Eraser – Tool to Wipe Sensitive Data

During the incident response and analyzing artifact in memory the responder will copy the data to external hard drive and this may include sensitive information that will be processed during the work. before starting to use external hard drive it will be important to erase and remove all data stored and for this you can use Eraser. 

Eraser is an advanced security tool for Windows which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. Eraser is currently supported under Windows XP (with Service Pack 3), Windows Server 2003 (with Service Pack 2), Windows Vista, Windows Server 2008, Windows 7, 8, 10 and Windows Server 2012.

Eraser – Tool to Wipe Sensitive Data

Currently the tool support the following method to wipe data:

  • Pseudorandom data – The fastest wiping scheme. Your data is overwritten with random data2CSPRNG (if you use a the data is indistinguishable from random noise.)
  • British HMG IS5 (Baseline) (1 pass) – Your data is overwritten with zeroes.
  • Russian GOST P50739-95 – GOST P50739-95 wiping scheme calls for a single pass of zeroes followed by a single pass of random data
  • British HMG IS5 (Enhanced) – British HMG IS5 (Enhanced) is a three pass overwriting algorithm: first pass – with zeroes, second pass – with ones and the last pass with random data.
  • US Army AR380-19 – AR380-19 is data wiping scheme specified and published by the U.S. Army. AR380-19 is three pass overwriting algorithm: first pass – with random data, second with a random byte and the third pass with the complement of the 2nd pass
  • US Department of Defense DoD 5220.22-M (E) – DoD 5220.22-M (E) is a three pass overwriting algorithm: first pass – with zeroes, second pass – with ones and the last pass – with random data
  • US Air Force 5020 – US Air Force 5020 is a three pass overwriting algorithm with the first pass being that of a random byte, followed by two passes of complement data (shifted 8 and 16 bits right respectively)
  • US Department of Defense DoD 5220.22-M(ECE) – DoD 5220.22-M(ECE) is seven pass overwriting algorithm: first, fourth and fifth pass with a random byte, its 8 right-bit shift complement and 16 right-bit shift complement; second and sixth passes with zeroes, and third and seventh pass with random data
  • Canadian RCMP TSSIT OPS-II – RCMP TSSIT OPS-II is a seven pass overwriting algorithm with three alternating patterns of zeroes and ones and the last pass – with a random byte
  • German VSITR – The German standard calls for data to be overwritten with three alternating patterns of zeroes and ones and in the last pass with random data
  • Schneier’s Algorithm – The Bruce Schneier algorithm has seven passes: first pass – with ones, the second pass – with zeroes and then five times with random data

Even with a new harddrive it will come with some application to backup data so it will be recommended that you run this tool to wipe data before each usage.

You can read more and download this tool over here:  https://eraser.heidi.ie/download/

Share