fast / large increments - less secure). See comments in script file.
echo To be done for each drive (C:, D:) on system.
echo Abort with Ctrl-C when disk full and delete WASH-files
echo - Ideally run wipedfast.bat first - then wiped.bat when disk full - before deleting WASH-files.
pause
echo abcdefghijklmnopqrstuvwxyz0987654321ABCDEFGHIJKLMNOPQRSTUVWXYZ > wash_a.tmp
copy wash_a.tmp wash_b.tmp
:start
copy wash_a.tmp+wash_b.tmp wash_c.tmp
del wash_a.tmp
del wash_b.tmp
copy wash_c.tmp wash_a.tmp
ren wash_c.tmp wash_b.tmp
goto start
---
@echo off
rem Simple Disk Wipe Utility - wiped.bat
rem ---
rem --- 1) Delete all unwanted content from disk, leaving possibly only the command interpreter to run this script.
rem --- 2) Delete content from trashcan/recycled, if any.
rem --- 3) Run this script until it reports file system full.
rem --- 4) Delete WASH*.TMP files on each drive to reclaim space or to rerun utility.
rem --- Do this for all file systems/drives (C:, D:) on system, at least a couple of times.
rem ---
echo Wipe file system (slow / small increments - most secure). See comments in script file.
echo To be done for each drive (C:, D:) on system.
echo Abort with Ctrl-C when disk full and delete WASH-files.
echo - Ideally run wipedfast.bat first - then wiped.bat when disk full - before deleting WASH-files.
pause
echo abcdefghijklmnopqrstuvwxyz0987654321ABCDEFGHIJKLMNOPQRSTUVWXYZ > wash_a.tmp
copy wash_a.tmp wash_b.tmp
:start
copy wash_a.tmp+wash_b.tmp wash_c.tmp
del wash_b.tmp
ren wash_c.tmp wash_b.tmp
goto start
answered 1 hour ago
reben
1
New contributor
reben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
What make you so sure about 'incredibly powerful people' not being able to recover data? There are both technical aspects and legal aspects
– Basile Starynkevitch
1 hour ago
I cannot claim to know all inventions/technology related to this matter, but we all know the basics behind magnetic storage (even simpler case with SSDs) and even if teoretically possible to read 'old patterns' from magnetic storage even after having changed patterns to something new - wiping more than once makes this possibility less and less feasible. If it was possible to store several generations of information on magnetic media this knowledge would be utilized - like multiple layers on CDs/DVDs/BDs.
– reben
1 hour ago
Two points: NSA (or FBI, or DGSI in French) could in principle use secret technology. Most importantly, there are rules to follow for clearing data (depending on confidentiality). If I gave a CEA corporate disk, even wiped, without permission, I could be prosecuted (e.g. if it had sensitive data). So I won't do it without permission. I won't tell more, but my employer has explicit rules on such issues (and I guess DoE also). On such items, ask for rules and permissions and follow them. My most important advice is: "cover your ass" (and what that means depend upon the organization)
– Basile Starynkevitch
1 hour ago
Yes, you're right - I do not address any legal aspects.
– reben
1 hour ago
add a comment |Â
4 Answers
4
active
oldest
votes
4 Answers
4
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
3
down vote
Create a DBAN USB or CD and wipe the drive. This utility is designed to wipe a hard drive by overwriting it. DBAN only works on hard drives, not SSDs.
You do not need to do a multipass wipe. A single pass is all you need to prevent others from reading your drive. The 7 pass wipe is a myth that still persists to this day.
Reinstalling Windows can overwrite some, none, or all of the data. Creating a simple DBAN boot disk and using it mitigates all the risk.
As for the Windows licenses, if the license came bundled with the computer, or were bought individually, they can be given to someone else. You can always call Microsoft to confirm the validity of selling a license.
answered 1 hour ago
Keltari
46.2k16107155
What about NSA or FBI level technology? I believe they are technically capable of recovering some data from such a wiped disk. And what about the legal aspects of perhaps giving Windows? In many cases, you are not allowed to do that.
– Basile Starynkevitch
1 hour ago
2
@BasileStarynkevitch The 7 pass wipe only applied to an uncommon hard disk from 30+ years ago. There is no evidence that a government agency can read an overwriiten disk. On top of that, a friend of mine in the CIA & DIA says if they wanted your data, they got it before you erased it. Of course, that is assuming they would actually want to.
– Keltari
1 hour ago
My opinion is that once you have cleared the disk (either with myddcommand on Linux, or with DBAN) you have acted reasonably and legally. But NSA guys could still read it. The main issue is to be allowed to give corporate computer, and the OP probably is not legally allowed to redistribute/give corporate Windows licenses to private persons.
– Basile Starynkevitch
1 hour ago
1
@BasileStarynkevitch “But NSA guys could still read it.†Nope. You still don’t understand what 7 pass wipe was designed for. This is not an opinion but fact. Read the info under the “The Reality†heading in this article. It was a method devised in 1996 when hard drive tracks were wider. So—if you had the proper tools—you could faintly detect magnetic fields in the gap area between tracks. Nowadays modern hard drives are so dense no such gap exists.
– JakeGould
1 hour ago
1
@BasileStarynkevitch And as Keltari states, “…if they wanted your data, they got it before you erased it.†That is not a magical statement but the truth. The vast majority of people in the world who are not being monitored by a government agency will never be a target. If you wipe a hard drive and they are not after you, there is no chance of recovery by them or anyone. But if you are doing something potentially illegal, they are already monitoring you to such a degree the would have the data already or they will be able to deduce they can raid you before you delete anything.
– JakeGould
1 hour ago
 |Â
show 9 more comments
up vote
3
down vote
Create a DBAN USB or CD and wipe the drive. This utility is designed to wipe a hard drive by overwriting it. DBAN only works on hard drives, not SSDs.
You do not need to do a multipass wipe. A single pass is all you need to prevent others from reading your drive. The 7 pass wipe is a myth that still persists to this day.
Reinstalling Windows can overwrite some, none, or all of the data. Creating a simple DBAN boot disk and using it mitigates all the risk.
As for the Windows licenses, if the license came bundled with the computer, or were bought individually, they can be given to someone else. You can always call Microsoft to confirm the validity of selling a license.
answered 1 hour ago
Keltari
46.2k16107155
What about NSA or FBI level technology? I believe they are technically capable of recovering some data from such a wiped disk. And what about the legal aspects of perhaps giving Windows? In many cases, you are not allowed to do that.
– Basile Starynkevitch
1 hour ago
2
@BasileStarynkevitch The 7 pass wipe only applied to an uncommon hard disk from 30+ years ago. There is no evidence that a government agency can read an overwriiten disk. On top of that, a friend of mine in the CIA & DIA says if they wanted your data, they got it before you erased it. Of course, that is assuming they would actually want to.
– Keltari
1 hour ago
My opinion is that once you have cleared the disk (either with myddcommand on Linux, or with DBAN) you have acted reasonably and legally. But NSA guys could still read it. The main issue is to be allowed to give corporate computer, and the OP probably is not legally allowed to redistribute/give corporate Windows licenses to private persons.
– Basile Starynkevitch
1 hour ago
1
@BasileStarynkevitch “But NSA guys could still read it.†Nope. You still don’t understand what 7 pass wipe was designed for. This is not an opinion but fact. Read the info under the “The Reality†heading in this article. It was a method devised in 1996 when hard drive tracks were wider. So—if you had the proper tools—you could faintly detect magnetic fields in the gap area between tracks. Nowadays modern hard drives are so dense no such gap exists.
– JakeGould
1 hour ago
1
@BasileStarynkevitch And as Keltari states, “…if they wanted your data, they got it before you erased it.†That is not a magical statement but the truth. The vast majority of people in the world who are not being monitored by a government agency will never be a target. If you wipe a hard drive and they are not after you, there is no chance of recovery by them or anyone. But if you are doing something potentially illegal, they are already monitoring you to such a degree the would have the data already or they will be able to deduce they can raid you before you delete anything.
