Hardwipe is a data sanitization toolset designed to ensure that discarded, but sensitive, information can never be recovered by someone else.
It supports the following sanitization tasks:
The Desktop Edition provides convenient on-demand data sanitization with optional context menus for Windows File Explorer. The Portable Edition, on the other hand, not only provides a USB runnable alternative to software installation, but can easily be combined with Windows PE to create a boot and nuke data sanitization solution with a graphical user interface.
Finally, an additional command line utility, which can easily be automated from the Windows Task Scheduler in order to prevent remnant data accumulation, offers total flexibility for power users.
Right-click Context Menus from Windows Explorer
Hardwipe integrates cleanly with Windows File Explorer, so that right-clicking on file or drive items shows relevant data sanitization commands. See right. This can be disabled from the Options Window if not desired.
Note. File Explorer context menus are available in the Desktop Edition of Hardwipe, but not in the Portable Edition.
All major sanitization schemes in common use throughout government agencies around the world are supported.
Additionally, verification can be performed for any scheme. When selected, an additional read-back pass is performed as part of the wipe process and verifies the values written by the previous overwrite. Any verification errors will be reported in the Report Window and on task completion.
|
Wipe File DataWhen you nominally "delete" a file in Windows, it doesn't get deleted at all, but is simply moved to a recycle bin. Even when you empty the recycler, the file data does not get removed but remains physically on the device. Windows simply forgets about the file, it can easily be recovered using freely available "undelete" utilities. The "Wipe File Data" command in Hardwipe overwrites file items you select for permanent destruction. You can select a combination of files and folders using either right-click menu option from the File Explorer, or from the Hardwipe application itself. When wiping folders, Hardwipe will recurse into sub-folders as necessary in order to overwrite every item. The filenames themselves will also be destroyed by multiple random renaming prior to removal. This feature offers a convenient way to destroy file data on-demand. File items that are hardwiped will be unrecoverable using "undelete" software utilities. |
|
Physical DevicesThis command will overwrite all accessible storage of the physical device, including all partition and volume information. Once hardwiping is complete, it will be necessary to initialize the device before it can be re-formatted and used. Multiple devices can be selected and they will be queued and wiped in sequence. You will not be allowed to select the device on which the OS is hosted (the option will be greyed out). Typically, it may take several hours, or longer, to wipe a very large drive, depending on the chosen sanitization scheme. See Flash Memory Considerations, below, if performing this task with an SSD. Note. This operation is not available as an Explorer context menu. You must run the Hardwipe application to access it. |
|
Logical VolumesWhen hardwiping a logical drive, all accessible storage at the raw volume level will be overwritten, including the volume's file system. However, other volumes (if present) on the device will be left intact. The drive volume will need to be re-formatted once wiping is complete. You will not be allowed to select the volume on which the OS is hosted (the option will be greyed out). Typically, it may take several hours, or longer, to wipe a large drive, depending on the chosen sanitization scheme. See Device Considerations, below, for RAID and flash drives. |
|
Clean Free SpaceThe "Clean Free Space" overwrites all the free space on the drive in order to destroy previously deleted data that, although no longer accessible by the file system, still physically resides on the device. It does not delete existing file data. See Device Considerations, below, for RAID and flash drives. |
|
RecyclersThe "Wipe Recyclers" option will not only empty the selected recycler(s), but will hardwipe the recycler contents before removal. Windows maintains separate recycle bins on each fixed drive volume (not including USB storage devices). Right-clicking on the "Recycle Bin" on your desktop or in File Explorer will allow you hardwipe all recyclers. Alternatively, you can select bins individually by right-clicking on the drive icon in Explorer or from the Hardwipe application. You can also elect to wipe recyclers with either normal user or elevated administrator privileges. If you use administrator privileges, all files in the recycler will be erased, including any files moved their by other users on the system. Wiping the recycler can sometimes be a lengthy process, as large amounts of remnant data can accumulate there over time. |
|
System PagefileThe system pagefile is a hidden file that Windows uses to augment your computer's RAM. This means that memory data may get cached to disk and remain there. It can easily be recovered using commonly available software utilities. The "Clear Pagefile" option causes Windows itself to overwrite the pagefile on shutdown. When engaged, depending on the size of your pagefile, your computer may take considerable longer to shutdown than usual. Two clearing options are available:
The pagefile will be overwritten with zero values only. It is not possible to select a sanitization scheme or perform read-back verification with this task. |
Clicking the "Log" button on the Hardwipe main window will display the results of the most recent task in Log Report window. This lists all files removed and records any issues encountered. See right.
By default, the contents of the Report Window are held in memory only. However, Hardwipe can easily be configured to automatically write the report to a log file. To do this, set the Output Location in the Log Report Tab configuration options.
The followings items are included in the log files:
*Controlled by the "Log User" setting.
Note that disk logging is a premium feature only that requires a "Professional Level" upgrade.
Wiping data at the file system or volume level is not sufficient to ensure sanitization on a mirrored or striped volume. It is recommended that data held on RAID volumes be wiped only at the individual physical device level.
Limited write cycle endurance and associated wear leveling techniques used in flash memory devices present special considerations.
When wiping individual file items, there can be no guarantee that existing data will be fully overwritten at the physical level in solid-state drives (SSDs) and USB flash drives. However, this is not a reason not to do it. Although wiping individual files may not prevent full or partial recovery should the device electronics be subject to forensic analysis, it will usually be sufficient to thwart recovery software reading at the device interface, including "undelete" and disk imaging utilities.
Overwriting the entire accessible storage of a flash device represents a more reliable method of data destruction. It has been found* that a full drive overwrite using a two pass sanitization scheme (or more) can be expected to destroy most of the data on the device, but should not be considered to be universally reliable. However, writable flash memory elements have a limited life in terms of erase cycles (around 3,000 to 5,000 cycles), hence the use of wear leveling techniques in these devices. For this reason, overwriting an entire SSD, or a large proportion of its storage area, should be a task performed only sparingly.
*Source: Michael Wei, Laura Grupp, Frederick E. Spada, and Steven Swanson of the University of California, Reliably Erasing Data from Flash-Based Solid State Drives.
The speed setting allows the disk writing speed to be reduced. Lowering the write speed on lengthy tasks may improve the computer's responsivity if it is being used for other tasks.
During a prolonged wipe task, you may wish to leave your computer unattended and have Hardwipe shutdown it down (or log off) automatically when it has finished. In this case, simply select an auto-shutdown option on the main window at any time before the sanitization command completes. Ensure that you save any work and quit other foreground applications.
In the event the task does not fully succeed, computer shutdown will not occur, so as to give you the opportunity to see that a problem was encountered and review the audit log window.
If you change your mind at any time prior to the job completing, you can simply de-select the shutdown option to prevent shutdown from occurring.
