A recent study found that most people aren’t taking the time to properly wipe data off their hard drives before they resell them. The researchers bought 200 used hard drives and found that a whopping 59% of the drives still had data that was accessible, including “employment and payroll records, family and holiday photos (along with intimate photos and sexualized content), business documents, visa applications, lists of passwords, passport and driver’s license scans, tax documents, bank statements, and lists of students attending senior high schools.”
While this study was rather limited, I have no doubt that people are not properly scrubbing data from the devices they trade in, recycle, resell, or throw away. This not only includes old computers, but also smartphones and tablets.
Do I Really Need to Do This?
If you have a modern smartphone or tablet, you may be off the hook. These devices don’t have old-style hard drives like one pictured above – they have solid state drives, or SSD’s. Instead of spinning magnetic disks, SSD’s store your data in computer chips. This actually makes them really hard to properly erase. Under the covers, the digital circuitry moves your data around all the time, trying to evenly use the memory segments on the chips (because they eventually wear out). That means there could be extra copies of your data all over the chip.
However, modern SSD-based devices also tend to be encrypted. Recent iPhones and Android phones have this turned on by default (like within the last few years). And if the drive is encrypted, and the password/passphrase isn’t known, then the contents are completely scrambled and useless to anyone else.
With laptops, drive encryption is not guaranteed, however. You will have to check to see if you have full drive encryption enabled. All recent Apple Mac computers come with FileVault, though it’s not on by default. If you have a Windows 10 computer that is set up with a Microsoft Account, then basic drive encryption will be on by default. See this Microsoft article for details.
Okay, How Do I Wipe Data Clean?
If you have a computer with an old-style hard drive, and you did not turn on full disk encryption (as discussed above), then you definitely need to make sure you erase your hard drive properly before you sell, recycle, donate, or even throw out your computer.
Honestly, the first thing I would do is enable full-disk encryption, if you can. This scrambles the contents of your drive in a way that only you can descramble.
For a Mac, there are several account-oriented tasks you should complete before getting rid of your computer. See this helpful article from Apple. This is also true for iPhones and iPads. Check this article for resetting an Android phone.
If you’re going to sell or donate the computer, you should probably clear out all your files and reinstall the operating system. Basically, return your computer to factory-fresh condition. For a Mac, see this article from Apple; for Windows, see this one from Microsoft.
If you’re going to recycle or otherwise trash your computer, you might check out a cool open-source tool called DBAN (aka, Darik’s Boot and Nuke). You install the tool on a USB thumb drive and set your computer to boot from this drive. It will then totally erase (“nuke”) the computer’s drive. At this point, the computer will be completely unusable.
Finally, if you want to have some fun and relieve some stress, you can physically destroy the hard drive. You might hear of people stroking with powerful magnets, soaking in acid or even throwing the drive in an incinerator… but those are bad ideas. All you need to do is destroy the platters physically. Driving a few 6″ nails through the drive will do the trick. Or you can open up the drive and hit the platters with a hammer. (Wear eye protection.)
Need practical security tips?
Sign up to receive Carey's favorite security tips + the first chapter of his book, Firewalls Don't Stop Dragons.
Don't get caught with your drawbridge down!