– JakeGould
1 hour ago
 |Â
show 9 more comments
up vote
3
down vote
up vote
3
down vote
Create a DBAN USB or CD and wipe the drive. This utility is designed to wipe a hard drive by overwriting it. DBAN only works on hard drives, not SSDs.
You do not need to do a multipass wipe. A single pass is all you need to prevent others from reading your drive. The 7 pass wipe is a myth that still persists to this day.
Reinstalling Windows can overwrite some, none, or all of the data. Creating a simple DBAN boot disk and using it mitigates all the risk.
As for the Windows licenses, if the license came bundled with the computer, or were bought individually, they can be given to someone else. You can always call Microsoft to confirm the validity of selling a license.
answered 1 hour ago
Keltari
46.2k16107155
Create a DBAN USB or CD and wipe the drive. This utility is designed to wipe a hard drive by overwriting it. DBAN only works on hard drives, not SSDs.
You do not need to do a multipass wipe. A single pass is all you need to prevent others from reading your drive. The 7 pass wipe is a myth that still persists to this day.
Reinstalling Windows can overwrite some, none, or all of the data. Creating a simple DBAN boot disk and using it mitigates all the risk.
As for the Windows licenses, if the license came bundled with the computer, or were bought individually, they can be given to someone else. You can always call Microsoft to confirm the validity of selling a license.
answered 1 hour ago
Keltari
46.2k16107155
edited 9 mins ago
answered 1 hour ago
Keltari
46.2k16107155
answered 1 hour ago
Keltari
46.2k16107155
answered 1 hour ago
Keltari
46.2k16107155
46.2k16107155
What about NSA or FBI level technology? I believe they are technically capable of recovering some data from such a wiped disk. And what about the legal aspects of perhaps giving Windows? In many cases, you are not allowed to do that.
– Basile Starynkevitch
1 hour ago
2
@BasileStarynkevitch The 7 pass wipe only applied to an uncommon hard disk from 30+ years ago. There is no evidence that a government agency can read an overwriiten disk. On top of that, a friend of mine in the CIA & DIA says if they wanted your data, they got it before you erased it. Of course, that is assuming they would actually want to.
– Keltari
1 hour ago
My opinion is that once you have cleared the disk (either with myddcommand on Linux, or with DBAN) you have acted reasonably and legally. But NSA guys could still read it. The main issue is to be allowed to give corporate computer, and the OP probably is not legally allowed to redistribute/give corporate Windows licenses to private persons.
– Basile Starynkevitch
1 hour ago
1
@BasileStarynkevitch “But NSA guys could still read it.†Nope. You still don’t understand what 7 pass wipe was designed for. This is not an opinion but fact. Read the info under the “The Reality†heading in this article. It was a method devised in 1996 when hard drive tracks were wider. So—if you had the proper tools—you could faintly detect magnetic fields in the gap area between tracks. Nowadays modern hard drives are so dense no such gap exists.
– JakeGould
1 hour ago
1
@BasileStarynkevitch And as Keltari states, “…if they wanted your data, they got it before you erased it.†That is not a magical statement but the truth. The vast majority of people in the world who are not being monitored by a government agency will never be a target. If you wipe a hard drive and they are not after you, there is no chance of recovery by them or anyone. But if you are doing something potentially illegal, they are already monitoring you to such a degree the would have the data already or they will be able to deduce they can raid you before you delete anything.
– JakeGould
1 hour ago
 |Â
show 9 more comments
What about NSA or FBI level technology? I believe they are technically capable of recovering some data from such a wiped disk. And what about the legal aspects of perhaps giving Windows? In many cases, you are not allowed to do that.
– Basile Starynkevitch
1 hour ago
2
@BasileStarynkevitch The 7 pass wipe only applied to an uncommon hard disk from 30+ years ago. There is no evidence that a government agency can read an overwriiten disk. On top of that, a friend of mine in the CIA & DIA says if they wanted your data, they got it before you erased it. Of course, that is assuming they would actually want to.
– Keltari
1 hour ago
My opinion is that once you have cleared the disk (either with myddcommand on Linux, or with DBAN) you have acted reasonably and legally. But NSA guys could still read it. The main issue is to be allowed to give corporate computer, and the OP probably is not legally allowed to redistribute/give corporate Windows licenses to private persons.
– Basile Starynkevitch
1 hour ago
1
@BasileStarynkevitch “But NSA guys could still read it.†Nope. You still don’t understand what 7 pass wipe was designed for. This is not an opinion but fact. Read the info under the “The Reality†heading in this article. It was a method devised in 1996 when hard drive tracks were wider. So—if you had the proper tools—you could faintly detect magnetic fields in the gap area between tracks. Nowadays modern hard drives are so dense no such gap exists.
– JakeGould
1 hour ago
1
@BasileStarynkevitch And as Keltari states, “…if they wanted your data, they got it before you erased it.†That is not a magical statement but the truth. The vast majority of people in the world who are not being monitored by a government agency will never be a target. If you wipe a hard drive and they are not after you, there is no chance of recovery by them or anyone. But if you are doing something potentially illegal, they are already monitoring you to such a degree the would have the data already or they will be able to deduce they can raid you before you delete anything.
– JakeGould
1 hour ago
What about NSA or FBI level technology? I believe they are technically capable of recovering some data from such a wiped disk. And what about the legal aspects of perhaps giving Windows? In many cases, you are not allowed to do that.
– Basile Starynkevitch
1 hour ago
What about NSA or FBI level technology? I believe they are technically capable of recovering some data from such a wiped disk. And what about the legal aspects of perhaps giving Windows? In many cases, you are not allowed to do that.
– Basile Starynkevitch
1 hour ago
2
2
@BasileStarynkevitch The 7 pass wipe only applied to an uncommon hard disk from 30+ years ago. There is no evidence that a government agency can read an overwriiten disk. On top of that, a friend of mine in the CIA & DIA says if they wanted your data, they got it before you erased it. Of course, that is assuming they would actually want to.
– Keltari
1 hour ago
@BasileStarynkevitch The 7 pass wipe only applied to an uncommon hard disk from 30+ years ago. There is no evidence that a government agency can read an overwriiten disk. On top of that, a friend of mine in the CIA & DIA says if they wanted your data, they got it before you erased it. Of course, that is assuming they would actually want to.
– Keltari
1 hour ago
My opinion is that once you have cleared the disk (either with my
dd command on Linux, or with DBAN) you have acted reasonably and legally. But NSA guys could still read it. The main issue is to be allowed to give corporate computer, and the OP probably is not legally allowed to redistribute/give corporate Windows licenses to private persons.– Basile Starynkevitch
1 hour ago
My opinion is that once you have cleared the disk (either with my
dd command on Linux, or with DBAN) you have acted reasonably and legally. But NSA guys could still read it. The main issue is to be allowed to give corporate computer, and the OP probably is not legally allowed to redistribute/give corporate Windows licenses to private persons.– Basile Starynkevitch
1 hour ago
1
1
@BasileStarynkevitch “But NSA guys could still read it.†Nope. You still don’t understand what 7 pass wipe was designed for. This is not an opinion but fact. Read the info under the “The Reality†heading in this article. It was a method devised in 1996 when hard drive tracks were wider. So—if you had the proper tools—you could faintly detect magnetic fields in the gap area between tracks. Nowadays modern hard drives are so dense no such gap exists.
– JakeGould
1 hour ago
@BasileStarynkevitch “But NSA guys could still read it.†Nope. You still don’t understand what 7 pass wipe was designed for. This is not an opinion but fact. Read the info under the “The Reality†heading in this article. It was a method devised in 1996 when hard drive tracks were wider. So—if you had the proper tools—you could faintly detect magnetic fields in the gap area between tracks. Nowadays modern hard drives are so dense no such gap exists.
