Securely erase empty disk space on a Win 3.1 / DOS 6.22 system with builtin tools

I have a retro laptop from 1994, an IBM Thinkpad 340, which I want to give away, but first want to securely erase its deleted files.

The system contains both a GUI and CLI undelete application, which lists previously deleted files and their respective chances for recovery according to how many clusters are intact.

I am looking for a solution like the cipher or sdelete on newer Windows systems to overwrite the empty disk portions with multiple zero/random write passes with tools built into stock Windows 3.1 with DOS 6.22.

I want to avoid having to install anything extra or booting a maintenance OS from floppy disk, as I have no easy data interface to that retro device at hand: No networking on the retro laptop, no floppy disks on any of my current devices, and I want to avoid buying a USB floppy drive.

If I get no software solution or no USB floppy drive, I’d have to resort to a hardware solution: Disassemble the retro laptop. Get the hard disk drive out. Connect the hard disk drive via my USB-ATA/IDE bridge (adapter/converter) to a host computer with the tools of my choice. But I'd like to avoid such an invasive operation with that luckily still functional retro laptop.

Google yields no useful software utility infos on those legacy pre-WWW systems. I'd appreciate a hint from anyone with experiences in that old systems/devices!

This is how I solved my issue in practice

1) Overwrite with random data: I used File Manager to duplicate c:\windows\system content into dummy directory c:\aa several times plus some remainder data until File Manager showed 0KB free for c:\. Then repeated delete-duplicate-cycles to achieve about 7 complete overwrites in total. Finally deleted the bogus directory. — Compliments to @KodyBrown

2) Overwrite with zeros: Bought a USB floppy (6€, 2nd hand) for my contemporary laptop and created a bootable floppy disk with KillDisk for DOS v4.1 (final version from 2008, no further development). Booted into KillDisk and wiped the unused disk space with zeros. This way any possible future data recovery attempts have a better chance finding valid instead of bogus data. For confirmation I watched the raw disk data and the empty portions indeed were properly filled with null data (0x00).

Nevertheless I am still curious in the original theoretical issue

For geek pride and other interested users without a floppy drive. I still would appreciate a working DOS 6.22 shell script which can properly fill the disk remainder with several random data passes and a final null data pass. Am offering to test it and give feedback. In the use case one has no data interface to the retro device (no network, no floppy) and thus has to manually type it in. Reminding of the microcomputer days in the 1980ies with source code in computer magazines. Charming! ;-)

porg

Posted 2016-12-26T21:57:36.353

Reputation: 279

Please edit your question: You don’t even have floppy disk connectivity? Might be helpful to add the exact model of laptop you are dealing with. – JakeGould – 2016-12-26T22:04:30.057

The IBM Thinkpad 340's floppy drive works fine but as stated I've got "no floppy disks on any of my current devices". But I will get my hands on a computer with a floppy drive or a USB floppy drive and then install a bootable floppy drive maintainance OS such as KillDisk for DOS which as the advertised feature to "Wipe out all unused space on disks, not touching existing data".

– porg – 2016-12-31T18:52:45.097

USB floppy drives (external floppy drives that connect to a system via a USB port) are commonly available nowadays. They cost around $10 to $20. If you know of a PC repair shop near you they might have one in stock. – JakeGould – 2016-12-31T19:41:40.990

Are there any scripting language interpreters / compilers on the machine? Any language should be able to generate several gigabytes' worth of zeroes in files, but .bat is not one of those I can speak with. – John Dvorak – 2016-12-31T21:08:59.260

In Bash, a simple yes>o might do. – John Dvorak – 2016-12-31T21:13:17.673

@JanDvorak Slight tangent based on Bash: Why use yes when something like cat /dev/zero > junkfile.txt would work?

– JakeGould – 2016-12-31T22:31:51.197

... or that. But since you're using a process anyways, why use cat instead of yes? – John Dvorak – 2016-12-31T22:32:37.857

@JanDvorak Do you know what cat /dev/zero is? It’s not just cat. Anyway, do what you wish. But I have never heard of anyone wiping space using the yes command. – JakeGould – 2016-12-31T23:40:33.767

A batch file could do this pretty easily. I'll write one tonight if I have a free moment. – Kody Brown – 2017-01-01T01:54:18.890

@KodyBrown Wow, very much appreciated! Would be so cool to have a native solution. Hope you find a solution which indeed works on a DOS 6.22 system. – porg – 2017-01-01T09:35:45.277

@KodyBrown To close this issue: Did you try a DOS 6.x batch script and fail to produce a working solution? Or just found no time yet? Really would appreciate for theoretical curiosity, although the issue is practically solved for me. – porg – 2017-01-11T14:38:47.377

Answers

A simple way to accomplish this, is to copy the Windows directory over and over, just making additional copies of it, until you run out of space. Delete the copies you just created. Then do it again as many times as you feel necessary (passes).

