数据残留(Data Remanence)是指即使在安全地从硬盘或笔式驱动器中擦除数据后仍留下的(磁化)数据的残余。有时,即使格式化磁盘也不会删除整个数据,并且会留下足够的字符来重建该磁盘上的数据。当然,试图访问已删除数据的人会使用特殊的软件和硬件。在这篇文章中,我们将了解什么是数据(Data)剩磁以及如何消除它。
什么是数据剩磁
当使用上下文菜单中的删除命令(Delete command in the context menu)简单地删除数据时,它只是从文件分配表中删除已删除文件的地址。此类数据可以使用不同的数据恢复软件进行恢复(data recovery software)。这就是为什么人们希望使用专门设计的安全删除软件安全(secure delete software)地删除所有数据的原因。
这些用于恢复数据的软件在已删除的文件上写入随机数据。但是,这些软件以及格式化磁盘总是会留下一些数据。这些数据位可以被恢复并且信息可以被重建。这就是为什么我们需要特殊的软件来从任何类型的磁存储中彻底擦除已删除的数据。
在某些情况下,硬盘驱动器磁头的大小是不同的。所以有可能当磁存储被删除时,它仍然可以使用不同的磁头大小来恢复。这里的“磁头”一词是指硬盘驱动器和磁带中存在的读/写磁头。
为了安全地擦除数据以使其无法重建,我们将在下面的部分中讨论一些可用的工具。目前,重要的是要知道不能从任何存储中完全删除数据。因此人们使用覆盖作为解决方案,使残留数据无法恢复。
如何彻底删除残留数据?
术语“残余”是指删除大块(存储设备上的数据)后留下的任何(磁性)。有几种消除数据残留的好方法:
- 安全擦除硬盘命令
- 消磁
- 媒体销毁。
请(Please)注意,有些程序(例如CCleaner)会谈论安全擦除您的数据。他们确实尝试通过覆盖要删除的文件来擦除数据。也就是说,他们在要删除的存储部分上一遍又一遍地写入1和0,从而使恢复变得困难。这并没有完全删除数据,残留物仍然存在。
如果这些硬盘驱动器和磁带被扔掉或交给其他人,那么获得“清洁”驱动器或磁带的人很可能仍然能够恢复这些位以重建试图重建的数据。被清洁。
1]消除数据残留 - 安全硬盘命令(Eliminate Data Remanence – Secure HDD Commands)
Secure Erase是一组命令行命令,作用于固件,因此无法直接与要删除的硬盘驱动器通信。(Hard Disk Drive)它们可以与第三方软件一起使用,以便执行命令。有第三方HDD Erase工具可以运行这些命令来安全地擦除数据。DBAN(Darik's Boot and Nuke)就是这种工具的一个例子。
Secure Erase数据删除方法是通过将 0 或 1 写入要擦除的整个驱动器来实现的。您已经知道计算机使用二进制语言,其字符为 0 或 1。
如前所述,Secure Erase的数据销毁命令不能直接作用于硬盘驱动器(Hard Disk Drive),即使您使用提升的命令提示符(elevated Command Prompt)发出它们也是如此。您必须使用可以让您修改固件或已经内置工具向固件发出命令的解决方案。
请(Please)注意,安全擦除 HDD 命令(Secure Erase HDD Commands)可能不适用于SSD(SSDs)。如果您必须删除SSD,则必须对其消磁或物理销毁整个SSD。
安全擦除命令(Secure Erase Commands)的另一个问题是它们不能部分删除硬盘驱动器。它们仅在整个硬盘驱动器要在扔掉之前或在将HDD交给某人/慈善机构/学校等之前进行消毒时使用。
要清理硬盘驱动器的某些部分,例如文件和文件夹,您可以下载(download)并使用Eraser。它能够消除回忆
2] 对 HDD 进行消毒:消磁(Degaussing)方法
术语“消磁”是指从磁存储驱动器(硬盘驱动器和磁带)中去除磁场。当您对磁盘驱动器进行消磁时,您只需移除标记的磁道和扇区,从而使磁盘无法运行。它消除了保存数据的基本磁性。没有它,数据是不可读的,因为文件分配表不知道如何访问仍然存储在驱动器上的任何数据。而且由于它会破坏磁板,因此无法再次使用。
3]物理介质销毁(Media Destruction)以消除数据残留
如果驱动器上的个人数据过多或存在安全问题,推荐的方法是物理销毁磁盘。用锤子之类的东西打开箱子。然后敲击磁性板,将它们从紧凑的外壳中取出。一旦暴露,硬盘(HDD)的每个盘子都可以被移除和烧毁。请勿在未卸下外壳的情况下将HDD(HDDs)投入火中。它们可能会爆炸。
以上解释了什么是数据剩磁以及如何消除它。我相信可能有更多的方法可以摧毁这些残余物。如果您知道我没有涵盖的一个,请在下面的评论中与我们分享。
What is Data Remanence? How do you eliminate or overwrite it?
