Hello,
does anybody know if ccleaner is also able to safe-delete the file-slack?
Oliver
Full Version: CCleaner and Fileslack
You mean secure delete? Very good point - probably only MrG (the developer) can answer this at the moment.
If it doesn't try Restoration (http://www.webattack.com/get/restoration.html)
No, CCleaner does not do this.
[quote/start]
If it doesn't try Restoration (http://www.webattack.com/get/restoration.html)
[quote/end]
Hmm, I apologize for my bad English. I originally meant a feature within ccleaner that is actually wiping the file-slack.
As far as I know, Eraser is the only freeware-programm that can handle this. It would just be nice to have such a feature in ccleaner aswell I think, since the slack might still contain memory-dumbs of e.g. unprotected passwords, files etc.
But maybe this goes beyond the desired functions of ccleaner.
Oliver
If it doesn't try Restoration (http://www.webattack.com/get/restoration.html)
[quote/end]
Hmm, I apologize for my bad English. I originally meant a feature within ccleaner that is actually wiping the file-slack.
As far as I know, Eraser is the only freeware-programm that can handle this. It would just be nice to have such a feature in ccleaner aswell I think, since the slack might still contain memory-dumbs of e.g. unprotected passwords, files etc.
But maybe this goes beyond the desired functions of ccleaner.
Oliver
QUOTE
But maybe this goes beyond the desired functions of ccleaner.
No, I don't think so. I think it is a very valid suggestion for a future implementation. It is actually a weakness in the current implementation if it does not handle file slack. People may think they have securely erased all on their HD when in fact they have not.
Even though I personally wonder what these people have to hide, and from whom...?
CCleaner is not really supposed todo that though.
Maybe you should look into Eraser.
* http://www.heidi.ie/eraser/
CCleaner is more deleting files and registry entries.
While Eraser is for securerly deleting data.
Maybe you should look into Eraser.
* http://www.heidi.ie/eraser/
CCleaner is more deleting files and registry entries.
While Eraser is for securerly deleting data.
Hold on though, the file slack is only "sensitive" if it contains remnants of old files, so by secure wiping an actual file you are getting rid of the most likely sensitive content.
To put it another way, if CCleaner removes "myFile.tmp" (5K), there is no logical reason to assume that the slack 3K (2 clusters) will contain anything more sensitive than the combined slack of thousands of other files.
For example, my Program Files folder reports:
Size: 4.36 GB (4,682,343,422 bytes)
Size on disk: (4.47 GB (4,802,899,968 bytes)
That's over 100MB of potentially recoverable slack space - are you suggesting that CC should wipe all that each time it runs???
As mentioned above, other programs can "wipe free space" with varying success rates and varying features. Try one of those, perhaps CC will slowly shift from "tidying" to "security" if the demand is there, but in the meantime use the best tool for any one job...
To put it another way, if CCleaner removes "myFile.tmp" (5K), there is no logical reason to assume that the slack 3K (2 clusters) will contain anything more sensitive than the combined slack of thousands of other files.
For example, my Program Files folder reports:
Size: 4.36 GB (4,682,343,422 bytes)
Size on disk: (4.47 GB (4,802,899,968 bytes)
That's over 100MB of potentially recoverable slack space - are you suggesting that CC should wipe all that each time it runs???
As mentioned above, other programs can "wipe free space" with varying success rates and varying features. Try one of those, perhaps CC will slowly shift from "tidying" to "security" if the demand is there, but in the meantime use the best tool for any one job...
QUOTE(cde @ Mar 8 2006, 04:54 PM) [snapback]32254[/snapback]
... are you suggesting that CC should wipe all that each time it runs???
No, only on the files it deletes and does secure cleaning.
But anyway, I don't use secure cleaning, so it's really none of my business
QUOTE(pwillener @ Mar 8 2006, 09:47 AM) [snapback]32261[/snapback]
No, only on the files it deletes and does secure cleaning.
But anyway, I don't use secure cleaning, so it's really none of my business
but that's my point, a 5KB file may have 3KB slack, but that slack was not part of the file's data, so it typically wouldn't need cleaning.
If the file had shrunk this may be untrue, but edited files are also likely to move on the disk, again making slack cleaning unnecessary...
Just a thought. Or 2.
hello cde,
thanks for your interesting point of view, I thought about it and somehow I canīt agree with you.
your statement is assuming, as far as I undersdood it, that you have to wipe out your allocated (sensitive) files all the time to reduce a sensitive file-slack in the long run. Correct me if I got it wrong, but still it is a very good point, I never really thought about that.
but what about those of us, who want to have a "quick , sober clean"?
"sensitive" data is relative to the one who is producing it and it refers to a kind of personal privacy I think.
thx again, the two of you,
Oliver
thanks for your interesting point of view, I thought about it and somehow I canīt agree with you.
your statement is assuming, as far as I undersdood it, that you have to wipe out your allocated (sensitive) files all the time to reduce a sensitive file-slack in the long run. Correct me if I got it wrong, but still it is a very good point, I never really thought about that.
but what about those of us, who want to have a "quick , sober clean"?
"sensitive" data is relative to the one who is producing it and it refers to a kind of personal privacy I think.
thx again, the two of you,
Oliver
QUOTE(cde @ Mar 9 2006, 06:06 AM) [snapback]32302[/snapback]
but that's my point, a 5KB file may have 3KB slack, but that slack was not part of the file's data, so it typically wouldn't need cleaning.
