The Windows command
cipher /w can be used to securely wipe a hard drive's free space without the use of third-party tools or GUIs:
cipher works by creating a folder called
EFSTMPWP on the root of the target drive; inside this folder, it successively fills three temporary files with zeroes, ones, and random numbers respectively, one after the other, to the size of the empty space left on the drive. By the time a file has taken up all of the drive's empty space, it's effectively forced the filesystem to overwrite all data held in its free space with the file's newly-written data, rendering any data previously held there permanently irrecoverable.
However, I'm perplexed as to why Windows would accomplish the task in such a roundabout way. I understand that it doesn't (easily) grant users access to the raw drive like Linux does, but why do Windows' own utilities choose to write data indirectly to files and be subjected to disk I/O bottlenecks in the process instead of simply writing to the raw disk itself? Was this likely just a design oversight, or are there actual advantages to wiping a disk's free space in this way?