Delete your data the proper way with our rigorous methods, from erasing Android phones to physically destroying hard disks
It makes sense to reuse, recycle, give away or sell on fully functional phones and computers when you’ve upgraded to the next model. Unfortunately, unethical chancers can, have and will data-mine second-hand hardware. So, to help protect your privacy, here’s the WIRED guide to securely wiping your data.
Internal storage found in all phones and computers comes in two main flavours: magnetic hard disks write data to spinning platters and usually provide more capacity for your money; solid-state storage is faster and more physically robust as there are no moving parts. Solid-state is ubiquitous in smartphones and tablets and also widely used in desktop and laptop PCs. You’ll also find both inside portable external hard disks.
Deletion isn’t erasure
Regardless of what kind of disk your device has, it’s important to remember that deletion isn’t erasure. Even after you delete a file and empty your trash, all this does is mark the sector of drive it was on as available to be written.
If you delete everything from a hard disk on a phone or PC, write over every sector with junk data, and then delete that, the original deleted data becomes virtually unrecoverable. Multiple cycles of this constitute secure deletion compliant with British and US government guidelines.
How to securely wipe an Android phone
If you haven’t encrypted your Android device, a standard factory reset isn’t enough to ensure that your old files can’t be recovered, particularly if the phone is rooted. Rooting is a process that allows you to get root, or highest level, access to the Android operating system code and is similar to jailbreaking Apple devices. While that might come as a relief if you’ve accidentally wiped your phone without backing up your treasured meme collection, it’s not particularly helpful from a security perspective.
To start with, if you’ve not already done so, encrypt your phone. Most recent Android versions will have done this by default. Go to Security & Location, Advanced, Encryption & credentials to check. If encryption is enabled, then a factory reset will indeed render your data irretrievable.
However, older Android devices, from 2015 and earlier, were susceptible to data-retrieval techniques even after a factory reset had been carried out. If you’ve got one of these, enable encryption, factory reset the phone, and then, for good measure, fill up its storage to ensure – as best you can – that every cell of its solid-state hard disk has been written before wiping it again. This isn’t great for the disk, but security is our priority here.
Some recovery tools, such as Disk Digger Pro, which costs £2.30, have disk wiping features that fill up space occupied by files now marked as deleted, and then erase them.
How to securely wipe an iPhone
iOS is a bit more hardcore by default than Android, in that all your data is strongly encrypted by default, with keys handled by a dedicated hardware Secure Enclave Processor found in Apple’s mobile devices.
How to securely wipe a hard disk
This is where things get a little more hardcore. The easiest way to securely erase a mechanical Windows or Linux system disk is to download a piece of software called Darik’s Boot and Nuke (DBAN). Once this is done, burn the ISO file you just downloaded to a disc or USB stick (to separate it from your hard drive) using a tool such as Rufus or Balena Etcher.
You then need to open the ISO and follow the instruction to start DBAN. Use the J and K keys on your keyboard to page through your available disks and F10 to begin the wiping process.
If you want to securely erase a non-system disk (like an external hard drive or anything that does not contain an operating system), Piriform’s CCleaner or Free and EaseUS’s Partition Master Free both make this easy for Windows users. If you’re running Linux then you can install the secure-remove or scrub tools from most popular Linux repositories.
Users of macOS get the easiest option: you can simply use the erase feature of Apple’s Disk Utility. Select Security Options in the Erase dialogue box and switch from the default Fastest setting, which doesn’t securely erase files, to the third (three-pass) or fourth (seven-pass) security level.
Where possible, it’s always a good idea to unplug any disks that you don’t want to accidentally wipe when carrying out these operations.
How to securely erase an SSD
While traditional hard disks simply overwrite existing data as a matter of course, SSDs can only be written to a limited number of times before they fail, which means that it’s better for drive longevity and future reuse to avoid scribbling garbage all over the disk.
SSDs support a feature called Secure Erase, which uses a voltage spike to wipe the disk’s internal mapping table. The newer and thus slightly less standard Sanitize feature does the same to every single block on the disk.
Most SSD makers supply software to do this, but the tools are only designed to work with that specific manufacturer’s drives – a pain if you have several hard disks from different makers. Operating system support is also often limited to Windows for home users and Windows Server or Linux for data centres.
Note that these must either be installed on a different drive to that which you intend on erasing or booted from a USB disk that the tool will help you create.
You may also find this feature supported in some motherboards’ UEFI settings (basically a settings screen for a motherboard), meaning that you don’t need to download any software at all.
Generic SSD wiping tools are thin on the ground. The easiest option if you need one is to pay $11 for Parted Magic, burn it to a DVD or USB drive, boot it and use Enhanced Erase to wipe your SSD.
However, if you’re comfortable following somewhat detailed instructions, you can boot a live Linux distro that includes the hdparm tool – Ubuntu does – and follow the ATA Secure Erase guide to wipe your SSD from the command line. Feeling lost? It’s simpler than it sounds but do proceed with care.
How to securely destroy any storage medium
Finally, if you’ve used a device to house very sensitive data, then physical destruction is your best option, particularly if you can no longer boot it to use secure deletion tools on it in the first place. The same applies to disks that you can no longer boot, but which may still store sensitive data that could be recovered by other means.
Professional services are available to literally shred hard disks and other devices, but most people can do an entirely comprehensive destruction job at home by putting holes through your storage device with a drill (wear goggles and a mask for this), hitting it repeatedly and cathartically with a hammer or, in the case of smaller items such as SD cards, cutting them into pieces.
All Rights Reserved for K.G Orphanides