If the file had shrunk this may be untrue, but edited files are also likely to move on the disk, again making slack cleaning unnecessary...
Just a thought. Or 2.
Yes, you are making two very good points here; three actually. But do edited files really move on the disk when saved? For instance my very large Outlook PST file never seems to move - I can see that with Diskeeper. Maybe different applications handle file replacement differently?
I do not know enough about this subject, so I'll quit arguing here
I totally agree that cde's points are valid and reasonable, but I personally cast my vote with Oliver.
For example, what if there is 3k of slack containing a soup of random data, but amongst that data, is your 9-digit social security number? Sure it is small, but that one number, if gotten ahold of by a hacker, is enough to totally trash your identity.
Even small amounts of slack, such as 2-4k, can contain plenty of extremely confidential information: tax information, names, phone numbers, bank account numbers, etc. And amongst all of the random data contained in file slack, those numbers/letters, if they are still grouped together, can stick out like a sore thumb.
I do agree with cde, however, when it comes to not wiping all of the slack on the entire hard drive. That would literally take hours! CCleaner should only wipe the slack on files that it is already removing (cookies, logs, etc.).
Now the most important question: does Visual Basic even offer this type of low-level functionality, or is this feature impossible to implement in CCleaner as is?
For example, what if there is 3k of slack containing a soup of random data, but amongst that data, is your 9-digit social security number? Sure it is small, but that one number, if gotten ahold of by a hacker, is enough to totally trash your identity.
Even small amounts of slack, such as 2-4k, can contain plenty of extremely confidential information: tax information, names, phone numbers, bank account numbers, etc. And amongst all of the random data contained in file slack, those numbers/letters, if they are still grouped together, can stick out like a sore thumb.
I do agree with cde, however, when it comes to not wiping all of the slack on the entire hard drive. That would literally take hours! CCleaner should only wipe the slack on files that it is already removing (cookies, logs, etc.).
Now the most important question: does Visual Basic even offer this type of low-level functionality, or is this feature impossible to implement in CCleaner as is?
yes, as far as I am informed, VB can handle two sets of APIīs and ACLīs for working with security descriptors. Kernel and Application-Level, though M$ doesnīt recommend to use low-level access control APIīs on NT-Systems.
well to be honest, I am not really that much into programming
I agree with you, lokoike.
Oliver
well to be honest, I am not really that much into programming
I agree with you, lokoike.
Oliver
To clarify my point - CCleaner is not intended to clean up anything except for the files it can target, so there is just as much chance of your old sensitive data being at the end of foo.tmp as it being at the end of notepad.exe - and in the latter case, CC wouldn't clean it, so why be so concerned about it on the few hundred files that get removed by CC?
Buy PGP - for about $30 (I think - personal desktop?) you can replace all "delete" actions, by your or by an app, with secure wipes. Then you can disable CC's secure wipe (no point doing it twice).
Or just get a free eraser tool, and wipe free space with that, including slack.
Reiterating - "sensitive data X" is statistically unlikely to be in the slack space within a few dozen MB that CC looks for, compared to the size of your drive.
However I would like to see CC (or Windows, or every app for that matter) address user concerns, even those I disagree with - I am beginning to wonder why, in these days of very fast disk writing, we have not seen app or OS creators start to blank out disk space up to the end of the last occupied cluster...
Buy PGP - for about $30 (I think - personal desktop?) you can replace all "delete" actions, by your or by an app, with secure wipes. Then you can disable CC's secure wipe (no point doing it twice).
Or just get a free eraser tool, and wipe free space with that, including slack.
Reiterating - "sensitive data X" is statistically unlikely to be in the slack space within a few dozen MB that CC looks for, compared to the size of your drive.
However I would like to see CC (or Windows, or every app for that matter) address user concerns, even those I disagree with
- I am beginning to wonder why, in these days of very fast disk writing, we have not seen app or OS creators start to blank out disk space up to the end of the last occupied cluster...
QUOTE(cde @ Mar 14 2006, 04:03 AM) [snapback]32737[/snapback]
...there is just as much chance of your old sensitive data being at the end of foo.tmp as it being at the end of notepad.exe - and in the latter case, CC wouldn't clean it, so why be so concerned about it on the few hundred files that get removed by CC?
CCleaner also doesn't remove every junk file and registry issue from your computer, so why should it remove anything at all, if it can't get it all?
Obviously, you are correct that CCleaner won't be able to quickly and easily remove all traces of sensitive data from your computer, but it certainly doesn't hurt to remove some of it, now does it? Since CCleaner already wipes files that it removes, why not have it go the extra mile and clean those files' slack as well, so that they are "truly" removed?
QUOTE(lokoike @ Mar 15 2006, 08:06 AM) [snapback]32822[/snapback]
CCleaner also doesn't remove every junk file and registry issue from your computer, so why should it remove anything at all, if it can't get it all?
Obviously, you are correct that CCleaner won't be able to quickly and easily remove all traces of sensitive data from your computer, but it certainly doesn't hurt to remove some of it, now does it? Since CCleaner already wipes files that it removes, why not have it go the extra mile and clean those files' slack as well, so that they are "truly" removed?
I agree that the extra few FB would be better wiped than left, and that it should in theory be simple to implement, but as ever we are constantly waiting for updates and usually get new features or UI enhancements that we didn't really see coming.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.