– JakeGould
1 hour ago
1
1
@BasileStarynkevitch And as Keltari states, “…if they wanted your data, they got it before you erased it.†That is not a magical statement but the truth. The vast majority of people in the world who are not being monitored by a government agency will never be a target. If you wipe a hard drive and they are not after you, there is no chance of recovery by them or anyone. But if you are doing something potentially illegal, they are already monitoring you to such a degree the would have the data already or they will be able to deduce they can raid you before you delete anything.
– JakeGould
1 hour ago
@BasileStarynkevitch And as Keltari states, “…if they wanted your data, they got it before you erased it.†That is not a magical statement but the truth. The vast majority of people in the world who are not being monitored by a government agency will never be a target. If you wipe a hard drive and they are not after you, there is no chance of recovery by them or anyone. But if you are doing something potentially illegal, they are already monitoring you to such a degree the would have the data already or they will be able to deduce they can raid you before you delete anything.
– JakeGould
1 hour ago
 |Â
show 9 more comments
up vote
1
down vote
After Windows format and clean re installation of the OS overwrite all free space using the cypher command using the command prompt.
cipher /w:F
F would be the drive letter of the system volume which is usually C
Nothing can be recovered now, by anyone.
answered 1 hour ago
Moab
50.5k1393157
Theby anyoneis optimistic, and might simply be against the laws.
– Basile Starynkevitch
1 hour ago
There is not one documented case of overwritten data being recovered.....nber.org/sys-admin/overwritten-data-guttman.html
– Moab
1 hour ago
Also this...security.stackexchange.com/questions/26132/…
– Moab
1 hour ago
My point is that if your organization has rules (such as : no used disk is allowed to go outside; or every refurbished disk should be cleared by such and such procedure) you'll should follow them. The fact that such rules are based on urban legends, against scientific knowledge, etc, is not relevant. If my employer required me to burn a black cat before giving a disk, I'll either burn the cat or refuse to give the disk. Don't matter how unscientific it is (my belief is that every organization is dumber than its individual members)
– Basile Starynkevitch
1 hour ago
They never mentioned any such policy or if the pc were company property, your comment is irrelevant to the question or my answer. Please stop trolling.
– Moab
1 hour ago
 |Â
show 3 more comments
up vote
1
down vote
After Windows format and clean re installation of the OS overwrite all free space using the cypher command using the command prompt.
cipher /w:F
F would be the drive letter of the system volume which is usually C
Nothing can be recovered now, by anyone.
answered 1 hour ago
Moab
50.5k1393157
Theby anyoneis optimistic, and might simply be against the laws.
– Basile Starynkevitch
1 hour ago
There is not one documented case of overwritten data being recovered.....nber.org/sys-admin/overwritten-data-guttman.html
– Moab
1 hour ago
Also this...security.stackexchange.com/questions/26132/…
– Moab
1 hour ago
My point is that if your organization has rules (such as : no used disk is allowed to go outside; or every refurbished disk should be cleared by such and such procedure) you'll should follow them. The fact that such rules are based on urban legends, against scientific knowledge, etc, is not relevant. If my employer required me to burn a black cat before giving a disk, I'll either burn the cat or refuse to give the disk. Don't matter how unscientific it is (my belief is that every organization is dumber than its individual members)
– Basile Starynkevitch
1 hour ago
They never mentioned any such policy or if the pc were company property, your comment is irrelevant to the question or my answer. Please stop trolling.
– Moab
1 hour ago
 |Â
show 3 more comments
up vote
1
down vote
up vote
1
down vote
After Windows format and clean re installation of the OS overwrite all free space using the cypher command using the command prompt.
cipher /w:F
F would be the drive letter of the system volume which is usually C
Nothing can be recovered now, by anyone.
answered 1 hour ago
Moab
50.5k1393157
After Windows format and clean re installation of the OS overwrite all free space using the cypher command using the command prompt.
cipher /w:F
F would be the drive letter of the system volume which is usually C
Nothing can be recovered now, by anyone.
answered 1 hour ago
Moab
50.5k1393157
answered 1 hour ago
Moab
50.5k1393157
answered 1 hour ago
Moab
50.5k1393157
answered 1 hour ago
Moab
50.5k1393157
50.5k1393157
Theby anyoneis optimistic, and might simply be against the laws.
– Basile Starynkevitch
1 hour ago
There is not one documented case of overwritten data being recovered.....nber.org/sys-admin/overwritten-data-guttman.html
– Moab
1 hour ago
Also this...security.stackexchange.com/questions/26132/…
– Moab
1 hour ago
My point is that if your organization has rules (such as : no used disk is allowed to go outside; or every refurbished disk should be cleared by such and such procedure) you'll should follow them. The fact that such rules are based on urban legends, against scientific knowledge, etc, is not relevant. If my employer required me to burn a black cat before giving a disk, I'll either burn the cat or refuse to give the disk. Don't matter how unscientific it is (my belief is that every organization is dumber than its individual members)
– Basile Starynkevitch
1 hour ago
They never mentioned any such policy or if the pc were company property, your comment is irrelevant to the question or my answer. Please stop trolling.
– Moab
1 hour ago
 |Â
show 3 more comments
Theby anyoneis optimistic, and might simply be against the laws.
– Basile Starynkevitch
1 hour ago
There is not one documented case of overwritten data being recovered.....nber.org/sys-admin/overwritten-data-guttman.html
– Moab
1 hour ago
Also this...security.stackexchange.com/questions/26132/…
– Moab
1 hour ago
My point is that if your organization has rules (such as : no used disk is allowed to go outside; or every refurbished disk should be cleared by such and such procedure) you'll should follow them. The fact that such rules are based on urban legends, against scientific knowledge, etc, is not relevant. If my employer required me to burn a black cat before giving a disk, I'll either burn the cat or refuse to give the disk. Don't matter how unscientific it is (my belief is that every organization is dumber than its individual members)
– Basile Starynkevitch
1 hour ago
They never mentioned any such policy or if the pc were company property, your comment is irrelevant to the question or my answer. Please stop trolling.
– Moab
1 hour ago
The
by anyone is optimistic, and might simply be against the laws.– Basile Starynkevitch
1 hour ago
The
by anyone is optimistic, and might simply be against the laws.– Basile Starynkevitch
1 hour ago
There is not one documented case of overwritten data being recovered.....nber.org/sys-admin/overwritten-data-guttman.html
– Moab
1 hour ago
There is not one documented case of overwritten data being recovered.....nber.org/sys-admin/overwritten-data-guttman.html
– Moab
1 hour ago
Also this...security.stackexchange.com/questions/26132/…
– Moab
1 hour ago
Also this...security.stackexchange.com/questions/26132/…
– Moab
1 hour ago
My point is that if your organization has rules (such as : no used disk is allowed to go outside; or every refurbished disk should be cleared by such and such procedure) you'll should follow them. The fact that such rules are based on urban legends, against scientific knowledge, etc, is not relevant. If my employer required me to burn a black cat before giving a disk, I'll either burn the cat or refuse to give the disk. Don't matter how unscientific it is (my belief is that every organization is dumber than its individual members)
– Basile Starynkevitch
1 hour ago
My point is that if your organization has rules (such as : no used disk is allowed to go outside; or every refurbished disk should be cleared by such and such procedure) you'll should follow them. The fact that such rules are based on urban legends, against scientific knowledge, etc, is not relevant. If my employer required me to burn a black cat before giving a disk, I'll either burn the cat or refuse to give the disk. Don't matter how unscientific it is (my belief is that every organization is dumber than its individual members)
– Basile Starynkevitch
1 hour ago
They never mentioned any such policy or if the pc were company property, your comment is irrelevant to the question or my answer. Please stop trolling.
– Moab
1 hour ago
They never mentioned any such policy or if the pc were company property, your comment is irrelevant to the question or my answer. Please stop trolling.
– Moab
1 hour ago
 |Â
show 3 more comments
up vote
1
down vote
Prologue: before acting on any computer which is not your personal one, ask permission and rules.