This is effectively overwriting all free space on the disk.

UPDATED:

Here is a batch file to automate the process. I tested it on an old version of FreeDOS running in a VMware guest. I think it should work on DOS 5 and newer.

Put this file at the root of your C: drive (ie: C:\CLEAN.BAT) and run it from there.

Each time it is run, it will "overwrite" once. Then you must delete all the files in the C:\TMP directory to free up the space (C:\TMP>DEL *.*). (I didn't want the batch file to delete any files on its own, just in case.)

You can run it as many times as you feel is necessary. Each time you run it is a single overwrite, so you might want to run it a couple or three times to be safe.

CLEAN.BAT

@ECHO OFF

IF "%1"=="" GOTO :INIT

:PARSE
  SET ARG1=%1
  SET ARG2=%2
  SET ARG3=%3
  SET ARG4=%4

  IF NOT "%4"=="" GOTO :LAST
  IF NOT "%3"=="" GOTO :LOOP4
  IF NOT "%2"=="" GOTO :LOOP3
  IF NOT "%1"=="" GOTO :LOOP2

:INIT
  C:
  CD\
  IF NOT EXIST "C:\TMP\" MKDIR C:\TMP >NUL
  CHDIR C:\TMP

  COPY C:\WINDOWS\SETUP.EXE SETUP.EXE >NUL
  COPY SETUP.EXE+SETUP.EXE FILE.0 >NUL

:LOOP1
  FOR %%E IN (A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 1 2 3 4 5 6 7 8 9 0) DO CALL C:\CLEAN.BAT %%E
  GOTO :END

:LOOP2
  FOR %%F IN (A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 1 2 3 4 5 6 7 8 9 0) DO CALL C:\CLEAN.BAT %ARG1% %%F
  GOTO :END

:LOOP3
  FOR %%G IN (A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 1 2 3 4 5 6 7 8 9 0) DO CALL C:\CLEAN.BAT %ARG1% %ARG2% %%G
  GOTO :END

:LOOP4
  FOR %%H IN (A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 1 2 3 4 5 6 7 8 9 0) DO CALL C:\CLEAN.BAT %ARG1% %ARG2% %ARG3% %%H
  GOTO :END

:LAST
  COPY FILE.0 F%ARG1%%ARG2%%ARG3%%ARG4%.0
  IF NOT "%ERRORLEVEL%"=="0" EXIT
  GOTO :END

:END

The SETUP.EXE file in my Windows 3.1 directory is just under 500KB. To speed the process up a bit, I copy it (twice) to a new file and use it, so the process will effectively wipe all but about 950KB of the drive. You can pick a smaller file to get more granular, but you may run into issues with having too many files in a single directory.

Also, FreeDOS doesn't change the errorlevel when a copy operation fails. MSDOS has always been good about the errorlevel responses, so you shouldn't run in to that. If it does start saying it failed to copy the temporary file because of disk space, you can safely stop (Ctrl+C) the process.

Kody Brown

Posted 2016-12-26T21:57:36.353

Reputation: 249

Additionally, or instead of using the Windows directory, you could copy a single large file repeatedly. You could also spend a few minutes creating a super large file to copy fewer times by using copy large.fil+large.fil+large.fil new.fil. That will concatenate multiple files (or the same file, multiple times to itself) into a single file. Then execute that same command multiple times using new.fil and it will grow exponentially. I know copy concatenation works in DOS, however I'm not sure about copying to itself. – Kody Brown – 2017-01-01T01:49:16.123

That's a good approach with builtin tools only! This never occurred to me as it seems so rough and brute, but in effect it does what it should.

PROS:

Works out of the box.
Everyone can easily do it.

CONS:

Takes some time as you need to lookup file/dir size and estimate how often you need to copy what.
Unlikely to wipe the very last unused byte, as the OS or some else likely keeps some reserve storage.

2017-01-01T10:02:25.640

amusingly, that is exactly what many secure deletion applications do, just with the defragmentation API. – Journeyman Geek – 2017-01-01T10:05:35.200

Another CON: - As Win 3.1 was a single user OS with only rudimentary file/dir permissions sensitive user data probably resides in the windows system directory by design or negligent user behavior. Choose an insensitive dir/file for data duplication! – porg – 2017-01-01T10:10:04.993

-2

Exit Windows into DOS to have as few side effects as possible (virtual memory, file locks, etc). Then run SCANDISK and say yes to all repairs and optimizations and after that run DEFRAG. This shuffles your data a bit, at least.

Done it myself and after that the internal undelete command found nothing anymore.

Professional data forensic software will still find stuff, but your potentially nosy gifted friend or second hand buyer can find nothing with the internal undelete tools at least.

porg

Posted 2016-12-26T21:57:36.353

Reputation: 279