File Deleted? Not Really

By Brice Wallace
Deseret Morning News

Capital One's ad slogan is "What's in your wallet?" but an Orem company believes what's on a hard drive—"even one that's been reformatted" is a veritable gold mine for ne'er-do-wells, troublemakers and cheats.

Armed with evidence that supposedly "clean" hard drives can yield tons of personal information that can be used for identity theft, fraud or worse, WhiteCanyon Inc. has a pair of programs that work like software Swiffers to help you clean your hard drive.

"A lot of people don't understand that when you delete a file, it's not really gone," said Steve Elderkin, president and chief executive officer. "At the next level, some people talk about partitioning and formatting drives, and if you do a low-level format, you'll be OK. But the format command only verifies that the disk is OK. It doesn't write over the data. Consequently, it did not fully clean your hard drive."

WhiteCanyon has two permanent-deletion products that can help ensure that those underlying bits of personal info don't get snatched up by predators. WipeDrive is designed to permanently clean your hard drives just before they're sold, donated or recycled. SecureClean ensures deleted stuff is gone but, unlike WipeDrive's comprehensiveness, aims at specific files.

Think Such Problems Can't Happen To You?

A pair of Massachusetts Institute of Technology grad students was able to pull several thousand credit card numbers, medical correspondence, bank account information and government employment records from only 158 hard drives they obtained on the secondary market, most through eBay auctions.

WipeDrive, introduced in 1999, overwrites all pre-existing data on hard drives, wiping out operating system program files and other private or personal data as well as partition tables and drive formats.

Clean Your Hard Drive With Wipedrive

WipeDrive 3.0 retails for $29.95 for individuals and allows each to wipe 20 hard drives an unlimited number of times. A professional version starts at $199.95 and allows an unlimited number of hard drives to be overwritten an unlimited number of times. Moreover, large companies can take advantage of site licensing. A pricing example is 5 for up to 2,500 computers.

"Everybody who owns a computer puts personal information on it," Elderkin said. "There are few people who don't. And lately, donated computers have turned into a smorgasbord of information for hackers.

"People take their PC with all that information and take it to a thrift store, pawn shop, or some charity. People don't have to hack into someone else's computer. They can just go to the store, get some off the shelf and away they go. They can take their time, thumbing through all the information."

Passwords, he said, are easily recovered through tools used by law enforcement agencies but also available to the public. "Passwords don't protect you," he said. "Those are easily broken. And 98 percent of people are not computer-savvy enough to use encryption."

WipeDrive also is handy for people hit by a bad virus that has infected lots of the hard drive. WipeDrive can be used before reinstalling the operating system.

"That way, you know there's nothing on the drive. Just reinstalling Windows over Windows doesn't mean the viruses automatically go away," Elderkin said.

"There's a lot of interesting information out there, and recovery is really easy. But it's very straightforward to use WipeDrive. Just put it in and follow the prompts. And it's unique because it does what it says, and people have taken to it because of that."

The MIT study stressed that without a cryptographic file system, "confidential information is readily accessible when owners improperly retire their disk drives." It cited several examples of information pulled from no-longer-needed computers.

Options other than overwriting data are limited and trouble-ridden, the study showed. Physically destroying the drive was one option, as was degaussing, but both typically rendered the drive unusable.

The 158 hard drives the grad students obtained contained, among other things, company memos about personnel issues, a letter to a doctor, love letters and pornography. The hard drive also contained a few thousand credit card numbers and e-mails. One drive contained 3,722 numbers, and another was crammed with nearly 9,500 e-mails.

"With several months of work and relatively little financial expenditure, we were able to retrieve thousands of credit card numbers and extraordinarily personal information on many individuals," the study concluded. "We believe that the lack of media reports about this problem is simply because, at this point, few people are looking to repurposed hard drives for confidential material. If sanitization practices are not significantly improved, it's only a matter of time before the confidential information on repurposed hard drives is exploited by individuals and organizations that would do us harm."

Clean Your Hard Drive With Secureclean

WhiteCanyon's SecureClean, meanwhile, lets the user scan hard drives for traces of previously deleted personal data and permanently overwrites unwanted files, including online banking records, credit card information and e-mail messages creeping around in temporary files, recycle bins, Internet cache and cookies. An added benefit is reclaimed disk space.

SecureClean also can scan systems for Internet histories. Those histories and previously deleted files are "hidden" by Windows, Elderkin said.

SecureClean costs $39.95 for a single user. Site licensing costs $3,995 for up to 1,000 computers.

"SecureClean will help if a person has had a file with a virus," Elderkin said. "If they've deleted a file, it makes sure the virus is gone and unable to affect the others."

A free downloadable scanner can sift through computer innards and, according to Elderkin, "show the user the information that's sitting around in their system." Viruses can read protected registry areas and get logins, ID passwords and URLs "and there goes your bank account," he said. "The scanner will help you see all that, the deleted files that can be recovered, all your Internet histories, cookies and adware.

"Any information shown by that scanner can be retrieved by any virus program out there" anything that's personal is the icing on the cake (for hackers)."

SecureClean distinguishes itself from competitors by proving that the cleaning worked, he said. After SecureClean does its work, the user can use the scanner again to ensure that the sanitizing did the job.

"Most programs say it's been cleaned and everything's fine, but you're left wondering if it did. There might be a box that says it is at the end, but our product allows you to scan again and see if it worked," Elderkin said.

The Internet-history check also can be useful to parents to ensure that their children aren't venturing off into parts of the Internet they should be avoiding. Elderkin said some savvy kids can delete parts of Internet histories, "but even if they've emptied the cache files, you can find those deleted files."

People will have to re-input information, such as passwords, when they use those bank account or other files again, but Elderkin emphasized that that's a small price to pay.

"If they are that lazy, I say, 'OK,' but don't be complaining when $500 shows up on your credit card account. Don't just close your eyes and hope it will go away. Putting in your password is not that hard to do."

Privately held WhiteCanyon works from an install base of more than 100,000 unique users. Gross sales have reached the $1.20 million mark.

Elderkin, with a background in computer forensics, formerly was vice president of business development for AccessData, an Orem company specializing in computer crime investigation software. Government entities, including some in foreign countries, and law enforcement agencies are among the top customers.

In addition to being available at , WipeDrive and SecureClean can be found at Best Buy®, CompUSA®, Office Depot®, Fry's Electronics, and Micro Center®.

Elderkin said WhiteCanyon eventually will produce an administrative product for SecureClean, allowing company computers to run the software invisibly "to be sure document resurrection does not occur."

In the meantime, its products will serve as a second line of defense, after firewalls.

"The thing to remember," Elderkin said, "is that a virus or Trojan can't steal anything that's not there."


data erasure, privacy protection, identity theft

1064 S. North County Blvd, Suite 330
Pleasant Grove, UT 84062 USA