If you have some minimal knowledge of Linux (or any other similar free software OS like FreeBSD), you might boot Linux from an USB flash drive, and use its "rescue mode" to wipe entirely the disk. If Linux sees your disk as /dev/sda you could run the following command
dd if=/dev/zero of=/dev/sda bs=4k
The above command write all zero bytes on your disk. It might last an hour. By wiping the disk (either like above, or with some other way that you reasonably trust) you have at least followed common sense (and if you are later asked what did you do with the old data, you have some answer to give).
That should be enough for ordinary use (and legally it should be enough, you have done something reasonable to clear the disk). If you care about the FBI or NSA investigating your disk, that might not enough (and indeed, the reliable way is to physically break your disk and grind it into powder; but I don't want to discuss precisely what the NSA could technically do). These FBI or NSA labs could have resources we ordinary people don't even imagine to get some of the previous disk content (that is the folklore explanation about some rules requiring disk grinding). That is why some disks cannot be given even after such wiping and have to be destroyed. Actually large organizations have strict but well defined rules: data of confidentiality XXX can be wipped out, data of higher confidentiality YYY should be on physically destroyed disks. You need to ask for such rules (if your organization has some) and get approval from your boss.
My organisation owns the computers and the licences for Windows, and would like to offer them to employees once we're done with them
Then you probably (unless some contract or EULA specifies otherwise) cannot legally leave Windows. But you could install (both legally and technically) Linux for them (because most Linux distributions are free software). The employees could buy (or steal, but that is their business) Windows on these computers by themselves.
I believe there's an issue with transferring the Windows license, for example.
Very probably yes (to be sure, read carefully the contract with MicroSoft or EULA relevant at your organization, perhaps with the help of your lawyer). Some large organizations (such as my employer, CEA - grossly the small French equivalent of DoE in the USA) negotiate other contracts with Microsoft (and the details are not public and could vary from one contract to another). So I recommend installing Linux, or at least wiping the disk like suggested.
You could of course replace Linux by some other free and open-source OS, perhaps as simple as FreeDOS or HaikuOS. To be safe, use anything with an OSI license. Most Linux distributions (Ubuntu, Debian, CentOS, Gentoo, etc ...) qualify.
AFAIK, a proprietary software license like a Windows one might (perhaps) not be resellable or given to an employee. You need to check carefully (the particular contract used between Microsoft and your corporation). Legal details vary with the contract and the legal system (country), and I am not authorized to tell any details about the contract between my employer and Microsoft.
Don't give away corporate computers (and their OS license, if relevant) without explicit written permission (probably at least an email) from your boss. You want to "cover your ass" (and you might not even know or understand how sensitive was the older information in them), so ask for explicit permissions and rules to follow. Details are specific to your organization, your country, to the kind of data that was on the disk (and you might not even know it), etc... If your employer has a rule as stupid as "burn a black cat before giving a disk" 😊, you'll better follow the rule or refuse to give the disk. BTW, a disk is quite cheap these days (so in doubt, and after having asked permission, don't give the disk and destroy it with permission or burn that black cat 😸 if the rules at your place require that).
You don't offer these computers (they are not yours); you are asking your organization to offer them, and to give you instructions about that.
PS. I have nothing against black cats, I even had one ten years ago - the current one at home is brown, and I am not discussing the legality of burning black cats (probably that is illegal in some places), and my employer (or anyone else) never asked me to burn any kind of cat. The mention of burning black cats is supposed to be a joke (with an humorous reference to superstition and witchcraft).
PPS. Discussing the actual ability of NSA or FBI is by hypothesis irrelevant. We don't know them, and those who do are not allowed to speak about them. It is irrelevant what the NSA or FBI can do today (my guess is that with the Trump administration, things are messy inside them; but that is not relevant here).
PPPS. Obviously, I am not guessing what rules apply to your particular cases. And I don't know the context of your question and don't guess them (your boss and perhaps you also should care about the "privileged information" and what that means about which rules to follow).
answered 2 hours ago
Basile Starynkevitch
98048
Please do not bring politics into, since those are short-lived (4 and 8 years maximum), and any government's policies are actually irrelevant to this question.
– Ramhound
17 mins ago
Yes, that is why the black cat is a more humorous way to explain. The "wipe the disk once" hint is to be able to answer later that the OP did something reasonable. The "ask permission and rules" hint is to cover ass. OP didn't give any details, I am not able to guess most of them. In some organizations (e.g. my employer) government policies are fixing (indirectly) the rules.
– Basile Starynkevitch
14 mins ago
add a comment |Â
up vote
1
down vote
Prologue: before acting on any computer which is not your personal one, ask permission and rules.
If you have some minimal knowledge of Linux (or any other similar free software OS like FreeBSD), you might boot Linux from an USB flash drive, and use its "rescue mode" to wipe entirely the disk. If Linux sees your disk as /dev/sda you could run the following command
dd if=/dev/zero of=/dev/sda bs=4k
The above command write all zero bytes on your disk. It might last an hour. By wiping the disk (either like above, or with some other way that you reasonably trust) you have at least followed common sense (and if you are later asked what did you do with the old data, you have some answer to give).
That should be enough for ordinary use (and legally it should be enough, you have done something reasonable to clear the disk). If you care about the FBI or NSA investigating your disk, that might not enough (and indeed, the reliable way is to physically break your disk and grind it into powder; but I don't want to discuss precisely what the NSA could technically do). These FBI or NSA labs could have resources we ordinary people don't even imagine to get some of the previous disk content (that is the folklore explanation about some rules requiring disk grinding). That is why some disks cannot be given even after such wiping and have to be destroyed. Actually large organizations have strict but well defined rules: data of confidentiality XXX can be wipped out, data of higher confidentiality YYY should be on physically destroyed disks. You need to ask for such rules (if your organization has some) and get approval from your boss.
My organisation owns the computers and the licences for Windows, and would like to offer them to employees once we're done with them
Then you probably (unless some contract or EULA specifies otherwise) cannot legally leave Windows. But you could install (both legally and technically) Linux for them (because most Linux distributions are free software). The employees could buy (or steal, but that is their business) Windows on these computers by themselves.
I believe there's an issue with transferring the Windows license, for example.
Very probably yes (to be sure, read carefully the contract with MicroSoft or EULA relevant at your organization, perhaps with the help of your lawyer). Some large organizations (such as my employer, CEA - grossly the small French equivalent of DoE in the USA) negotiate other contracts with Microsoft (and the details are not public and could vary from one contract to another). So I recommend installing Linux, or at least wiping the disk like suggested.
You could of course replace Linux by some other free and open-source OS, perhaps as simple as FreeDOS or HaikuOS. To be safe, use anything with an OSI license. Most Linux distributions (Ubuntu, Debian, CentOS, Gentoo, etc ...) qualify.
AFAIK, a proprietary software license like a Windows one might (perhaps) not be resellable or given to an employee. You need to check carefully (the particular contract used between Microsoft and your corporation). Legal details vary with the contract and the legal system (country), and I am not authorized to tell any details about the contract between my employer and Microsoft.
Don't give away corporate computers (and their OS license, if relevant) without explicit written permission (probably at least an email) from your boss. You want to "cover your ass" (and you might not even know or understand how sensitive was the older information in them), so ask for explicit permissions and rules to follow. Details are specific to your organization, your country, to the kind of data that was on the disk (and you might not even know it), etc... If your employer has a rule as stupid as "burn a black cat before giving a disk" 😊, you'll better follow the rule or refuse to give the disk. BTW, a disk is quite cheap these days (so in doubt, and after having asked permission, don't give the disk and destroy it with permission or burn that black cat 😸 if the rules at your place require that).
You don't offer these computers (they are not yours); you are asking your organization to offer them, and to give you instructions about that.
PS. I have nothing against black cats, I even had one ten years ago - the current one at home is brown, and I am not discussing the legality of burning black cats (probably that is illegal in some places), and my employer (or anyone else) never asked me to burn any kind of cat. The mention of burning black cats is supposed to be a joke (with an humorous reference to superstition and witchcraft).
