HOW TO COMPLETELY WIPE OLD KIT BEFORE YOU SELL IT
Getting rid of an old computer or smart device? Make sure you’re not giving away valuable data. Nik Rawlinson reveals the fail-safes you should follow
Whenever you sell, donate or recycle old hardware, it’s essential to make sure it’s been completely scrubbed of all sensitive information. For personal devices, this might include emails, documents and bank details. In business, it could be GDPR-risky data, such as customer records, accounts and contracts.
Unfortunately, achieving this isn’t always straightforward: it’s well known these days that formatting your hard drive isn’t necessarily a surefire way to wipe the data. Normally, the process simply blanks out the file allocation table that tells the operating system what files are present on the disk. Afterwards, Windows will report that the disk is empty – but your old data remains in situ and, until it’s overwritten with fresh information, it can be quite easily recovered.
The simplest solution is not just to rely on a quick format routine, but to manually overwrite each sector of the disk with fresh data. This takes much longer, but it makes it effectively impossible for anyone to restore the files that were there before (that includes you, so be 100% sure that you won’t need the data back).
If you’re using Windows 10 and simply want to revert the operating system to a pristine state, you can do this easily using the “Reset this PC” tool. You’ll find it in the Settings app under “Recovery” – or you can just search for it in the Start menu. Click “Get started”, then select “Remove everything”. If your PC has more than one drive, you’ll be asked whether you want to wipe just the Windows drive or all connected volumes; the latter is safer but may be overkill.
Finally, you’ll be asked whether Windows should “Just remove my files” or “Remove files and clean the drive”. Pick the second option to start the cleaning procedure – then maybe go out to the shops, as it’s likely to take a few hours to complete.
Manually overwrite
If you’re using an earlier version of Windows that doesn’t have the Reset function – or if you want to wipe Windows off the drive as well as your data – then you can securely wipe a mechanical drive using the built-in format command. In theory, this is as simple as opening a Command Prompt and typing: format d: /p:3
In this case, “D:” is the letter of the drive you want to wipe, and the “/p:3” switch tells Windows to overwrite every sector with zeroes, three times. The US Department of Defense requires three overwrite passes as a minimum for securely erasing sensitive data, but truthfully a single pass will be enough to defeat anyone who doesn’t have access to extremely expensive and specialist equipment.
There’s a catch, though: Windows won’t let you reformat the drive it’s running from, so to wipe your system you’ll need to start up your PC from an external source. One option is to install a bootable Linux-based environment on a USB flash drive, but you may find it simpler to use standard Windows 10 installation media. However, these days, this is almost never supplied with your PC, so you’ll have to build it yourself.
To do this, start by downloading the Windows 10 Setup tool from
pcpro.link/297setup. Run it, accept the licence terms, then select the option to “Create installation media” and click through to accept the recommended settings. Next, select that you want to write the image to a USB flash drive: you’ll then be prompted to insert a USB flash drive with at least 8GB capacity. Note that this will be completely overwritten, so back up its contents first if you need them. Leave the rest of the settings at their defaults, select the flash drive as the destination and click Next to set up the Windows installation media.
When this finishes – and it may take a while, as it has to download a complete set of installation files Windows 10 – you need to boot from this USB flash drive (you might need to tweak your BIOS settings or access a boot menu to do this).
You can then select “Troubleshoot” from the options displayed, then Command Prompt, from which you can enter your format command. Be aware that when you’re in this environment your drive letters won’t be the same as they are when you normally boot into Windows. To find out which drive it is you want to format, use the following command:
wmic logicaldisk wlist brief
This will show you the available disks, along with their drive letters; you can now use the format command with the “/p:3” switch to securely erase the appropriate one. It’s up to you whether you then go on to reinstall Windows: if you’re passing on your PC to someone else, check that you won’t be contravening the EULA by installing Windows on their behalf.
Securely erase SSDs
We specified that the above instructions were specifically for mechanical hard drives – they’re not guaranteed to work perfectly for SSDs. That’s because solid-state devices use wear-levelling technologies to distribute data across all available memory cells within the drive. This ensures that no single cell gets disproportionately hammered with write requests, which would make it prone to early failure. However, the upshot is that when you try to write
BE 100% SUREY OU WON’T NEED THE DATA BACK
to one logical address on the disk three times in a row, you may actually be accessing different physical cells each time. Since the wear-levelling process is controlled by the SSD itself, rather than by the OS, it may be impossible to deliberately overwrite any specific piece of data.
What’s more, SSDs also often include additional data caches for temporarily staging working files. Again, these can’t be accessed by the OS, and they’re usually not cleared out until they need to be reused.
Of course, for all the same reasons why you can’t wipe this left-behind data, there’s also no easy way for an opportunist snooper to gain access to it. Even so, it’s a potential concern. To minimise the risk, your best bet is to enable whole-drive encryption, using BitLocker for Windows or FileVault for macOS – and wipe the encryption keys before passing on the disk. This ensures that even if fragments of data can be recovered, they can’t be deciphered. The trade-off is a minor reduction in overall responsiveness as a result, as the OS needs to encode and decode the data on the fly, but this shouldn’t normally be noticeable, and it’s a price worth paying for much greater data security.
Secure destruction
If you really need to be 100% certain that nothing can be recovered from a discarded drive, you might consider physically destroying it. This isn’t as easy as you might think, however: pulling out the interface pins on the back of the drive itself might be enough to put off a casual identity thief, but a determined cracker could still re-house the platters or flash controllers and access the contents. Indeed, in 2015, when Scientific
American investigated how to destroy a hard drive permanently ( pcpro.
link/297destroy), it discovered that even dropping the drive into a lake probably wasn’t good enough. “Water might short out the electronics,” the magazine reported, “but as long as the platters are not allowed to dry out, forensics experts should be able to recover data with relative ease.”
