Concerned about identity theft? Selling or recycling an old computer? Corporate investigations manager Brandon Gregg explains three tools for making sure your data is really deleted.
By Brandon Gregg
CSO|
Anti-forensic tools and tricks aren't just for hackers and bad guys trying to cover their tracks. In a world full of online privacy concerns and rising identify theft, there are easy-to-use programs that completely erase data from even the most prying eyes.
Although many people know how to occasionally clear out their internet history or uninstall a program, these 'deleted' files are still easily accessible with 'data carving' tools that bring even partial information back to life. Using the following three free programs you can securely remove data from your computer and prevent it from returning from the grave to haunt you.
Also see Gregg's Tools to Identify Anonymous Users Online
With over 350 million downloads, CCleaner is your first stop for quickly cleaning out many of those hard-to-reach files. From temporary files, Internet history, cookies, download history, auto complete forms and index.dat files in five major browsers to cleaning out the recycle bin, recent documents, windows log files, old registry entries and many more third party files, this program is a great one stop shop.
After downloading the freeware program, go straight to the settings tab and turn on "Run CCleaner when the computer starts". Next select Secure file deletion and choose the Simple Overwrite option which writes random data over your deleted files one time. This option is sufficient for erasing your data from professional forensic recovery software such as Encase and FTK, but if your paranoia needs to be squelched you can increase the number of times CCleaner writes on top of your deleted data to 3 passes [DOD 52202.22-M], 7 passes [NSA] or 35 passes [Gutmann]. Once this is set up, run the program to clean out your system. You may even notice an increase in computer speed and extra drive space. Going forward your system will clean itself of the aforementioned files during Windows startup.
The second piece of software is for strictly wiping your "empty" drive space. Although CCleaner has this option [and you are already using part of it on the selected files above], you have to remember to manually run the program after every document, photo or file you delete. With the open source program Eraser, you can have instant or scheduled erase of individual files, folders and drives. Simply install Eraser on your computer and select Preferences to turn the scheduler on at Windows startup. Next, go to the Scheduler tab and select New Task to pick your drive locations, level of passes on the deleted data and erasing schedule.
Once complete, Eraser will run over your empty drive space and clear it out as often as you would like. Better yet, file deletion can be set for instant with any Windows files by simply right clicking the file[s] or folder for additional properties. On your menu you can now select Erase to permanently delete your individual file for good.
The last program's name sums up what the program does: Darik's Boot and Nuke.
NOTE: Please do not use Boot and Nuke you aren't knowledgeable about computers; you can turn your computer into a brick. You have been warned!
For a quick and complete erase of all hard drives in your computer, download Boot and Nuke, burn it to a CD and restart your computer. Boot and Nuke will then securely erase any hard drive it detects, including your operating system. This is best to use before selling a computer or throwing away an old hard drive. However, many hackers leave a copy in their CD-Rom bay at all times with their power off button connected to rebooting, such that anyone who attempts to play with the computer will trigger the program.
Don't forget that the erasing programs above are only good if you use them on a consistent basis and on all your storage media [hard drives, external drives, thumb drives, media cards, etc]. Taking these precautions today will secure your privacy for the future.
With so much access to technology, our world is more fast-paced and data-heavy than ever before. Tools like CCTV, security cameras, and personal phone recordings are used every day by law enforcement and civilians alike as a means of prevention, protection, and [potentially] evidence.
This surplus of digital evidence is a double-edged sword. While it can answer a lot of questions and provide a lot of information in digital investigations, the volume of data can slow down an investigation and present issues of privacy.
In this blog, we’ll look into the nature of digital forensics and how privacy can be better protected moving forward.
What is digital forensics?
A branch of forensic science, digital forensics [once called computer forensics] focuses on the recovery and investigation of data or evidence found in digital devices. It involves the combination of computer science, network forensics, and the overall process of identifying, analyzing, preserving, and documenting digital evidence in a manner that is presentable in a court of law.
The steps of digital forensics
For digital evidence to be accepted in court, it has to be handled and prepared in a specific way in order to maintain confidentiality, privacy, and chain of custody demands.
- Identify where the evidence is from and where it is stored
- Preserve, secure, and isolate the evidence to prevent tampering
- Analyze the data and form conclusions as to how this acts as evidence in the case
- Prepare the evidence for presentation or potential Freedom of Information Act [FOIA] requests
- Document each step made in this preparation to protect the validity of the evidence
As noted in step four, it’s crucial to prepare the digital evidence for FOIA requests and for court, and one of the most important aspects to consider within this step is the privacy and personally identifiable information [PII] of the individuals in or mentioned in this data.
How to protect privacy during a digital investigation
One of the best ways to protect PII and privacy in audio-, video-, and text-based evidence is to redact that information from the digital forensics records being presented or shared with the public.
Improperly redacted evidence can corrupt or damage a case, and potentially be considered inadmissible in court. In our blog, “How Does AI Protect Privacy With Redaction Technology,” we discuss:
- What PII is
- What sort of PII should be redacted
- The pain points of redacting PII
- And how the right tools can provide a more accurate and streamlined redaction process
What technologies can bolster privacy in digital forensics?
As we step into an age of prioritizing privacy within digital forensics, it’s important that law enforcement agencies and legal practices have access to the right tools and solutions, especially tools that incorporate AI.
As part of Veritone’s mission to create the most ethical and top-of-the-line AI solutions, we’ve partnered with Exterro, the preferred provider of Legal GRC [Government, Risk Management & Compliance] software designed specifically for in-house legal, privacy, and IT teams.
This strategic partnership enables Exterro’s platform workflow to integrate with Veritone Redact, an aiWARE-powered automated redaction application for audio and video. With the click of a button, Exterro users can send audio and video files to Veritone Redact for the fast, automated redaction of PII, and, in turn, expedite the release of requests [such as public records requests, court orders, government requests, etc.] and increase transparency.
After the files have been redacted, the Exterro user can ingest those files back into the Exterro platform with full chain of custody information to complete their workflow of e-discovery, privacy, and digital forensics. Veritone Redact also enables users to determine and take control of what sensitive imagery needs to be redacted and provides logs for the entire process to adhere to chain of custody requirements.
By offering Veritone Redact within the platform, there’s no longer a need to use third-party solutions outside of Exterro, and Exterro users can experience a greater capability to keep up with large volumes of audio and video evidence within a seamless workflow.
According to Exterro’s Vice President of Channels, David Petty, “Legal teams and forensic investigators employ Exterro software to defensibly get to the facts of every matter or crime more quickly and inexpensively. Integrating Veritone Redact to our software solution will provide our customers with a much more comprehensive solution for dealing with multimedia data types and enable redaction as needed to meet regulatory requirements.”
By removing the need for manual redacting, Veritone Redact and Exterro users can not only streamline the PII redaction process but continue this process with greater confidence that all sensitive information is protected.