When you delete a file it's actually not really deleted. It sits there waiting to be discovered by an attacker with the right know how. Think about that and the implications it has. In this post I'll teach you how to securely wipe all traces of your data.
The methods we'll be using were used by Hillary Clinton's team to wipe her email servers so well that "not even God can read them...". If you are curious about why files aren't really deleted check out my post link in my comment section(posted shortly) and of course if you have any questions or comments let me know. Let's get started.
For this we're going to use the open source software BleachBit. These techniques work for both Windows and Linux.
Download the file here and install using default options
Linux(Kali & Mint tested)
Go to the terminal and type the following:
- sudo apt-get update
- sudo apt-get install bleachbit
You've now installed it. You can also download it directly from here choosing the Linux version you have and typing the following in the terminal:
- sudo apt-get install gdebi
- sudo gdebi ~/Downloads/bleachbit_2.2_all_debian9.deb (or whatever the file you downloaded is called)
Keep in mind there are multiple modes of using the program in Linux. One as root and one without. You can also use it to wipe individual files. For best security run both(non-root & root) one after the other. To access it go to start menu(or hit windows key) and type bleachbit and click the icon or you can run it directly from terminal by typing:
- bleachbit (to run as non-root)
OR sudo blleachbit (to run as root)
Wipig Files Using Bleachbit(Windows/Linux)
Using BleachBit is extremly simple. My method is to select literally everything but Firefox Password(or w/e browser you use passwords)as you should store these securely with a strong password and don't want to wipe them(you can secure them by choosing Master Password in browser settings)
You should now see something similar to this. Click Clean and it will start the process
Once it's done with the non-root use the root one(this applies to Linux
Next if you want to delete specific files/folders or wipe empty disk space(to address files that were "deleted" in the past but not wiped) simply click on File in the top menu and choose the relevant option. Also in Windows you can right-click a file and choose to shred it.
That's it! Now you know how to securely wipe your dta. Outsiide of using bleachbit you can always use the shred command to wipe files in Linux. Just go to a terminal and type: * shred -zvu filenamehere
If you need to wipe an entire disk(literally everything on it) you can download DBAN. It uses military grade techniques to do so.
I hope yyou enjoyed this tutorial. We're just getting started and in future tutorials I'll show you how forensic professionals recover data that is not wiped and how to make a forensic backup just to name a few things. We ave about 4 morre posts in the PersSec series and then we'll dive deep into many interesting practical topics
Please leave any comments or questions and don't forget t upvote and follow to keep these coming. And as always use your skills for good.