Data Remanence refers to the remnants of (magnetized) data that are left even after safely wiping data from your hard disks or pen drives. Sometimes, even formatting a disk does not remove entire data and leaves behind enough characters to rebuild the data on that disk. Of course, a person attempting to access deleted data uses special software and hardware. In this post, we’ll see what is Data remanence and how to eliminate it.
What is Data Remanence
When data is simply deleted using the Delete command in the context menu, it simply removes the address of the deleted file from the file allocation table. Such data can be recovered using different data recovery software. That’s why people want to erase all data securely using specially designed secure delete software.
These software for recovering data write random data over the deleted files. However, these software as well as formatting a disk always leave some data behind. These bits of data can be recovered and information can be reconstructed. That is why we need special software to completely wipe of deleted data from any type of magnetic storage.
In some cases, the size of hard disk drives’ head is different. So it is possible that when magnetic storage is deleted, it can still be recovered using a different head size. The term ‘head’ here refers to the read/write head present in hard disk drives, and tapes.
To erase data securely so that it cannot be reconstructed, there are some tools available about which we’ll talk in the sections below. For now, it is important to know that data cannot be completely deleted from any storage. So people use overwriting as a solution to make the remnant data irrecoverable.
How to completely delete remnant data?
The term “Remnant” refers to whatever (magnetism) is left after deleting big chunks (of data on storage devices). There are a couple of good methods to eliminate data remanence:
- Secure Erase HDD Commands
- Degaussing
- Media Destruction.
Please note that there are programs such as CCleaner that talk of securely erasing your data. They do try to erase data by overwriting the files to be deleted. That is to say, they write 1’s and 0’s over and over again, on the parts of storage to be deleted so that recovery becomes difficult. That does not completely remove the data and remnants will still be there.
If such hard disk drives and magnetic tapes are thrown away or given to anyone else, there is a good probability that the person who gets the “cleaned” drive or tapes may still be able to recover the bits for reconstructing the data that was attempted to be cleaned.
1] Eliminate Data Remanence – Secure HDD Commands
Secure Erase is a set of command-line commands that act on the firmware and hence won’t be able to communicate directly with the Hard Disk Drive to be deleted. They can be used with third-party software so that the commands are executed. There are third party HDD Erase tools that run these commands to securely erase data. An example of such a tool is DBAN (Darik’s Boot and Nuke).
The Secure Erase data removal method is implemented by writing 0 or 1 to the whole drive be to be wiped. You already know that computers use binary language that has either 0 or 1 as characters.
As said earlier, the data destruction commands of Secure Erase cannot directly act on Hard Disk Drive even if you issue them using elevated Command Prompt. You have to use solutions that either let you modify firmware or have already built-in tools to issue commands to the firmware.
Please note that Secure Erase HDD Commands might not work on SSDs. If you have to delete an SSD, you have to either degauss it or physically destroy the whole SSD.
Another issue with Secure Erase Commands is that they cannot delete hard disk drives in part. They are used only when the whole hard disk drive is to be sanitized before throwing it away or before giving the HDD to someone/charity/schools etc.
To clean parts of hard disk drives such as files and folders, you may download and use Eraser. It is capable of removing reminiscence
2] Sanitizing HDDs: Degaussing method
The term “degaussing” refers to the removal of the magnetic field from magnetic storage drives: hard disk drives and tapes. When you degauss a magnetic disk drive, you simply remove the marked tracks and sectors thereby making the disk inoperable. It removes the basic magnetism which holds data. Without that, data is not readable because the file allocation table with then not know how to access any data still stored on the drive. And since it destroys the magnetic plates, it can’t be used again.
3] Physical Media Destruction to eliminate data remanence
In cases where it is too personal data on the drive or a question of security, the recommended method is to physically destroy the disk. Use something like a hammer to open up the case. Then strike on the magnetic plates to remove them from their compact case. Once exposed, each plate of the HDD can be removed and burned. Do not throw HDDs into a fire without removing their cases. They may explode.
The above explains what is data remanence and how to eliminate it. I am sure there may be more methods to destroy such remnants. If you know of one that I didn’t cover, please share it with us in the comments below.