Welcome!

By registering with us, you'll be able to discuss, share and exchange private messages with other members of our community.

SignUp Now!

Declined Add /W(ipe) option to several commands

S

Steve Fabian

May
3,515
4
When I delete files with the DEL (ERASE) command, or move them to another volume by the MOVE command, I can use the /W option to have them wiped. I would like this option to be available for all commands which can delete files, e.g., RECYCLE, RMDIR, SYNC. I realize that SYNC already uses /W for a different purpose, so that it would need another option letter.
--
Steve
 
It would be easy (and fun) to write a WIPE plugin (say in 4UTILS) ... any interest?
 
From: vefatica
| It would be easy (and fun) to write a WIPE plugin (say in 4UTILS) ...
| any interest?

I am particularly interested in wiping from the recycle bin. The files to be wiped are the originals saved in the recycle bin when using Outlook Express' "Folder Compact".
Another option (not one I am interested in) would be to "wipe" by overwriting more than 3 times.
--
Steve
 
vefatica said:
It would be easy (and fun) to write a WIPE plugin (say in 4UTILS) ... any interest?
Click to expand...

How about a data sanitizer?

(cmrr.ucsd.edu/people/Hughes/DataSanitizationTutorial.pdf)

I also remember reading somewhere about erase software that was built into certain drives, but was disabled by the motherboard BIOS.

Maybe that's being a bit too secure (and fun) for a plugin.

Joe
 
On Thu, 11 Nov 2010 15:55:17 -0500, Steve Fábián <>
wrote:

|From: vefatica
|| It would be easy (and fun) to write a WIPE plugin (say in 4UTILS) ...
|| any interest?
|
| I am particularly interested in wiping from the recycle bin. The files to be wiped are the originals saved in the recycle bin when using Outlook Express' "Folder Compact".
| Another option (not one I am interested in) would be to "wipe" by overwriting more than 3 times.

Three times seems enough for the DOD! The number of times could easilly be made
an option.

Does the recycle bin actually use a disk location for the files it houses
different from their location before deletion?
 
---- Original Message ----
From: vefatica
To: [email protected]
Sent: Thursday, 2010. November 11. 17:01
Subject: RE: [Suggestions-t-2419] Add /W(ipe) option to several commands

| On Thu, 11 Nov 2010 15:55:17 -0500, Steve F�bi�n <>
| wrote:
|
|| From: vefatica
||| It would be easy (and fun) to write a WIPE plugin (say in 4UTILS)
||| ... any interest?
||
|| I am particularly interested in wiping from the recycle bin. The
|| files to be wiped are the originals saved in the recycle bin when
|| using Outlook Express' "Folder Compact". Another option (not one I
|| am interested in) would be to "wipe" by overwriting more than 3
|| times.
|
| Three times seems enough for the DOD! The number of times could
| easilly be made
| an option.

I was trying to locate the DoD standard, but could not locate it on the 'net. An older version required all zeroes - all ones nine times for confidential data on magnetic media; more for higher classifications.

|
| Does the recycle bin actually use a disk location for the files it
| houses
| different from their location before deletion?

It is my GUESS that it behaves like "rename", the file body - which is what needs to be wiped - would not be moved, only recataloged. To test this, I checked the inode of a junk file, deleted it to the recycle bin, and found that it had the same inode in the recyle bin as the original. I thus think that "delete to recycle bin" is a process which renames the file into the recycler directory, and catalogs its original name in the data file INFO2 of the bin.

As another experiment, I used DEL /W to delete everything from the \RECYCLER directory, then deleted a file to the recycling bin. Everything worked fine. For now I think I will just use DEL/W on the contents of the recycler bin, and will not need a new plugin command.
--
Steve
 
On Thu, 11 Nov 2010 21:05:56 -0500, Steve Fábián <>
wrote:

| It is my GUESS that it behaves like "rename", the file body - which is what needs to be wiped - would not be moved, only recataloged. To test this, I checked the inode of a junk file, deleted it to the recycle bin, and found that it had the same inode in the recyle bin as the original. I thus think that "delete to recycle bin" is a process which renames the file into the recycler directory, and catalogs its original name in the data file INFO2 of the bin.
|
| As another experiment, I used DEL /W to delete everything from the \RECYCLER directory, then deleted a file to the recycling bin. Everything worked fine. For now I think I will just use DEL/W on the contents of the recycler bin, and will not need a new plugin command.

I experimented a bit too. When I went into
e:\recycler\s-1-5-21-3291446647-2681218026-3195555329-1005\ with a command
prompt, DIR showed files with different names than they had before they were
deleted. Is that typical (I don't often use the recycler)? I also found that
deleting all files there (with TCC) left the recycle bin's desktop icon screwed
up.

I'd think overwriting several times with random characters would be better than
with all zeroes/ones but I'm no expert.
 
