Be careful if you want to sell or dispose of PCs, computers or hard drives. Because if you don’t know what you are doing, you are putting your personal data in the wrong hands.
If the computer is sold or disposed of, one thing is important – you must do everything you can to ensure that no more personal information is dormant in the depths of the system, especially if it contains information from third parties such as family members or business associates.
Data that is deleted via the recycle bin on the computer usually disappears from the scene only superficially. But they are still on the hard drive. Because emptying the recycle bin only removes the references to the data in the table of contents of the hard disk, the Federal Office for Information Security (BSI) warns. The data would be released to be overwritten, but this can never happen.
The first thing to check is whether the computer’s hard drive is encrypted or not, advises Patrick Bellmer of the specialized portal “Heise Online”. If so, as is the case with modern Apple Macs, you just need to delete the user account. You do this as a reset on the smartphone. The personal data is still there, “but encrypted so that no one can access it”.
Chips provide security and convenience
In Apple products, the encryption is done by the T2 security chip and is usually integrated in all newer models. The user can even block the starting process, for example in the event of theft.
In addition, there are also free tools that overwrite the disk with “nonsense data”, Bellmer explains. These are tools such as “Disk Wipe”, “HD Shredder” or the “DiskPart” integrated into Windows computers, a command line utility for partitioning the hard drive.
“Disk Wipe” does what its name promises: it completely removes data from the hard disk so that even professionals cannot recover it. The tool can also be used to clean USB sticks or SD memory cards and other mobile devices, “Heise Online” reports.
Ran to the system partition
However, the tools described cannot delete the system partitions where the operating system resides. If the computer is sold or thrown away, it may be a good idea to throw it away as well.
To do this, the computer must be started with a so-called live system or with a data shredder that can start the system itself. The operating system with which the computer starts up is not on the hard disk, but on a USB stick or DVD. Darik’s Boot and Nuke (DBAN) is one such program.
While this method permanently “flattens” a classic hard drive with magnetic disks, the so-called hard disk drive (HDD), a different approach is required for modern solid disk drives (SSD) that work with memory chips. Here the Secure Erase command for secure delete should be run through the SSD manufacturer’s SSD management utility. As an alternative, the BSI recommends the program “Parted Magic”, which can also be used to recover data.
Smartphones are usually encrypted
Cleaning up smartphones, on the other hand, is very easy, says Patrick Bellmer. “The data is stored in encrypted form on all devices from the past four or five years. Without a user account, no one can access it.” This applies in any case since iPhones from iOS 8 and Google’s mobile operating system Android from version 6. Since Android 10, Google has also asked manufacturers to actually activate the encryption option with the factory settings.
Data overwrite tools are also available for smartphones. But resetting the device to factory settings is usually enough, Bellmer says. One thing shouldn’t be forgotten though – it’s essential to remove the SD card if you have one before selling or disposing of it.