PPS. Discussing the actual ability of NSA or FBI is by hypothesis irrelevant. We don't know them, and those who do are not allowed to speak about them. It is irrelevant what the NSA or FBI can do today (my guess is that with the Trump administration, things are messy inside them; but that is not relevant here).
PPPS. Obviously, I am not guessing what rules apply to your particular cases. And I don't know the context of your question and don't guess them (your boss and perhaps you also should care about the "privileged information" and what that means about which rules to follow).
answered 2 hours ago
Basile Starynkevitch
98048
Please do not bring politics into, since those are short-lived (4 and 8 years maximum), and any government's policies are actually irrelevant to this question.
– Ramhound
17 mins ago
Yes, that is why the black cat is a more humorous way to explain. The "wipe the disk once" hint is to be able to answer later that the OP did something reasonable. The "ask permission and rules" hint is to cover ass. OP didn't give any details, I am not able to guess most of them. In some organizations (e.g. my employer) government policies are fixing (indirectly) the rules.
– Basile Starynkevitch
14 mins ago
add a comment |Â
up vote
1
down vote
up vote
1
down vote
Prologue: before acting on any computer which is not your personal one, ask permission and rules.
If you have some minimal knowledge of Linux (or any other similar free software OS like FreeBSD), you might boot Linux from an USB flash drive, and use its "rescue mode" to wipe entirely the disk. If Linux sees your disk as /dev/sda you could run the following command
dd if=/dev/zero of=/dev/sda bs=4k
The above command write all zero bytes on your disk. It might last an hour. By wiping the disk (either like above, or with some other way that you reasonably trust) you have at least followed common sense (and if you are later asked what did you do with the old data, you have some answer to give).
That should be enough for ordinary use (and legally it should be enough, you have done something reasonable to clear the disk). If you care about the FBI or NSA investigating your disk, that might not enough (and indeed, the reliable way is to physically break your disk and grind it into powder; but I don't want to discuss precisely what the NSA could technically do). These FBI or NSA labs could have resources we ordinary people don't even imagine to get some of the previous disk content (that is the folklore explanation about some rules requiring disk grinding). That is why some disks cannot be given even after such wiping and have to be destroyed. Actually large organizations have strict but well defined rules: data of confidentiality XXX can be wipped out, data of higher confidentiality YYY should be on physically destroyed disks. You need to ask for such rules (if your organization has some) and get approval from your boss.
My organisation owns the computers and the licences for Windows, and would like to offer them to employees once we're done with them
Then you probably (unless some contract or EULA specifies otherwise) cannot legally leave Windows. But you could install (both legally and technically) Linux for them (because most Linux distributions are free software). The employees could buy (or steal, but that is their business) Windows on these computers by themselves.
I believe there's an issue with transferring the Windows license, for example.
Very probably yes (to be sure, read carefully the contract with MicroSoft or EULA relevant at your organization, perhaps with the help of your lawyer). Some large organizations (such as my employer, CEA - grossly the small French equivalent of DoE in the USA) negotiate other contracts with Microsoft (and the details are not public and could vary from one contract to another). So I recommend installing Linux, or at least wiping the disk like suggested.
You could of course replace Linux by some other free and open-source OS, perhaps as simple as FreeDOS or HaikuOS. To be safe, use anything with an OSI license. Most Linux distributions (Ubuntu, Debian, CentOS, Gentoo, etc ...) qualify.
AFAIK, a proprietary software license like a Windows one might (perhaps) not be resellable or given to an employee. You need to check carefully (the particular contract used between Microsoft and your corporation). Legal details vary with the contract and the legal system (country), and I am not authorized to tell any details about the contract between my employer and Microsoft.
Don't give away corporate computers (and their OS license, if relevant) without explicit written permission (probably at least an email) from your boss. You want to "cover your ass" (and you might not even know or understand how sensitive was the older information in them), so ask for explicit permissions and rules to follow. Details are specific to your organization, your country, to the kind of data that was on the disk (and you might not even know it), etc... If your employer has a rule as stupid as "burn a black cat before giving a disk" 😊, you'll better follow the rule or refuse to give the disk. BTW, a disk is quite cheap these days (so in doubt, and after having asked permission, don't give the disk and destroy it with permission or burn that black cat 😸 if the rules at your place require that).
You don't offer these computers (they are not yours); you are asking your organization to offer them, and to give you instructions about that.
PS. I have nothing against black cats, I even had one ten years ago - the current one at home is brown, and I am not discussing the legality of burning black cats (probably that is illegal in some places), and my employer (or anyone else) never asked me to burn any kind of cat. The mention of burning black cats is supposed to be a joke (with an humorous reference to superstition and witchcraft).
PPS. Discussing the actual ability of NSA or FBI is by hypothesis irrelevant. We don't know them, and those who do are not allowed to speak about them. It is irrelevant what the NSA or FBI can do today (my guess is that with the Trump administration, things are messy inside them; but that is not relevant here).
PPPS. Obviously, I am not guessing what rules apply to your particular cases. And I don't know the context of your question and don't guess them (your boss and perhaps you also should care about the "privileged information" and what that means about which rules to follow).
answered 2 hours ago
Basile Starynkevitch
98048
Prologue: before acting on any computer which is not your personal one, ask permission and rules.
If you have some minimal knowledge of Linux (or any other similar free software OS like FreeBSD), you might boot Linux from an USB flash drive, and use its "rescue mode" to wipe entirely the disk. If Linux sees your disk as /dev/sda you could run the following command
dd if=/dev/zero of=/dev/sda bs=4k
The above command write all zero bytes on your disk. It might last an hour. By wiping the disk (either like above, or with some other way that you reasonably trust) you have at least followed common sense (and if you are later asked what did you do with the old data, you have some answer to give).
That should be enough for ordinary use (and legally it should be enough, you have done something reasonable to clear the disk). If you care about the FBI or NSA investigating your disk, that might not enough (and indeed, the reliable way is to physically break your disk and grind it into powder; but I don't want to discuss precisely what the NSA could technically do). These FBI or NSA labs could have resources we ordinary people don't even imagine to get some of the previous disk content (that is the folklore explanation about some rules requiring disk grinding). That is why some disks cannot be given even after such wiping and have to be destroyed. Actually large organizations have strict but well defined rules: data of confidentiality XXX can be wipped out, data of higher confidentiality YYY should be on physically destroyed disks. You need to ask for such rules (if your organization has some) and get approval from your boss.
My organisation owns the computers and the licences for Windows, and would like to offer them to employees once we're done with them
Then you probably (unless some contract or EULA specifies otherwise) cannot legally leave Windows. But you could install (both legally and technically) Linux for them (because most Linux distributions are free software). The employees could buy (or steal, but that is their business) Windows on these computers by themselves.
I believe there's an issue with transferring the Windows license, for example.
Very probably yes (to be sure, read carefully the contract with MicroSoft or EULA relevant at your organization, perhaps with the help of your lawyer). Some large organizations (such as my employer, CEA - grossly the small French equivalent of DoE in the USA) negotiate other contracts with Microsoft (and the details are not public and could vary from one contract to another). So I recommend installing Linux, or at least wiping the disk like suggested.
You could of course replace Linux by some other free and open-source OS, perhaps as simple as FreeDOS or HaikuOS. To be safe, use anything with an OSI license. Most Linux distributions (Ubuntu, Debian, CentOS, Gentoo, etc ...) qualify.
AFAIK, a proprietary software license like a Windows one might (perhaps) not be resellable or given to an employee. You need to check carefully (the particular contract used between Microsoft and your corporation). Legal details vary with the contract and the legal system (country), and I am not authorized to tell any details about the contract between my employer and Microsoft.