Steve Fábián said:
When I delete files with the DEL (ERASE) command, or move them to another volume by the MOVE command, I can use the /W option to have them wiped. I would like this option to be available for all commands which can delete files, e.g., RECYCLE, RMDIR, SYNC. I realize that SYNC already uses /W for a different purpose, so that it would need another option letter.
Click to expand...

That would be impossible for RECYCLE (until Microsoft provides a few currently non-existent APIs).

RD /S just calls DEL /S, so there's nothing to be gained there.
 
| I experimented a bit too. When I went into
| e:\recycler\s-1-5-21-3291446647-2681218026-3195555329-1005\ with a
| command prompt, DIR showed files with different names than they had before
| they were deleted. Is that typical (I don't often use the recycler)?

Yes it is. The recycler is a flat directory, so files with the same name deleted from different directories can no longer have their original names. The file INFO2 appears to contain the mapping of RECYCLER content to original (full) file specification.

| I also found that deleting all files there (with TCC) left the recycle bin's desktop
| icon screwed up.

Not here.

| I'd think overwriting several times with random characters would be
| better than with all zeroes/ones but I'm no expert.

The phenomenon called HYSTERESIS is the reason to perform multiple overwrites; what's important is to flip each bit multiple times. Using the same value for each bit may reduce "crosstalk" hysteresis (e.g., between adjacent disk tracks).
--
Steve
 
| That would be impossible for RECYCLE (until Microsoft provides a few
| currently non-existent APIs).

Is there an API to restore from the recycle bin? If there is, a work-around would be to
1/ save (rename) the current file before restoring its recycle-bin namesake;
2/ wipe the restored file;
3/ restore the save file.

| RD /S just calls DEL /S, so there's nothing to be gained there.

But unlike "DEL /S /W", currently "RD /S /W" is an illegal command. However, a simple comment in HELP topic "rd.htm" how the former can be used to achieve the latter would be sufficient.
--
Steve
 
On Thu, 11 Nov 2010 22:54:14 -0500, Steve Fábián <>
wrote:

|| I'd think overwriting several times with random characters would be
|| better than with all zeroes/ones but I'm no expert.
|
| The phenomenon called HYSTERESIS is the reason to perform multiple overwrites; what's important is to flip each bit multiple times. Using the same value for each bit may reduce "crosstalk" hysteresis (e.g., between adjacent disk tracks).

If flipping bits is the goal, perhaps more to the point is that writing random
characters will only flip, on the average, half the bits.
 
>
> || I am particularly interested in wiping from the recycle bin. The
> || files to be wiped are the originals saved in the recycle bin when
> || using Outlook Express' "Folder Compact". Another option (not one I
> || am interested in) would be to "wipe" by overwriting more than 3
> || times.
>
Click to expand...

If it is important that you actually wipe the data, be sure that the medium
you are wiping writes data the way you think. I believe some compact flash
file system implementations, for example, always round-robin allocate a new
block when writing, thus extending the MTBF as much as possible. In that
case, overwriting to wipe does no good at all, until you fill the medium.

--
Jim Cook
2010 Sundays: 4/4, 6/6, 8/8, 10/10, 12/12 and 5/9, 9/5, 7/11, 11/7.
Next year they're Monday.
 
Jim Cook:
| If it is important that you actually wipe the data, be sure that the medium
| you are wiping writes data the way you think. I believe some compact flash
| file system implementations, for example, always round-robin allocate a new
| block when writing, thus extending the MTBF as much as possible. In that
| case, overwriting to wipe does no good at all, until you fill the medium.

Overwriting does not allocate new blocks, it updates the contents of previously allocated blocks. I seriously doubt any filesystem would write everything into a new block, and release the original block. Regardless, my personal interest is in standard hard drives using NTFS, so the issue is irrelevant, but thanks for the interesting information.
--
Steve
 
From http://en.wikipedia.org/wiki/CompactFlash

"The even more advanced CompactFlash controllers will also move the data
that is rarely changed so that all blocks are worn evenly."


Also, reading
http://technet.microsoft.com/en-us/library/cc785914(WS.10).aspx says that
shadow copy on write is possible, so if your system is using that, the
storage medium is irrelevant, and the original contents will not be
overwritten. Some virtual machines also do delta / differential disk
writing, to preserve the original state.

Similarly, JPSoft's own CascadePoint could copy the original file, so
overwriting it will not destroy the contents.


My point is not to dispute whether or not it will work on your system, but
that there are things to be aware of if you have a need or obligation to
actually destroy the data. It might not be as easy as you think. There have
only been a couple instances when I had sensitive customer data that needed
to be destroyed, and those were done in front of the customer to their
satisfaction.


