The Windows command
cipher /w can be used to securely wipe a hard drive’s free space without the use of third-party tools or GUIs:
cipher works by creating a folder called
EFSTMPWP on the root of the target drive; inside this folder, it successively fills three temporary files with zeroes, ones, and random numbers respectively, one after the other, to the size of the empty space left on the drive.
By the time a file has taken up all of the drive’s empty space, it’s effectively forced the file system to overwrite all data held in its free space with the file’s newly-written data, rendering any data previously held there permanently irrecoverable.
I understand Windows doesn’t typically grant users access to the raw drive like Linux does, but I’m confused as to why Windows’ own utilities would choose to write data indirectly to files in this way and be subjected to disk I/O bottlenecks in the process, instead of simply writing to the raw disk itself.
Is there a particular reason it wipes disks using files instead of writing to the raw disk, or was this likely just a design oversight?