Don't give away corporate computers (and their OS license, if relevant) without explicit written permission (probably at least an email) from your boss. You want to "cover your ass" (and you might not even know or understand how sensitive was the older information in them), so ask for explicit permissions and rules to follow. Details are specific to your organization, your country, to the kind of data that was on the disk (and you might not even know it), etc... If your employer has a rule as stupid as "burn a black cat before giving a disk" 😊, you'll better follow the rule or refuse to give the disk. BTW, a disk is quite cheap these days (so in doubt, and after having asked permission, don't give the disk and destroy it with permission or burn that black cat 😸 if the rules at your place require that).
You don't offer these computers (they are not yours); you are asking your organization to offer them, and to give you instructions about that.
PS. I have nothing against black cats, I even had one ten years ago - the current one at home is brown, and I am not discussing the legality of burning black cats (probably that is illegal in some places), and my employer (or anyone else) never asked me to burn any kind of cat. The mention of burning black cats is supposed to be a joke (with an humorous reference to superstition and witchcraft).
PPS. Discussing the actual ability of NSA or FBI is by hypothesis irrelevant. We don't know them, and those who do are not allowed to speak about them. It is irrelevant what the NSA or FBI can do today (my guess is that with the Trump administration, things are messy inside them; but that is not relevant here).
PPPS. Obviously, I am not guessing what rules apply to your particular cases. And I don't know the context of your question and don't guess them (your boss and perhaps you also should care about the "privileged information" and what that means about which rules to follow).
answered 2 hours ago
Basile Starynkevitch
98048
edited 17 secs ago
answered 2 hours ago
Basile Starynkevitch
98048
answered 2 hours ago
Basile Starynkevitch
98048
answered 2 hours ago
Basile Starynkevitch
98048
98048
Please do not bring politics into, since those are short-lived (4 and 8 years maximum), and any government's policies are actually irrelevant to this question.
– Ramhound
17 mins ago
Yes, that is why the black cat is a more humorous way to explain. The "wipe the disk once" hint is to be able to answer later that the OP did something reasonable. The "ask permission and rules" hint is to cover ass. OP didn't give any details, I am not able to guess most of them. In some organizations (e.g. my employer) government policies are fixing (indirectly) the rules.
– Basile Starynkevitch
14 mins ago
add a comment |Â
Please do not bring politics into, since those are short-lived (4 and 8 years maximum), and any government's policies are actually irrelevant to this question.
– Ramhound
17 mins ago
Yes, that is why the black cat is a more humorous way to explain. The "wipe the disk once" hint is to be able to answer later that the OP did something reasonable. The "ask permission and rules" hint is to cover ass. OP didn't give any details, I am not able to guess most of them. In some organizations (e.g. my employer) government policies are fixing (indirectly) the rules.
– Basile Starynkevitch
14 mins ago
Please do not bring politics into, since those are short-lived (4 and 8 years maximum), and any government's policies are actually irrelevant to this question.
– Ramhound
17 mins ago
Please do not bring politics into, since those are short-lived (4 and 8 years maximum), and any government's policies are actually irrelevant to this question.
– Ramhound
17 mins ago
Yes, that is why the black cat is a more humorous way to explain. The "wipe the disk once" hint is to be able to answer later that the OP did something reasonable. The "ask permission and rules" hint is to cover ass. OP didn't give any details, I am not able to guess most of them. In some organizations (e.g. my employer) government policies are fixing (indirectly) the rules.
– Basile Starynkevitch
14 mins ago
Yes, that is why the black cat is a more humorous way to explain. The "wipe the disk once" hint is to be able to answer later that the OP did something reasonable. The "ask permission and rules" hint is to cover ass. OP didn't give any details, I am not able to guess most of them. In some organizations (e.g. my employer) government policies are fixing (indirectly) the rules.
– Basile Starynkevitch
14 mins ago
add a comment |Â
up vote
-1
down vote
To answer your initial question first; you are not safe by just reinstalling windows, since you cannot guarantee that the data in question will be overwritten.
You may want to overwrite the (deleted) sensitive data using one of some available options;
You can use the DiskPart command - Clean All - but make sure that you know what disk you are working with.
You can (after deleting the sensitive data) use the Cipher command with the /W option.
You can also make yourself a simple BAT file or two - a couple of samples below;
One additional comment: If you wipe the disk/data 2-3 times, thereby alter the magnetic patterns beyond recognition, then even 'incredibly powerful people' will not be able to recover the data.
---
@echo off
rem Simple Disk Wipe Utility - wipedfast.bat
rem ---
rem --- 1) Delete all unwanted content from disk, leaving possibly only the command interpreter to run this script.
rem --- 2) Delete content from trashcan/recycled, if any.
rem --- 3) Run this script until it reports file system full.
rem --- 4) Delete WASH*.TMP files on each drive to reclaim space or to rerun utility.
rem --- Do this for all file systems/drives (C:, D:) on system, at least a couple of times.
rem ---
echo Grow file system test (fast / large increments - less secure). See comments in script file.
echo To be done for each drive (C:, D:) on system.
echo Abort with Ctrl-C when disk full and delete WASH-files
echo - Ideally run wipedfast.bat first - then wiped.bat when disk full - before deleting WASH-files.
pause
echo abcdefghijklmnopqrstuvwxyz0987654321ABCDEFGHIJKLMNOPQRSTUVWXYZ > wash_a.tmp
copy wash_a.tmp wash_b.tmp
:start
copy wash_a.tmp+wash_b.tmp wash_c.tmp
del wash_a.tmp
del wash_b.tmp
copy wash_c.tmp wash_a.tmp
ren wash_c.tmp wash_b.tmp
goto start
---
@echo off
rem Simple Disk Wipe Utility - wiped.bat
rem ---
rem --- 1) Delete all unwanted content from disk, leaving possibly only the command interpreter to run this script.
rem --- 2) Delete content from trashcan/recycled, if any.
rem --- 3) Run this script until it reports file system full.
rem --- 4) Delete WASH*.TMP files on each drive to reclaim space or to rerun utility.
rem --- Do this for all file systems/drives (C:, D:) on system, at least a couple of times.
rem ---
echo Wipe file system (slow / small increments - most secure). See comments in script file.
echo To be done for each drive (C:, D:) on system.
echo Abort with Ctrl-C when disk full and delete WASH-files.
echo - Ideally run wipedfast.bat first - then wiped.bat when disk full - before deleting WASH-files.
pause
echo abcdefghijklmnopqrstuvwxyz0987654321ABCDEFGHIJKLMNOPQRSTUVWXYZ > wash_a.tmp
copy wash_a.tmp wash_b.tmp
:start
copy wash_a.tmp+wash_b.tmp wash_c.tmp
del wash_b.tmp
ren wash_c.tmp wash_b.tmp
goto start
answered 1 hour ago
reben
1
New contributor
reben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
What make you so sure about 'incredibly powerful people' not being able to recover data? There are both technical aspects and legal aspects
– Basile Starynkevitch
1 hour ago
I cannot claim to know all inventions/technology related to this matter, but we all know the basics behind magnetic storage (even simpler case with SSDs) and even if teoretically possible to read 'old patterns' from magnetic storage even after having changed patterns to something new - wiping more than once makes this possibility less and less feasible. If it was possible to store several generations of information on magnetic media this knowledge would be utilized - like multiple layers on CDs/DVDs/BDs.
– reben
1 hour ago
Two points: NSA (or FBI, or DGSI in French) could in principle use secret technology. Most importantly, there are rules to follow for clearing data (depending on confidentiality). If I gave a CEA corporate disk, even wiped, without permission, I could be prosecuted (e.g. if it had sensitive data). So I won't do it without permission. I won't tell more, but my employer has explicit rules on such issues (and I guess DoE also). On such items, ask for rules and permissions and follow them. My most important advice is: "cover your ass" (and what that means depend upon the organization)
– Basile Starynkevitch
1 hour ago
Yes, you're right - I do not address any legal aspects.
– reben
1 hour ago
add a comment |Â
up vote
-1
down vote
To answer your initial question first; you are not safe by just reinstalling windows, since you cannot guarantee that the data in question will be overwritten.
