1
00:00:01,160 --> 00:00:07,150
So far as we are going through the course we interacted with the file system quite often.

2
00:00:07,160 --> 00:00:13,730
We also learned how to download and upload files how to share files securely with friends and contacts

3
00:00:14,240 --> 00:00:20,290
how to remove metadata that can be used to anonymize us or get information about us.

4
00:00:20,780 --> 00:00:27,440
So before moving to the next section I think there is still one missing piece which is how to properly

5
00:00:27,440 --> 00:00:31,030
delete files and wipe storage media.

6
00:00:31,400 --> 00:00:38,360
Now in general and operating systems when you right click a file and deleted or even if you shift deleted

7
00:00:38,480 --> 00:00:45,250
and empty your recycle bin or your trash the file doesn't actually get deleted.

8
00:00:45,290 --> 00:00:52,460
What happens is the operating system marks the file or marks this piece that the file was occupying

9
00:00:52,760 --> 00:01:01,850
on the storage device as available so the data of that file will still exist on your storage device.

10
00:01:01,850 --> 00:01:06,580
Until that space is overwritten with other data.

11
00:01:06,580 --> 00:01:13,650
That's why we see so many tools that are very easy to use that you can use to recover deleted files.

12
00:01:13,670 --> 00:01:19,220
Now these are very simple tools that you can download from the Internet for free so you can only imagine

13
00:01:19,310 --> 00:01:26,980
what a resourceful adversary can do so because deleting a file doesn't actually delete the content of

14
00:01:26,980 --> 00:01:31,360
it or its data unless it's overwritten with other data.

15
00:01:31,370 --> 00:01:38,720
There are tools that randomly fill up that piece of that file with random data so that it's more difficult

16
00:01:38,720 --> 00:01:40,630
to recover that file.

17
00:01:40,940 --> 00:01:45,830
Now tells comes with such tools pre installed as you'd expect.

18
00:01:45,830 --> 00:01:51,430
So if we go through our file manager and go through the file that we want to delete.

19
00:01:51,480 --> 00:01:58,710
So in my case it's in files and it's this image right here.

20
00:01:58,880 --> 00:02:04,820
Now I can right click the image and just click on move to thrush which will literally just move a toothbrush

21
00:02:04,820 --> 00:02:07,320
similar to any other operating system.

22
00:02:07,370 --> 00:02:10,280
And then I'd have to go to the trash right click and empty.

23
00:02:10,490 --> 00:02:16,910
And like I said this will still not delete the content of this image or the data of this image from

24
00:02:16,910 --> 00:02:18,730
my storage.

25
00:02:18,860 --> 00:02:26,390
The better option to go to if you want to security remove this file is to click on wipe right here.

26
00:02:26,390 --> 00:02:33,110
Now if you click on that and expand the options in here you'll see that it will ask you for the number

27
00:02:33,110 --> 00:02:41,870
of passes of random data that will be executed to override the location that contains the data of this

28
00:02:41,900 --> 00:02:43,070
image.

29
00:02:43,070 --> 00:02:48,240
So by default this is set to two which should be good enough for most hard disks.

30
00:02:48,290 --> 00:02:54,800
You can set it to 38 for all ones or one which is not very secure which will only protect you from the

31
00:02:54,800 --> 00:02:58,920
very simple software that you can download on the Internet.

32
00:02:58,940 --> 00:03:07,400
Now this method will work on hard drives but it won't work on U.S. beef steaks or solid state drives.

33
00:03:07,400 --> 00:03:12,650
Now if you don't know the difference between hard drives and solid state drives then I highly recommend

34
00:03:12,680 --> 00:03:14,890
you go and do some reading on that.

35
00:03:14,900 --> 00:03:18,330
I will include things in the resources of this lecture.

36
00:03:18,350 --> 00:03:23,210
But basically the way that solid state drives work they don't have sectors.

37
00:03:23,270 --> 00:03:26,130
They use cells in order to store your data.

38
00:03:26,480 --> 00:03:33,980
And even if we use a tool similar to this tool right here in order to override a specific location of

39
00:03:33,980 --> 00:03:41,390
this solid storage device the logic inside this storage device will probably overwrite the request that

40
00:03:41,390 --> 00:03:46,580
we make in order to increase the life of the device.

41
00:03:46,820 --> 00:03:52,820
Therefore you might use this click on wipe and think that it works but it might actually not work as

42
00:03:52,820 --> 00:03:54,040
you would expect it.

43
00:03:54,740 --> 00:04:01,700
So you can only properly rely on this method if you're using a hard drive and not a solid state drive

44
00:04:01,790 --> 00:04:04,190
or a US b device.

45
00:04:04,190 --> 00:04:07,350
Now that's for removing one specific file.

46
00:04:07,370 --> 00:04:14,610
Well what if we wanted to clear all of the free space or all of the available space on the system.

47
00:04:14,630 --> 00:04:20,240
Now this is only relevant if you're using persistence obviously and you might want to do this because

48
00:04:20,240 --> 00:04:25,670
you've deleted a number of files insecure lives so by literally moving them to trash and emptying the

49
00:04:25,670 --> 00:04:32,800
trash and then the contents of these files like I said will still be recoverable from your storage device.

50
00:04:33,140 --> 00:04:38,900
Therefore what you want to do is you want to right click any empty space in your file manager click

51
00:04:38,990 --> 00:04:45,530
on WIP available disk space and you'll get a very similar window to the one that we just got with the

52
00:04:45,530 --> 00:04:46,640
same options.

53
00:04:46,640 --> 00:04:53,480
And once you set the options you click on wipe and still clean and that'll securely clean the available

54
00:04:53,480 --> 00:04:56,930
disk space so it won't delete the files that you have.

55
00:04:57,010 --> 00:05:03,650
It will only clean the available disk space filling it with random data to make sure that it can't be

56
00:05:03,650 --> 00:05:06,410
used to recover the files that you deleted.

57
00:05:06,500 --> 00:05:09,720
So it will only clean the files that you deleted.

58
00:05:09,860 --> 00:05:17,410
It won't affect anything that you already have on your storage device that you did not delete yourself.

59
00:05:17,480 --> 00:05:18,620
Now this is great.

60
00:05:18,620 --> 00:05:26,060
But again it won't work as expected when it comes to solid state devices anti US devices for the same

61
00:05:26,060 --> 00:05:28,590
reason that I mentioned earlier.

62
00:05:28,640 --> 00:05:35,780
Therefore if you're using a solid state device or a USB device and you want to securely delete all of

63
00:05:35,780 --> 00:05:39,250
the data that you have on it then you have two options.

64
00:05:39,320 --> 00:05:45,650
First option is physically destroy that device so you can burn it put it in a microwave do whatever

65
00:05:45,650 --> 00:05:46,910
you want really.

66
00:05:46,910 --> 00:05:54,680
Or the other option is to securely format the device and wipe it and I'm going to show you how to do

67
00:05:54,680 --> 00:05:56,210
that in the next lecture.