TL; DR: When people put computer files in the trash bin or erase them from their hard disk drives, they’re still recoverable to computer forensics specialists. Eraser helps Windows users working with sensitive data wipe files completely so they’re unrecoverable. We spoke with Heidi Computers Ltd. Owner Garrett Trant, who currently oversees Eraser support and open-source development, for his insights into how the tool’s usage has changed with the increased popularity of cloud storage, mobile devices, and solid-state drives.
In the age of ubiquitous file sharing, ephemeral messaging tools, and a constant stream of social media status updates, most people don’t give a second thought to securely removing files from their hard drive — or making sure they’re really gone after they’ve been deleted.
But, for government employees, lawyers, and other people working with sensitive data, making sure computer forensics specialists can’t restore residual data from deleted files is crucial. Eraser is a free, open-source tool that allows Windows users to wipe files from certain types of hard drives and overwrites the data with carefully selected patterns.
Finnish developer Sami Tolvanen originally created the utility before eventually turning over the open-source project’s administration to Garrett Trant, a longtime contributor who owns Heidi Computers Ltd.
After taking over maintenance more than a decade ago, Garrett and Joel Low decided to entirely redevelop the program to keep up with evolving security and hardware standards. Many developers have contributed to Eraser over the years, creating various add-ons and improvements. In addition to the user forum, Garrett and Joe continue to update a forensic computer security blog and newsletter for Eraser users.
“That’s the nature of open-source products,” Garrett said. “People come and go. It’s like a relationship; you have to keep feeding it.”
Modern Storage Devices Challenge Eraser’s Legacy
Removing personal information, classified documents, or financial records is not as simple as dragging the file to your Windows machine’s Recycle Bin. Deleted files remain on spinning drives, or hard disk drives (HDDs), until the operating system creates another file on top of it.
Even then, disk maintenance or file recovery tools can usually recover data from the original file. Eraser securely removes sensitive information from HDDs by overwriting the file several times with specific patterns.
More modern storage hardware, however, decreases Eraser’s effectiveness. Although the tool works reliably on HDDs, its effectiveness on solid-state drives is less certain. SSDs use flash memory and integrated circuits to permanently store information in high-speed electric cells.
Because SSDs perpetually rearrange files to optimize storage performance, Eraser has a hard time overwriting all the sensitive data. University of California engineers only achieved between 25% and 96% success rates when trying to overwrite and delete files on SSDs.
“That process was fine in the 1990s, but in 2018, people are doing everything in their browser, sharing files in things like Dropbox, and that kind of thing,” Garrett said. “It’s becoming more difficult for people to destroy a file or remove something from the internet. In the modern age, it’s not just about wiping a file or disk; it’s about the whole footprint somebody has on the internet.”
Customers’ Shifting Views on Privacy
Beyond Eraser’s technical limitations with hardware, Garrett said he has seen a cultural shift in how computer users approach online security.
“The majority of people right now seem to be less aware of privacy,” he said. “They seem to have given up in a lot of places. They seem to accept that everything is out there on Facebook. They’re not as keen to wipe their disks or destroy data before giving laptops away.”
A decade ago, he said people would put a lot of effort into shredding disks — frequently even physically chopping disks into pieces before disposing of them. Now, however, Garrett said Eraser is more likely to receive inquiries from datacenters, businesses, and government organizations rather than regular, individual users.
The reliance on cloud storage and social media for sharing and archiving information, files, and photos means many people have become more accustomed to keeping data where it’s outside of their control, according to Garrett.
“I think every generation, as they come along, has a different perspective on privacy,” he said. “In the 1990s, people had modems and everything was on their PC. Now, as time progresses, there’s more on the internet. People tend to be more accepting of these things being out there or everyone else looking at them.”
Eraser Continues to Reach a Growing Pool of Core Users
With the changing technologies and perceptions, Garrett told us he is quick to share the limitations of Eraser with potential users.
“The product’s job is to destroy something on a hard drive,” he said. “We tell people that if they want to share their file all over the place, Eraser is not the product you need.”
That means people who use Eraser tend to be very educated about why they’re using the program — for example, he said, lawyers want to keep privileged information confidential, and companies want to make sure competitors don’t gain access to trade secrets.
“The people using Eraser keep something on a machine. When they’re finished with it, they want to erase it so there’s no comeback,” Garrett said. “They want Eraser for a very specific purpose, and they clearly understand what it’s for and why they’re using it.”
Despite the hardware trends and general apathy for online security, he envisions the pool of Eraser users becoming more informed and engaged. Instead of reaching out for support, Garrett said users have become more educated about how to interact with and develop on top of the platform.
They’re more likely to get information about Eraser through resources such as forensic classes in computer science programs rather than web searches, he said. It’s these types of people who encourage Garrett and contributors to maintain the legacy of the product.
“Over the years, we’ve gotten letters from journalists in dangerous conditions using Eraser to destroy contacts,” he said. “When the product is being used for these kinds of things, you know it has a purpose. There is a responsibility to keep it going.”