You may want to overwrite the (deleted) sensitive data using one of some available options;
You can use the DiskPart command - Clean All - but make sure that you know what disk you are working with.
You can (after deleting the sensitive data) use the Cipher command with the /W option.
You can also make yourself a simple BAT file or two - a couple of samples below;
One additional comment: If you wipe the disk/data 2-3 times, thereby alter the magnetic patterns beyond recognition, then even 'incredibly powerful people' will not be able to recover the data.
---
@echo off
rem Simple Disk Wipe Utility - wipedfast.bat
rem ---
rem --- 1) Delete all unwanted content from disk, leaving possibly only the command interpreter to run this script.
rem --- 2) Delete content from trashcan/recycled, if any.
rem --- 3) Run this script until it reports file system full.
rem --- 4) Delete WASH*.TMP files on each drive to reclaim space or to rerun utility.
rem --- Do this for all file systems/drives (C:, D:) on system, at least a couple of times.
rem ---
echo Grow file system test (fast / large increments - less secure). See comments in script file.
echo To be done for each drive (C:, D:) on system.
echo Abort with Ctrl-C when disk full and delete WASH-files
echo - Ideally run wipedfast.bat first - then wiped.bat when disk full - before deleting WASH-files.
pause
echo abcdefghijklmnopqrstuvwxyz0987654321ABCDEFGHIJKLMNOPQRSTUVWXYZ > wash_a.tmp
copy wash_a.tmp wash_b.tmp
:start
copy wash_a.tmp+wash_b.tmp wash_c.tmp
del wash_a.tmp
del wash_b.tmp
copy wash_c.tmp wash_a.tmp
ren wash_c.tmp wash_b.tmp
goto start
---
@echo off
rem Simple Disk Wipe Utility - wiped.bat
rem ---
rem --- 1) Delete all unwanted content from disk, leaving possibly only the command interpreter to run this script.
rem --- 2) Delete content from trashcan/recycled, if any.
rem --- 3) Run this script until it reports file system full.
rem --- 4) Delete WASH*.TMP files on each drive to reclaim space or to rerun utility.
rem --- Do this for all file systems/drives (C:, D:) on system, at least a couple of times.
rem ---
echo Wipe file system (slow / small increments - most secure). See comments in script file.
echo To be done for each drive (C:, D:) on system.
echo Abort with Ctrl-C when disk full and delete WASH-files.
echo - Ideally run wipedfast.bat first - then wiped.bat when disk full - before deleting WASH-files.
pause
echo abcdefghijklmnopqrstuvwxyz0987654321ABCDEFGHIJKLMNOPQRSTUVWXYZ > wash_a.tmp
copy wash_a.tmp wash_b.tmp
:start
copy wash_a.tmp+wash_b.tmp wash_c.tmp
del wash_b.tmp
ren wash_c.tmp wash_b.tmp
goto start
answered 1 hour ago
reben
1
New contributor
reben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
What make you so sure about 'incredibly powerful people' not being able to recover data? There are both technical aspects and legal aspects
– Basile Starynkevitch
1 hour ago
I cannot claim to know all inventions/technology related to this matter, but we all know the basics behind magnetic storage (even simpler case with SSDs) and even if teoretically possible to read 'old patterns' from magnetic storage even after having changed patterns to something new - wiping more than once makes this possibility less and less feasible. If it was possible to store several generations of information on magnetic media this knowledge would be utilized - like multiple layers on CDs/DVDs/BDs.
– reben
1 hour ago
Two points: NSA (or FBI, or DGSI in French) could in principle use secret technology. Most importantly, there are rules to follow for clearing data (depending on confidentiality). If I gave a CEA corporate disk, even wiped, without permission, I could be prosecuted (e.g. if it had sensitive data). So I won't do it without permission. I won't tell more, but my employer has explicit rules on such issues (and I guess DoE also). On such items, ask for rules and permissions and follow them. My most important advice is: "cover your ass" (and what that means depend upon the organization)
– Basile Starynkevitch
1 hour ago
Yes, you're right - I do not address any legal aspects.
– reben
1 hour ago
add a comment |Â
up vote
-1
down vote
up vote
-1
down vote
To answer your initial question first; you are not safe by just reinstalling windows, since you cannot guarantee that the data in question will be overwritten.
You may want to overwrite the (deleted) sensitive data using one of some available options;
You can use the DiskPart command - Clean All - but make sure that you know what disk you are working with.
You can (after deleting the sensitive data) use the Cipher command with the /W option.
You can also make yourself a simple BAT file or two - a couple of samples below;
One additional comment: If you wipe the disk/data 2-3 times, thereby alter the magnetic patterns beyond recognition, then even 'incredibly powerful people' will not be able to recover the data.
---
@echo off
rem Simple Disk Wipe Utility - wipedfast.bat
rem ---
rem --- 1) Delete all unwanted content from disk, leaving possibly only the command interpreter to run this script.
rem --- 2) Delete content from trashcan/recycled, if any.
rem --- 3) Run this script until it reports file system full.
rem --- 4) Delete WASH*.TMP files on each drive to reclaim space or to rerun utility.
rem --- Do this for all file systems/drives (C:, D:) on system, at least a couple of times.
rem ---
echo Grow file system test (fast / large increments - less secure). See comments in script file.
echo To be done for each drive (C:, D:) on system.
echo Abort with Ctrl-C when disk full and delete WASH-files
echo - Ideally run wipedfast.bat first - then wiped.bat when disk full - before deleting WASH-files.
pause
echo abcdefghijklmnopqrstuvwxyz0987654321ABCDEFGHIJKLMNOPQRSTUVWXYZ > wash_a.tmp
copy wash_a.tmp wash_b.tmp
:start
copy wash_a.tmp+wash_b.tmp wash_c.tmp
del wash_a.tmp
del wash_b.tmp
copy wash_c.tmp wash_a.tmp
ren wash_c.tmp wash_b.tmp
goto start
---
@echo off
rem Simple Disk Wipe Utility - wiped.bat
rem ---
rem --- 1) Delete all unwanted content from disk, leaving possibly only the command interpreter to run this script.
rem --- 2) Delete content from trashcan/recycled, if any.
rem --- 3) Run this script until it reports file system full.
rem --- 4) Delete WASH*.TMP files on each drive to reclaim space or to rerun utility.
rem --- Do this for all file systems/drives (C:, D:) on system, at least a couple of times.
rem ---
echo Wipe file system (slow / small increments - most secure). See comments in script file.
echo To be done for each drive (C:, D:) on system.
echo Abort with Ctrl-C when disk full and delete WASH-files.
echo - Ideally run wipedfast.bat first - then wiped.bat when disk full - before deleting WASH-files.
pause
echo abcdefghijklmnopqrstuvwxyz0987654321ABCDEFGHIJKLMNOPQRSTUVWXYZ > wash_a.tmp
copy wash_a.tmp wash_b.tmp
:start
copy wash_a.tmp+wash_b.tmp wash_c.tmp
del wash_b.tmp
ren wash_c.tmp wash_b.tmp
goto start
answered 1 hour ago
reben
1
New contributor
reben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
To answer your initial question first; you are not safe by just reinstalling windows, since you cannot guarantee that the data in question will be overwritten.
You may want to overwrite the (deleted) sensitive data using one of some available options;
You can use the DiskPart command - Clean All - but make sure that you know what disk you are working with.
You can (after deleting the sensitive data) use the Cipher command with the /W option.
You can also make yourself a simple BAT file or two - a couple of samples below;
One additional comment: If you wipe the disk/data 2-3 times, thereby alter the magnetic patterns beyond recognition, then even 'incredibly powerful people' will not be able to recover the data.
