Secure Delete Methods
Inferno is used to securely delete files using several different methods. These methods range from simply overwriting with random data and deleting the file to using complex algorithms to remove all trace of a file from the system. Inferno can only delete the files fed to it; it can not remove related files, temporary files, or follow shortcuts.
The user can select any of the following methods in the Inferno settings:
-
Pseudorandom data
The fastest and weakest method used just overwrites the file once with random characters and then deletes it. While this is sufficient to avoid the file being recovered during a casual scan, it is not recommended for secret or classified information.
-
U.S. DoD 5220.22-M /E
This method was taken directly from the National Industrial Security Program Operating Manual (NISPOM) of the United States Department of Defense (DoD). Methos “overwrites all addressable locations with a character, its complement, then a random character.” This is accomplished in Inferno by using a specially generated array of a character to fill a file. The complement of that character is then determined by converting the character to an eight-bit string and reversing the binary equivalent. A random character is then used to overwrite it in the same manner as the pseudorandom data method, and the file is then deleted as usual.
-
U.S. DoD 5220.22-M /E, C, and E
This method is almost the same as the one above, except that after the file has been overwritten, the file is overwritten with random data in a method similar to the pseudorandom data method. /E is then repeated, (a total of 7 passes) and the file is deleted. For more information on this method, see the DoD 5220.22-M paper.
-
Gutmann delete
This is the strongest and most secure method used by Inferno. It utilizes a complex pattern written by Dr. Peter Gutmann in his paper, “Secure Deletion of Data from Magnetic and Solid-State Memory.” This method was developed to make software-based recovery impossible, and also to defeat most hardware-based recovery systems. It uses a combination of preset and randomly generated data arrays to overwrite the data 35 times, thus ensuring that the overwritten data is destroyed. Each pass is designed to target either the RLL or MFM HDD encoding methods.
The security of all the delete methods can be enhanced by renaming the file prior to deleting it with a randomly generated file name. This ensures that someone who is looking for a file by name (e.g. ‘Private.txt’) will not find it because it will have a random name such as ‘Q8hI98gL’or any other string of nonsense characters. Inferno will rename all files before deleting them.