On Fri, Nov 12, 2010 at 08:02, Steve Fábián <>wrote:


> Jim Cook:
> | If it is important that you actually wipe the data, be sure that the
> medium
> | you are wiping writes data the way you think. I believe some compact
> flash
> | file system implementations, for example, always round-robin allocate a
> new
> | block when writing, thus extending the MTBF as much as possible. In that
> | case, overwriting to wipe does no good at all, until you fill the medium.
>
> Overwriting does not allocate new blocks, it updates the contents of
> previously allocated blocks. I seriously doubt any filesystem would write
> everything into a new block, and release the original block. Regardless, my
> personal interest is in standard hard drives using NTFS, so the issue is
> irrelevant, but thanks for the interesting information.
> --
> Steve
>
>
>
>
>
Click to expand...



--
Jim Cook
2010 Sundays: 4/4, 6/6, 8/8, 10/10, 12/12 and 5/9, 9/5, 7/11, 11/7.
Next year they're Monday.
 
re:
| I also found that deleting all files there (with TCC) left the recycle bin's desktop
| icon screwed up.

Maybe you need to erase the iconcache then restart the computer? Are other icons messed up?




----- Original Message -----
From: Steve Fábián
To: [email protected]
Sent: Thursday, November 11, 2010 10:54 PM
Subject: RE: [Suggestions-t-2419] Add /W(ipe) option to several commands


| I experimented a bit too. When I went into
| e:\recycler\s-1-5-21-3291446647-2681218026-3195555329-1005\ with a
| command prompt, DIR showed files with different names than they had before
| they were deleted. Is that typical (I don't often use the recycler)?

Yes it is. The recycler is a flat directory, so files with the same name deleted from different directories can no longer have their original names. The file INFO2 appears to contain the mapping of RECYCLER content to original (full) file specification.

| I also found that deleting all files there (with TCC) left the recycle bin's desktop
| icon screwed up.

Not here.

| I'd think overwriting several times with random characters would be
| better than with all zeroes/ones but I'm no expert.

The phenomenon called HYSTERESIS is the reason to perform multiple overwrites; what's important is to flip each bit multiple times. Using the same value for each bit may reduce "crosstalk" hysteresis (e.g., between adjacent disk tracks).
--
Steve
 
Sorery - sent too early....

I meant the following files:

%userprofile%\Local Settings\Application Data\IconCache.db
%LocalAppData%\IconCache.db

----- Original Message -----
From: Charles (RR) Galloway
To:
Sent: Friday, November 12, 2010 01:32 PM
Subject: Re: [Suggestions-t-2419] Add /W(ipe) option to several commands


re:
| I also found that deleting all files there (with TCC) left the recycle bin's desktop
| icon screwed up.

Maybe you need to erase the iconcache then restart the computer? Are other icons messed up?




----- Original Message -----
From: Steve Fábián
To: [email protected]
Sent: Thursday, November 11, 2010 10:54 PM
Subject: RE: [Suggestions-t-2419] Add /W(ipe) option to several commands


| I experimented a bit too. When I went into
| e:\recycler\s-1-5-21-3291446647-2681218026-3195555329-1005\ with a
| command prompt, DIR showed files with different names than they had before
| they were deleted. Is that typical (I don't often use the recycler)?

Yes it is. The recycler is a flat directory, so files with the same name deleted from different directories can no longer have their original names. The file INFO2 appears to contain the mapping of RECYCLER content to original (full) file specification.

| I also found that deleting all files there (with TCC) left the recycle bin's desktop
| icon screwed up.

Not here.

| I'd think overwriting several times with random characters would be
| better than with all zeroes/ones but I'm no expert.

The phenomenon called HYSTERESIS is the reason to perform multiple overwrites; what's important is to flip each bit multiple times. Using the same value for each bit may reduce "crosstalk" hysteresis (e.g., between adjacent disk tracks).
--
Steve
 
You must log in or register to reply here.

