How Deleted are your files?

How Deleted are your files?

When you delete files on a computer system it is a quick process and they are gone, most systems from Android, Apple, Windows, Samsung, Sony and others have a trash can of some sort that allows the deleted file to be stored in limbo and not fully deleted until a threshold is reached or the trash can is manually emptied by the computer operator


After deleting a file, then emptying the Recycle Bin, Windows then assigns the MFT entry as available, as the MFT entry number is a low one, Windows will reuse the space for new files. Files that are deleted and not been written over by new files can be easily recovered with the Undelete function from the power shell or command prompt.


It is the same with Apple computer systems in that after the file is deleted it ends up on the storage medium waiting for new data to overwrite it. Apple did have the Secure Trash feature but this was recently removed and not made available in El Capitan as it did not work properly all the time.

Like Windows where you can hold down the shift key and delete the file, it will bypass the Recycle bin, Apple has the ‘Delete Immediately’ function.

There is a command-line version to securely eradicate files and so make their resurrection impossible in OS X El Capitan 10.11+:.

Locate the file with OSX Finder
Hit command and space which opens Spotlight, type “terminal” then hit the Return key.
You now have to enter the command accurately making sure to include a space after the flag

srm -v (to delete a file)

srm -rv (to delete a directory)

Now drag the file or folder from the Finder into the Terminal command line, it will automatically link the file path.
Confirm the file path is correct and hit enter, once this process is started the file is overwritten 35 times surpassing US Department of Defence standards.

Gone but not forgotten

As with any computer system, the files are not truly deleted unless they are securely deleted like above, they remain on the hard disk drive hidden but still present, this is more of an issue now with SSD drives as they store data all over the drive rather than in clusters as with traditional (non-solid-state) drives. The data is not only hard to track and delete but also with secure deletion, the space should be written over at least 7 times with random data to eradicate the original binary data, the problem with modern SSD drives as opposed to traditional disk platter models is that they only have a certain number of writes then the data block fails, it is uneconomically viable and damaging to the hardware to securely delete the files.

You can still use the Disk Utility option using the 7-pass or 35-pass if you are overly paranoid and burning out hard drives is not a problem.

There are utilities for operating systems to secure delete the file, the process normally deletes and overwrites the file a certain amount of times with random data, once the process is over a random data file is left over that is no use to anyone. Some of these programmes are free, others are not but if privacy is a priority then perhaps these options should be looked into.