NIST in the US has added a further warning that “bending, cutting, and the use of some emergency procedures (such as using a firearm to shoot a hole through a storage device) may only damage the media… portions may remain undamaged and therefore accessible using advanced laboratory techniques.”
There are, however, less dramatic options, which may well work better. A degausser is a very strong magnet that’s designed to quickly scramble all the data written to magnetic media such as hard drives and archive tapes. Tapes can usually be reused following degaussing, as the next time they’re fed through the drive they’ll be overwritten with new, structured data. For hard disks, though, it’s game over forever. In the words of IT recycling and destruction specialist Securis, “degaussing renders [hard drives] completely unusable because of permanent damage to the storage system. This happens because of damage to the special servo control data that is written onto the media at the factory by the manufacturer. Once the servo track is damaged, it cannot be corrected… Without the servo data the device is no longer able to determine where data is to be read from or written to on the magnetic media.”
If you’re thinking of nipping out to buy a degausser, be warned that they’re not cheap: the commercial-grade Intimus 9000 has an RRP of £16,450, although if you shop around you can find it online for less than £13,000. And it’s clearly overkill for home users and even mid-sized businesses: it can erase a hard drive in 12 seconds, and has a side feeder so you can process a crate full of disks in a single batch. A more realistic option might be something such as the StarTech Hard Drive Eraser, a little desktop device with a slot into which you can simply plug a 3.5in or 2.5in drive. It will perform single or multipass overwriting, and it’s a lot cheaper than a degausser – you can buy it on Amazon for £215, including delivery ( pcpro.link/297startech). Plus, as it overwrites drives rather than destroying them, you can reuse them.
The recycling specialists
If you have multiple machines to dispose of, you may want to consider engaging a professional refurbisher, who will collect your hardware, securely wipe it and resell it. As well as saving you a lot of hassle, many will also provide a certificate of safe disposal, guaranteeing that any data that was previously on the machines was responsibly erased.
One such recycler is Tier 1 Asset Management ( tier1.com). The company takes in old kit from a range of financial services companies – usually laptops and desktops around three years old – and prepares them for resale. The software is provided by Blancco, whose Drive Eraser software is certified by the National Cyber Security Centre (part of GCHQ) to
WIPE KEYS BEFORE PASSING ON THE DISK
exceed the highest specifications of the government’s Infosec Standard.
If you want to try Blancco Drive Eraser yourself, it’s very affordable: a single-user licence costs £23, including VAT, and allows you to erase hard drives, SSDs and NAS devices, both locally and remotely. If you don’t need the full feature set, another option worth looking at is the free, open-source DBAN program, which is also owned by Blancco and supports six erasure standards. However, it doesn’t support SSDs (which the full Blancco software does), and doesn’t guarantee data removal – so if you’re looking for a legal assurance that your data will be wiped, DBAN isn’t the way to go.
Erase mobile devices
Disposing of an old mobile phone or tablet can be an even bigger privacy risk than recycling a computer. After all, our phones are linked to any number of cloud services, and their slick front-ends reveal little about what personal information has been saved or cached locally. Smartphones in particular are likely to be upgraded more often than laptops and desktops, so there are more opportunities for something to slip through the cracks.
The solution is always to carry out a complete secure erase of all mobile
CARRY OUT A SECURE ERASE OF ALL DEVICES
devices before giving up possession. If you’re using iOS, Apple officially recommends that you back up your device before erasing it: you can make a local backup by connecting the device to iTunes using the USB cable, or back up wirelessly to iCloud. To access the latter option, open Settings on your iOS device, tap your username at the top of the menu and tap iCloud. Scroll down, tap iCloud Backup and make sure the switch beside “iCloud Backup” on the following screen is on (green and to the right). If it is, tap “Back Up Now” to perform a manual backup. If you’re upgrading to a new iPhone or iPad, you’ll have the option to restore this backup as part of the initial setup, to get all your apps and data back as you had them before.
To erase the data from the device, return to the top level of the Settings app and tap General, followed by Reset, then “Erase All Content” and Settings. Tap “Erase Now” to complete the process. If your iPhone or iPad is connected to your PC running iTunes, you also have the option of wiping it and install a newly downloaded copy of iOS.
On Android – with tiresome predictability – the precise method for securely erasing a device differs between builds, but the option is normally easy enough to find within the Settings. On our Motorola G6 Play, for instance, tapping on System, followed by Advanced, then “Reset Options” leads us to the option to “Erase all data (factory reset)”.
Alternatively, you could consider using an app instead. ProtectStar ( offers a range of shredding apps for Android, iOS, Windows and macOS, including iShredder, which supports deletion algorithms specified by NATO, the Department of Defense, US Air Force and British government.
Business mobiles
Mobile phones are a vital tool for business, but too often they’re supplied without due constraints. Employers need to be certain that sensitive data doesn’t leak out of their control when staff upgrade or move on.
If you’re an IT manager, you’ll find it a big help if you can control what kind of data is allowed on the devices in the first place. Microsoft Intune allows organisations using Azure Cloud to control the flow of sensitive data onto both corporate-owned and BYOD hardware, and to place limits on what can be forwarded, printed or even screen-grabbed. Intune is included in Microsoft Enterprise Mobility + Security Suite and Office 365 Enterprise E, and works with versions of Windows from XP on, and both Android and iOS devices.
If you don’t have a mobile management system like this, you’ll need to ensure that all mobile devices are securely wiped when they’re recycled or given away. This includes employees’ own smartphones and tablets, if they use them for work: make sure you have a written policy document explaining the policies and procedures that apply to keep corporate data secure.