New Delete Command for Eraser v6.2.0.2962 and Sandboxie
Posted: Sun Mar 01, 2015 6:17 pm
New Delete Command for Eraser v6.2.0.2962 and Sandboxie
Tested with Sandboxie v4.16 and v4.17 on 64-bit Win 8.1
Edit Also works with Eraser v6.2.0.2963 and 6.2.0.2967, but does NOT work for me with 6.2.0.2969. On 6.2.0.2969 it leaves behind the renamed sandbox folder "__Delete_xxxxx_xxxxxxxx" /Edit
Copy all of the text from this post to your Clipboard, and then Paste it into a Notepad document, so that you will have it available when you are off-line.
Edit: I should mention that the command lines assume that the "Eraser.exe" program file is located at "C:\Program Files\Eraser\Eraser.exe". If that's not correct for your computer, then the path inside of the following command lines must be corrected. /Edit
Choose from these two eraser methods...
Command line for 3 Pass deletion - DOD /E method (This is the usual method used by Sandboxie):
Command line for 1 Pass deletion with PseudoRandom Data (A quicker method that I use, and all that's really needed):
Decide which of the above erase methods you will use (1 Pass or 3 Pass), and have the Notepad document open so you can Copy to the Clipboard.
For each sandbox where you use Eraser v6.2 for secure deletion:
(Right-click the sandbox name) > Sandbox Settings > Delete > Delete Command
In the "Delete Command" box, use the arrow keys or your mouse to select everything in the box, and then delete it by pressing the <Delete> key on your keyboard.
Text in that box extends beyond what you can see, so make sure that it has all been deleted.
Paste the new command line of your choice from above into the Delete Command box, and Click OK to close the Sandbox Settings window.
Repeat for the next sandbox.
NOTES:
If you have multiple sandboxes that use Eraser v6.2, you could use:
Sandboxie Control window > Configure > Edit Configuration
Scroll down to each "DeleteCommand=..." line and replace the line with the new DeleteCommand=..." line of your choice:
Either the 3 Pass method that's usually used by Sandboxie:
DeleteCommand="C:\Program Files\Eraser\Eraser.exe" erase /quiet /method=ecbf4998-0b4f-445c-9a06-23627659e419 dir="%SANDBOX%"
Or the 1 Pass method:
DeleteCommand="C:\Program Files\Eraser\Eraser.exe" erase /quiet /method=bf8ba267-231a-4085-9bf9-204de65a6641 dir="%SANDBOX%"
Edit Here's an example using methodName:
DeleteCommand="C:\Program Files\Eraser\Eraser.exe" erase /quiet /methodName=Pseudorandom data dir="%SANDBOX%"
/Edit
------
Justification for only using 1 Pass deletion -
At the bottom of Peter Gutmann's paper on Secure Deletion Methods:
https://www.cs.auckland.ac.nz/~pgut001/ ... l#Epilogue
Why Eraser still sets 35-Pass Gutmann method as the default setting when installing Eraser is a mystery to me.
------
Eraser Help usage screen follows:
End of post
Tested with Sandboxie v4.16 and v4.17 on 64-bit Win 8.1
Edit Also works with Eraser v6.2.0.2963 and 6.2.0.2967, but does NOT work for me with 6.2.0.2969. On 6.2.0.2969 it leaves behind the renamed sandbox folder "__Delete_xxxxx_xxxxxxxx" /Edit
Copy all of the text from this post to your Clipboard, and then Paste it into a Notepad document, so that you will have it available when you are off-line.
Edit: I should mention that the command lines assume that the "Eraser.exe" program file is located at "C:\Program Files\Eraser\Eraser.exe". If that's not correct for your computer, then the path inside of the following command lines must be corrected. /Edit
Choose from these two eraser methods...
Command line for 3 Pass deletion - DOD /E method (This is the usual method used by Sandboxie):
Code: Select all
"C:\Program Files\Eraser\Eraser.exe" erase /quiet /method=ecbf4998-0b4f-445c-9a06-23627659e419 dir="%SANDBOX%"
Code: Select all
"C:\Program Files\Eraser\Eraser.exe" erase /quiet /method=bf8ba267-231a-4085-9bf9-204de65a6641 dir="%SANDBOX%"
For each sandbox where you use Eraser v6.2 for secure deletion:
(Right-click the sandbox name) > Sandbox Settings > Delete > Delete Command
In the "Delete Command" box, use the arrow keys or your mouse to select everything in the box, and then delete it by pressing the <Delete> key on your keyboard.
Text in that box extends beyond what you can see, so make sure that it has all been deleted.
Paste the new command line of your choice from above into the Delete Command box, and Click OK to close the Sandbox Settings window.
Repeat for the next sandbox.