Similar threads

D
Add Subdirectories option to EVERYTHING
Replies
15
Views
777
Alpengreis
Alpengreis
Joe Caverly
Add info to VER command in help
Replies
1
Views
274
rconn
rconn
Jay Sage
Done Add Switch for TASKLIST To Suppress Footer
Replies
0
Views
308
Jay Sage
Jay Sage
Joe Caverly
Done Add new pseudo-devices TMP0: - TMP9:
Replies
1
Views
351
Joe Caverly
Joe Caverly
vefatica
Declined Add inversion to FFIND's text searches (/T and /E) ...
Replies
18
Views
1K
David Marcus
D
vefatica
Done Add /UNELEVATED to START
Replies
0
Views
656
vefatica
vefatica
Joe Caverly
Done Add ability to DEL Stream from SYMLINK
Replies
2
Views
929
vefatica
vefatica
Joe Caverly
Declined Add VHD to @drivetype
Replies
1
Views
963
rconn
rconn
R
Declined Option to add tcc to Bash profile
Replies
1
Views
927
AnrDaemon
A
R
Add Custom Message to commands
Replies
2
Views
963
Rick Reinckens
R
mfarah
Declined Implement an "Add TCC to the task bar" in the TCMD installer.
Replies
2
Views
950
rconn
rconn
C
Declined Add switch to MOVE to not make empty destination folders. (COPY's /F)
Replies
4
Views
1K
Charles G
C
M
Declined Add "ReleaseID" (aka version or build) to ver output
Replies
2
Views
1K
mwb1100
M
R
Declined In setup, add back/refresh buttons.
Replies
1
Views
1K
rconn
rconn
D
Done Suggestion: Add VIEW option to open in same position as current window
Replies
0
Views
1K
David Marcus
D
D
Done BDEBUGGER: add cmdline option to set a breakpoint at a given line
Replies
0
Views
983
djspits
D
D
Done TCEdit and BDEBUGGER: add cmdline switch to jump to given line
Replies
2
Views
1K
djspits
D
R
Done Add "Evaluate Expression" to Right-Click Context Menu in Batch Debugger
Replies
3
Views
2K
Kachupp
Kachupp
S
Declined Add support for Git auto-completion
Replies
0
Views
1K
SiggyBar
S
R
Declined wish-list: add a command to copy a file to clipboard.
Replies
17
Views
3K
Rodolfo
R
R
Declined Install option: Add File Explorer Run As Adminstrator option
Replies
14
Views
3K
Rick Reinckens
R
Dmitry L. Kobyakov
Done Add the possibility to comment the ENDIFF
Replies
11
Views
3K
Rick Reinckens
R
Charles Dye
Declined Windows functions and command: Add syntax to specify HWND directly
Replies
0
Views
1K
Charles Dye
Charles Dye
Charles Dye
Done @SNAPSHOT: Add option to capture the entire virtual screen
Replies
0
Views
1K
Charles Dye
Charles Dye
R
Done Add Libraries and Multi-line In-Memory functions to Features List on Website
Replies
1
Views
2K
Rick Reinckens
R
R
Done Add to Pause Help text re indenting the prompt
Replies
0
Views
1K
Rick Reinckens
R
C
Done Add ability for inline image files for sendmail or similar
Replies
2
Views
2K
Charles G
C
Local Body
Declined Add commands and functions
Replies
11
Views
3K
vefatica
vefatica
rps
Declined Add auto-load directives to tcmd.ini
Replies
3
Views
2K
Rick Reinckens
R
fromano
Declined Add library functions to shralias saving feature
Replies
12
Views
3K
fromano
fromano
Joe Caverly
Add a "Snippet" Menu to CMDebug and TCC Debugger
Replies
0
Views
1K
Joe Caverly
Joe Caverly
D
Done Add the ability to control syntax coloring via an environment variable or some other way
Replies
3
Views
2K
rps
rps
Joe Caverly
Declined Add example .BTM code to TCC Debugger and CMDebug
Replies
1
Views
1K
Rick Reinckens
R
Alpengreis
Done Add "Slow copy" (/WAIT) parameter to SYNC command
Replies
1
Views
2K
rconn
rconn
Charles Dye
Done MOUNTISO: Add support for VHD / VHDX files
Replies
5
Views
3K
Joe Caverly
Joe Caverly
A
Declined Take Command/Debugger as a Visual Studio 2017 add-in/extension
Replies
4
Views
3K
AnrDaemon
A
rps
Declined Add optional parameters to @search
Replies
4
Views
2K
rps
rps
rps
Done Add PDIR switches
Replies
1
Views
2K
rconn
rconn
rps
Declined ECHO -- Add spacing option
Replies
2
Views
2K
rps
rps
vefatica
Done Add log2 to @EVAL
Replies
3
Views
2K
rconn
rconn
rps
Done Add exclusion ranges to @files
Replies
0
Views
1K
rps
rps
D
Done Add VIEW option to open in same position as current window
Replies
0
Views
1K
David Marcus
D
R
Done Add a .btm LIBRARY system
Replies
12
Views
4K
Rick Reinckens
R
N
Done Add display options to new HASH function
Replies
1
Views
2K
Niwotian60
N
rconn
Add a parameter to dir command to handle zip files as folders
Replies
1
Views
2K
Charles G
C
rconn
Done add support for batch file projects
Replies
0
Views
1K
rconn
rconn
rconn
Add support for backpipes
Replies
0
Views
1K
rconn
rconn
rconn
Done Add option to run programs Elevated from toolbar buttons
Replies
0
Views
1K
rconn
rconn
rconn
Declined In the Help tab let the user add links either to files or web pages, with an icon & label.
Replies
0
Views
1K
rconn
rconn
W
Done Add colorize to tree command?
Replies
0
Views
2K
wingo395
W
Back
Top