Here is the first post when i will be discussing about something for which i originally thought about blogging. Every thing has brighter and darker sides and this topic is no different. The dark side of good things is hardly known but they are sometimes an eye-opener.
This post is about your filesystem and how the files are stored and deleted on the physical disk. A majority of people think that if you want to delete a file from your system shift + delete is all you need to do. Or at max, if you would format the drive, all the data is gone permanently and for-ever. But here i would like to tell you that you couldn't be more wrong if you think so. I have personally recovered deleted files as well as partitions using Free tools.
Surprised? Don't be. Because when a file is deleted, the operating system deletes the pointers to the file and in the FAT or MFT the space occupied by the file is mark as available. The computer does not delete the actual data that was contained in the file. Same goes for a deleted partition. The pointer to the start of the partition table is deleted and not the whole file structure.
From next time if you delete a file/partition by any chance, google for "file recovery software" and you should find quite a few tools to recover the file for you. If you are using Linux, they would all be free. For windows you will get trial versions who recover files but have some constraints.
Now coming to the dark side of it.
A hacker can read your data if he gets access to your hard disk and What should someone do if he really wants get rid of file(s) from the system permanently because he want to hide his activities?
There are 2 ways to do it if the files are limited.
a) Use file shredding software.
b) If the file is simple text/word/readable file, open the file, make it a blank file, save it and then delete it.(not completely safe)
But what if the number of files being deleted is large? Or you dont know what all have you deleted in past but now you have to mask it. This process is actually called Wiping Free disk space. There are tools available to achieve it. But as i always prefer to avoid searching and installing tools, here are the simple ways to do it on your own.
For Windows, the best way to achieve it is that once you are done deleting all the files, make a folder and add some random files to it untill the file system drive is full with no space remaining.(You can add multiple copies of the some movie inside the folder to fill up the disk fast). In this way, the bits of the memory locations of the whole drive would change, thus making the file impossible to recover. Once it is done, Delete the folder and the task is done.
You can also defragment the disk. As it involves moving of data from one place to another, it would pretty much over-write any un-used space.
For linux, It could be done by simply typing the following commands at the terminal.
dd if=/dev/zero of=zero.small.file bs=1024 count=102400 cat /dev/zero > zero.file rm zero.small.file rm zero.file
So next time don't fret if you have Shift+deleted some important file by mistake or have truncated a partition. Also, if you are into something dirty or plan to sell/hand-over your old machine/hard-disk containing personal and important data to some other person, don't think that your system format would take care of all your past.
Happy Hacking.
No comments:
Post a Comment