Do You Swear by "Secure Empty Trash"? Why?
Do fragments of data that have been deleted normally, rather than with Secure Empty Trash, stay with you Forever?
Say, even if you moved your Home volume to a new computer, would there still be fragments of deleted applications, folders and files that would handicap your system from the start?
How, if at all, can these fragments be reconstructed or re-located, then deleted properly? What kind of software would do this?
I am Secure Emptying my Trash at the moment but it is taking ages. I normally don't bother (1 hour or so - 30 files deleted...)
Say, even if you moved your Home volume to a new computer, would there still be fragments of deleted applications, folders and files that would handicap your system from the start?
How, if at all, can these fragments be reconstructed or re-located, then deleted properly? What kind of software would do this?
I am Secure Emptying my Trash at the moment but it is taking ages. I normally don't bother (1 hour or so - 30 files deleted...)
Comments
A) Secure Delete will provide no performance benefit, it is included for people who work for the government and paranoiacs so that they can 'shred' digital documents. (Whether this actually works in practice or not is an interesting question.)
All of your documents are simply 1 and 0s scattered across your hard drive... and the way the computer knows how to retrieve it is by a database that tracks where on the hard drive your data is. When you delete normally, it is simply the pointer to your data that gets erased. The 1s and 0s are still there, but the operating system thinks of it as free space since it doesn't know that anything is there.
So, in time, it will probably be written over with more documents. But there are utilities that can specifically look for this kind of stuff and retrieve it if you haven't overwritten it yet. And if you copy your home folder to another drive, only the data that the OS knows about would be copied... nothing that has been deleted would be transfered. Actually, when you copy your entire hard drive, it is de-fragmented at the same time since it copies one entire file at a time - so the source sends entire files intact, and the destination drive writes it continuously.
Secure delete, on the other hand, actually overwrites your data (several times?) so that way there is absolutely no remnant left on the hard drive.
oh
excuse me
prOn... sorry
Originally posted by Scott
It stalled out for me. rm -P seems to work much faster.
Hmm, I wonder, do rm -P and Panther's secure delete are the same thing?
srm is a dedicated program, with a lot more options (like specifying the number of passes, as was seen in the Panther alpha builds) plus on top of overwriting files, it renames and truncates them.
Barto
Originally posted by Barto
srm is a dedicated program, with a lot more options (like specifying the number of passes, as was seen in the Panther alpha builds) plus on top of overwriting files, it renames and truncates them.
Barto
Thanks Barto. I just installed it (via fink) and the only option I see for the number of passes is to overwrite with a single pass. Where are the other options? It is version 1.2.6.
Originally posted by Scott
srm is in the OS X install.
Could not find it under Jaguar, that's why I installed it using fink. You mean perhaps Panther?
Originally posted by Scott
srm is in the OS X install. It does have nicer features than rm -F but ... how "gone" do your files have to be?
Yeah I mean it's not that big a deal if your computer gets stolen and someone recovers your credit cards and social security details by using Norton's Undelete.
Oh wait, yes it is
Originally posted by Barto
Yeah I mean it's not that big a deal if your computer gets stolen and someone recovers your credit cards and social security details by using Norton's Undelete.
Oh wait, yes it is
I'm sorry the option is '-P'. From the man page.
-P Overwrite regular files before deleting them. Files are
overwritten three times, first with the byte pattern 0xff,
then 0x00, and then 0xff again, before they are deleted.
Where as srm has options to write random data and other stuff.
-s, --simple
only overwrite with a single pass of random data
-m, --medium
overwrite the file with 7 US DoD compliant passes (0xF6, 0x00,
0xFF, random, 0x00, 0xFF, random)
-z, --zero
after overwriting, zero blocks used by file
So I ask again. How "gone" does the data have to be?
The other issue is if any of that data gets put in the swap space on the hard drive. I believe you can get an encrypted swap with linux.
Originally posted by giant
The other issue is if any of that data gets put in the swap space on the hard drive. I believe you can get an encrypted swap with linux.
Does Panther's encryption allow us to have encrypted swap files? It is a intresting point that the swap file needs to be encrypted as well.