what else to erase

On non system drives, only any hidden/system files that Windows puts there; ideally, get rid of these before you do the wipe.

The system drive (and any system folders you move to other drives) are another matter. These things come in two categories. There's the stuff you need to delete before you do the wipe: Internet clutter, system restore points, backup files, temporary files, application cache data, recently accessed file lists and logs, and any odd copies of sensitive data you made 'just to be sure'. Then there's those files that Windows will not let you (or Eraser) touch, notably the Registry and the paging file. You can set Windows to erase the paging file on exit (which slows the shutdown), but the best you can do with the Registry is use a cleaner/defragmenter program on it to remove references to non-existent files.

Believe it or not, this list is probably not exhaustive; bits of data seem to get squirrelled away all over the system drive. Did someone tell you that Windows is a secure OS? Bottom line: you can make your sensitive data a lot less accessible, but there is no such thing as 100% security.

Hope this explains things.

David
 
Some advocate whole-disk encryption of the OS partition, but my (personal opinion) is that the method only serves to add an additional layer of obscurity for the "occasional" adversary, determined adversaries will find other ways to obtain the disk information (waiting for a break in AES, code-hijacking the physical computer etc, other exploits have been conjured -- while not all are proven feasible as yet, things will change with more research and such)
 
Back
Top