Erasing Personal Data From A Junked Laptop.
“I am unable to power on my Acer laptop, and the technician says the motherboard is faulty. I am planning to sell it. Will the buyer be able to retrieve my data after changing the motherboard? If so, how do I erase it? Colin”
If you are scrapping an old PC or laptop, you should either remove the hard drive or destroy it to protect your data. People have been known to scavenge hard drives from tips and retrieve sensitive personal, medical and financial information. Selling dead machines for spares or repair is even riskier, and how much would your Acer be worth? I doubt it will fetch enough to make it worth spending the time and probably money needed to erase your data. And, of course, if you don’t do it, you could be at significant financial risk, depending on the information stored on it. Whether or not the buyer replaces the motherboard, they will probably be able to read your hard drive, unless you encrypted it with an unhackable password, which is unlikely. Because your laptop won’t boot, you will have to do what an attacker or repairer would do: remove the hard drive from the laptop. However, if you want to delete your data and reinstall the hard drive, you will need either another PC or a hard disk eraser. If you have a desktop tower with a spare drive bay, you can mount the laptop drive inside, by connecting the power and data cables. If you have another laptop, you can install it in an external hard drive enclosure, then connect it to another PC via a USB port.
Hard Drive Erasers
If you don’t have a PC, you could buy a standalone hard drive eraser, which is much the easiest way to erase hard, drives, and companies that decommission lots of PCs should think about buying one. Unfortunately, it’s not economical to buy one for a single disc. The best-known device, the Drive eRazer Ultra, cost about £250 when available. One cheaper alternative is StarTech’s USB Hard Drive Duplicator and Eraser Dock (£51.91), which I found by searching Amazon. It has two drive slots, so as well as erasing hard drives and SSDs, it can clone them for backup purposes. You can also use it connected to a PC. In theory, you could also use a degaussing machine, which uses powerful magnetic fields to erase all forms of magnetic media – disks and tapes. The Intimus 20000 is a good example, and you could buy one for £35,783.27 or possibly less. Unless you happen to know someone who already has a hard disk degausser, this is probably not an option. Despite what you see in the movies, you can’t erase a modern hard drive using powerful magnets. K&J Magnetics tried and failed. Not even a 3in neodymium magnet costing almost $350 had any effect on the data. (Note: keep strong magnets away from hard drives because they might damage the read/write head and stop the drive from working. Also, remember that neodymium magnets are dangerous.) You could, of course, destroy the hard drive physically, which is what some government departments prefer. You could, for example, wrap the disk in a cloth (to prevent any bits flying out) and drive a couple of six-inch nails through the platters. However, take all the recommended safety precautions.
It’s easy to delete the data on a hard drive in a working PC or in an external USB enclosure. It’s not quite so easy to erase it completely. When you delete files, the operating system doesn’t erase them; it just removes them from its directory. It frees up the sectors for use by other programs, so most of them will be reused eventually. Until that happens, someone with an un-erase programme can locate the data sectors on the hard drive and reconstruct the original file. If you want to delete files, you have to overwrite the data so that it is unrecoverable. It requires multiple over-writes, usually either three or seven. It depends on how much security you need. There’s a wide range of free file and disk erasure programs, including Heidi’s Eraser, FreeRaser, Darik’s Boot And Nuke (better known as DBAN) and Disk Wipe. I’ve suggested Heidi’s Eraser before, and it has some video tutorials.
Saving The OS
Erasing the whole drive is useful, but it also deletes the operating system and hidden recovery partitions. It may not be the most helpful approach if you are selling a PC, though the buyer can easily reinstall Windows 10, if applicable, or an earlier version of Windows if there’s a particular product key on the COA (Certificate of Authenticity) stuck to the case. In many cases, it’s simpler to erase all the files on the drive’s active partition (C:) and then reinstall the operating system. It will remove all the data that various programs have stashed in their directories, which you may not even know. In particular, it will delete any email files that programmes such as Windows Live Mail, eM Client and Thunderbird have stored on your hard drive. If you have any emails that are not backed up, you should rescue them before erasing the hard drive. With Windows Live Mail, copy the whole Windows Live Mail folder at C:\Users\Your_ID\AppData\Local\Microsoft\Windows Live Mail. The emails stored as separate HTML files, so you can find the folder by searching for those. In your case, a three-step approach might give reasonable security without wasting too much time and effort. First, with the drive in an external enclosure, run Piriform’s CCleaner to remove temporary internet files, cache files, log files and other rubbish. Check the root directory (formerly C:) for the hiberfil.sys, pagefile.sys and swapfile.sys data, and if you find them, delete them. Second, run a disk defragmentation program – a defragger such as Auslogic’s Disk Defrag Free – to compact the remaining files. Finally, use a disk eraser to overwrite on the spare hard drive space securely. The big security hole in this approach will be any still-working programs that you have allowed to store passwords. You could change them, but will you remember all the ones that need replacing? If you have a working PC running Windows 8 to 10, you can reset the PC to factory condition. To do this, run the Settings app (the cogwheel), select Update & Security, click Recover in the left-hand menu, then “Reset this PC.” If you are parting with a drive or a PC, you must select “Remove files and clean the drive” to stop files from being recovered. Apparently, this takes longer.
Laptop For Repair
Another reader, Ben, asked about the security of his data when his laptop goes in for repair. The problem is that, unless Windows BitLocker, TrueCrypt or a similar programme encrypt the whole hard drive, someone with physical possession of the hard drive can almost certainly read it. They don’t even have to boot Windows: they can read the drive from a Linux Live CD or USB memory stick. (Windows sets file permissions, but if Windows isn’t loaded, the permissions don’t mean anything.) Of course, you can encrypt sensitive files separately, but not many people do that, and when a problem strikes, it may be too late … Modern SSDs are a bit more secure because they encrypt everything all the time. However, the encryption may be transparent to Windows, so that doesn’t necessarily protect you if someone can run Windows. It should be possible to make a backup and reset the PC before releasing it for repair, then restore your system after you get it back. If you have a better idea, please let me know in the comments below.
Credit: Jack Schofield for The Guardian, 30 November 2017.