NOTES:
If you have multiple sandboxes that use Eraser v6.2, you could use:
Sandboxie Control window > Configure > Edit Configuration
Scroll down to each "DeleteCommand=..." line and replace the line with the new DeleteCommand=..." line of your choice:
Either the 3 Pass method that's usually used by Sandboxie:
DeleteCommand="C:\Program Files\Eraser\Eraser.exe" erase /quiet /method=ecbf4998-0b4f-445c-9a06-23627659e419 dir="%SANDBOX%"
Or the 1 Pass method:
DeleteCommand="C:\Program Files\Eraser\Eraser.exe" erase /quiet /method=bf8ba267-231a-4085-9bf9-204de65a6641 dir="%SANDBOX%"
Edit Here's an example using methodName:
DeleteCommand="C:\Program Files\Eraser\Eraser.exe" erase /quiet /methodName=Pseudorandom data dir="%SANDBOX%"
/Edit
------
Justification for only using 1 Pass deletion -
At the bottom of Peter Gutmann's paper on Secure Deletion Methods:
https://www.cs.auckland.ac.nz/~pgut001/ ... l#Epilogue
Why Eraser still sets 35-Pass Gutmann method as the default setting when installing Eraser is a mystery to me.
------
Eraser Help usage screen follows:
Code: Select all
Eraser 6.2.0.2962
(c) 2008-2015 The Eraser Project
Eraser is Open-Source Software: see http://eraser.heidi.ie/ for details.
usage: Eraser <action> <arguments>
where action is
help Show this help message.
erase Erases items specified on the command line. This is equivalent to addtask, with the schedule set to "now".
addtask Adds a task to the current task list.
importtasklist Imports an Eraser Task list to the current user's Task List.
global parameters:
/quiet Do not create a Console window to display progress.
parameters for help:
eraser help No parameters to set.
parameters for erase and addtask:
eraser erase [/method=(<methodGUID>|<methodName>)] <target> [target [...]]
eraser addtask [/method=(<methodGUID>|<methodName>)] [/schedule=(now|manually|restart)] <target> [target [...]]
/method The Erasure method to use.
methodGUID and methodName can be any GUID/Name from the following list:
Erasure Method GUID
---------------------------------------------------------------------------
U Gutmann 1407fc4e-feff-4375-b4fb-d7efbb7e9922
U US DoD 5220.22-M (8-306./E, C & E) d1583631-702e-4dbf-a0e9-c35dba481702
U RCMP TSSIT OPS-II f335cc40-5de5-4733-90b1-6957b4a45688
U Schneier 7 pass b1bfab4a-31d3-43a5-914c-e9892c78afd8
U German VSITR 607632b2-651b-4935-883a-bdaa74febb54
U US DoD 5220.22-M (8-306./E) ecbf4998-0b4f-445c-9a06-23627659e419
U British HMG IS5 (Enhanced) 45671da4-9401-46e4-9c0d-89b94e89c8b5
U US Air Force 5020 7bf5b185-8ea5-4e12-83f1-f6c2efb3d2c2
U US Army AR380-19 0fe620ea-8055-4861-b5bb-bd8bdc3fd4ac
U Russian GOST P50739-95 92681583-f484-415f-a66c-cc210222edc5
U British HMG IS5 (Baseline) 9acdbd78-0406-4116-87e5-263e5e3b2e0d
U Pseudorandom Data bf8ba267-231a-4085-9bf9-204de65a6641
First/last 16KB Erasure 0c2e07bf-0207-49a3-ade8-46f9e1499c01
Only erasure methods labelled "U" can be used to erase unused disk space.
/schedule The schedule the task will follow. The value must be one of:
now The task will be queued for immediate execution.
manually The task will be created but not queued for execution.
restart The task will be queued for execution when the computer is next restarted.
This parameter is only valid for use with "addtask".
target is one or more of:
file Erases the specified file
argument: file=<path>
dir Erases files and folders in the directory
arguments: dir=<directory>[,-excludeMask][,+includeMask][,deleteIfEmpty[=true|false]]
excludeMask A wildcard expression for files and folders to exclude.
includeMask A wildcard expression for files and folders to include.
The include mask is applied before the exclude mask.
deleteIfEmpty Deletes the folder at the end of the erasure if it is
empty. If this parameter is not specified, it defaults to true.
recyclebin Erases files and folders in the recycle bin
unused Erases unused space in the volume.
arguments: unused=<drive>[,clusterTips[=(true|false)]]
clusterTips If specified, the drive's files will have their cluster tips erased.
This parameter accepts a Boolean value (true/false) as an argument;
if none is specified true is assumed.
move Securely moves a file/directory to a new location
arguments: move=<source>|<destination>
drive Erases partitions, volumes or drives
arguments:
drive=\Device\Harddisk<index>
drive=\\.\PhysicalDrive<index>
drive=\\?\Volume<guid>
parameters for importtasklist:
eraser importtasklist <file>[...]
file A list of one or more files to import.
All arguments are case sensitive.
Response files can be used for very long command lines (generally, anything
involving more than 32,000 characters.) Response files are used by prepending
"@" to the path to the file, and passing it into the command line. The
contents of the response files' will be substituted at the same position into
the command line.