---
@echo off
rem Simple Disk Wipe Utility - wipedfast.bat
rem ---
rem --- 1) Delete all unwanted content from disk, leaving possibly only the command interpreter to run this script.
rem --- 2) Delete content from trashcan/recycled, if any.
rem --- 3) Run this script until it reports file system full.
rem --- 4) Delete WASH*.TMP files on each drive to reclaim space or to rerun utility.
rem --- Do this for all file systems/drives (C:, D:) on system, at least a couple of times.
rem ---
echo Grow file system test (fast / large increments - less secure). See comments in script file.
echo To be done for each drive (C:, D:) on system.
echo Abort with Ctrl-C when disk full and delete WASH-files
echo - Ideally run wipedfast.bat first - then wiped.bat when disk full - before deleting WASH-files.
pause
echo abcdefghijklmnopqrstuvwxyz0987654321ABCDEFGHIJKLMNOPQRSTUVWXYZ > wash_a.tmp
copy wash_a.tmp wash_b.tmp
:start
copy wash_a.tmp+wash_b.tmp wash_c.tmp
del wash_a.tmp
del wash_b.tmp
copy wash_c.tmp wash_a.tmp
ren wash_c.tmp wash_b.tmp
goto start
---
@echo off
rem Simple Disk Wipe Utility - wiped.bat
rem ---
rem --- 1) Delete all unwanted content from disk, leaving possibly only the command interpreter to run this script.
rem --- 2) Delete content from trashcan/recycled, if any.
rem --- 3) Run this script until it reports file system full.
rem --- 4) Delete WASH*.TMP files on each drive to reclaim space or to rerun utility.
rem --- Do this for all file systems/drives (C:, D:) on system, at least a couple of times.
rem ---
echo Wipe file system (slow / small increments - most secure). See comments in script file.
echo To be done for each drive (C:, D:) on system.
echo Abort with Ctrl-C when disk full and delete WASH-files.
echo - Ideally run wipedfast.bat first - then wiped.bat when disk full - before deleting WASH-files.
pause
echo abcdefghijklmnopqrstuvwxyz0987654321ABCDEFGHIJKLMNOPQRSTUVWXYZ > wash_a.tmp
copy wash_a.tmp wash_b.tmp
:start
copy wash_a.tmp+wash_b.tmp wash_c.tmp
del wash_b.tmp
ren wash_c.tmp wash_b.tmp
goto start
answered 1 hour ago
reben
1
New contributor
reben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 1 hour ago
reben
1
New contributor
reben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 1 hour ago
reben
1
answered 1 hour ago
reben
1
1
New contributor
reben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
reben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
reben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
What make you so sure about 'incredibly powerful people' not being able to recover data? There are both technical aspects and legal aspects
– Basile Starynkevitch
1 hour ago
I cannot claim to know all inventions/technology related to this matter, but we all know the basics behind magnetic storage (even simpler case with SSDs) and even if teoretically possible to read 'old patterns' from magnetic storage even after having changed patterns to something new - wiping more than once makes this possibility less and less feasible. If it was possible to store several generations of information on magnetic media this knowledge would be utilized - like multiple layers on CDs/DVDs/BDs.
– reben
1 hour ago
Two points: NSA (or FBI, or DGSI in French) could in principle use secret technology. Most importantly, there are rules to follow for clearing data (depending on confidentiality). If I gave a CEA corporate disk, even wiped, without permission, I could be prosecuted (e.g. if it had sensitive data). So I won't do it without permission. I won't tell more, but my employer has explicit rules on such issues (and I guess DoE also). On such items, ask for rules and permissions and follow them. My most important advice is: "cover your ass" (and what that means depend upon the organization)
– Basile Starynkevitch
1 hour ago
Yes, you're right - I do not address any legal aspects.
– reben
1 hour ago
add a comment |Â
What make you so sure about 'incredibly powerful people' not being able to recover data? There are both technical aspects and legal aspects
– Basile Starynkevitch
1 hour ago
I cannot claim to know all inventions/technology related to this matter, but we all know the basics behind magnetic storage (even simpler case with SSDs) and even if teoretically possible to read 'old patterns' from magnetic storage even after having changed patterns to something new - wiping more than once makes this possibility less and less feasible. If it was possible to store several generations of information on magnetic media this knowledge would be utilized - like multiple layers on CDs/DVDs/BDs.
– reben
1 hour ago
Two points: NSA (or FBI, or DGSI in French) could in principle use secret technology. Most importantly, there are rules to follow for clearing data (depending on confidentiality). If I gave a CEA corporate disk, even wiped, without permission, I could be prosecuted (e.g. if it had sensitive data). So I won't do it without permission. I won't tell more, but my employer has explicit rules on such issues (and I guess DoE also). On such items, ask for rules and permissions and follow them. My most important advice is: "cover your ass" (and what that means depend upon the organization)
– Basile Starynkevitch
1 hour ago
Yes, you're right - I do not address any legal aspects.
– reben
1 hour ago
What make you so sure about 'incredibly powerful people' not being able to recover data? There are both technical aspects and legal aspects
– Basile Starynkevitch
1 hour ago
What make you so sure about 'incredibly powerful people' not being able to recover data? There are both technical aspects and legal aspects
– Basile Starynkevitch
1 hour ago
I cannot claim to know all inventions/technology related to this matter, but we all know the basics behind magnetic storage (even simpler case with SSDs) and even if teoretically possible to read 'old patterns' from magnetic storage even after having changed patterns to something new - wiping more than once makes this possibility less and less feasible. If it was possible to store several generations of information on magnetic media this knowledge would be utilized - like multiple layers on CDs/DVDs/BDs.
– reben
1 hour ago
I cannot claim to know all inventions/technology related to this matter, but we all know the basics behind magnetic storage (even simpler case with SSDs) and even if teoretically possible to read 'old patterns' from magnetic storage even after having changed patterns to something new - wiping more than once makes this possibility less and less feasible. If it was possible to store several generations of information on magnetic media this knowledge would be utilized - like multiple layers on CDs/DVDs/BDs.
– reben
1 hour ago
Two points: NSA (or FBI, or DGSI in French) could in principle use secret technology. Most importantly, there are rules to follow for clearing data (depending on confidentiality). If I gave a CEA corporate disk, even wiped, without permission, I could be prosecuted (e.g. if it had sensitive data). So I won't do it without permission. I won't tell more, but my employer has explicit rules on such issues (and I guess DoE also). On such items, ask for rules and permissions and follow them. My most important advice is: "cover your ass" (and what that means depend upon the organization)
– Basile Starynkevitch
1 hour ago
Two points: NSA (or FBI, or DGSI in French) could in principle use secret technology. Most importantly, there are rules to follow for clearing data (depending on confidentiality). If I gave a CEA corporate disk, even wiped, without permission, I could be prosecuted (e.g. if it had sensitive data). So I won't do it without permission. I won't tell more, but my employer has explicit rules on such issues (and I guess DoE also). On such items, ask for rules and permissions and follow them. My most important advice is: "cover your ass" (and what that means depend upon the organization)
– Basile Starynkevitch
1 hour ago
Yes, you're right - I do not address any legal aspects.
– reben
1 hour ago
Yes, you're right - I do not address any legal aspects.
– reben
1 hour ago
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1360332%2fhow-secure-is-reinstalling-windows%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
2
After re installation overwrite all free space then you are good to go....howtogeek.com/137108/…
– Moab
3 hours ago
3
You do understand you can just Reset Windows 10, choose to keep nothing, and and you will get the results you want? If these are Enterprise editions, it will be more difficult, for the new owners since they won’t be able to activate them due to loss of the KMS. Volume licenses must communicate with the KMS once every 180 days.
– Ramhound
3 hours ago
1
Once old data is overwritten by re installation and free space overwrite, nothing can be recovered.
– Moab
3 hours ago
@Moab That sounds like an answer to me, pulling the contents of that article into one would get my upvote :)
– Yann
3 hours ago
2
@Yann - So instead just install Windows with the generic key, and leave it to the new owner, to change the license key. I personally would, encrypt the data with BitLocker, then just format the HDD and reinstall an unlicensed installation of Windows. This makes data recovery impossible and the burden of getting a license somebody’s else problem
– Ramhound
3 hours ago