Thread: How to trash the trash?
View Single Post
curiousuburb
Antimatter Man
 
Join Date: May 2004
Location: that interweb thing
 
2004-11-23, 18:01
Quote:
Originally Posted by BarracksSi
You mentioned it before I got back from work..

Yup, that's what "Secure Empty Trash" does -- writes over the data in multiple passes, scrambling it to Department of Defense standards for erased data. The regular "Empty Trash" command just deletes it out of the index, effectively putting a "1" in front of the file. That's why someone can recover files that you "deleted" just by choosing Empty Trash.

This was a noteworthy item when Panther came out. I'm surprised that it's not common knowledge by now.
OS 9 empty trash (and most Windows OS) just remove knowledge of the file from the index or FAT table and generally don't actually delete the file, just the references to it.

Part of the reason is may be possible to undelete such a file is that no overwrites of the data take place because it is possible that no other process has reclaimed the disk space. If you've had lots of disk activity since your deletion, the odds of recovering any file drop due the chance its space has been reclaimed or overwritten since.

OS X (most 'nix) always has multiple processes running, some with hefty Virtual Memory demands.
OS X (most 'nix) aggressively reclaim drivespace and 'defrags files under 20MB on the fly'.
OS X empty trash (a shell for 'nix rm -rf) has no 'undelete' option. File is toast.

The combination of the first two conditions alone dramatically increases the chance a file's data gets overwritten or reclaimed and tend to mean deleted data in 'nix is unrecoverable.

As for the 'secure empty trash' being noteworthy in Panther, a similar toolset to actively overwrite DoD3/7/9 times has existed since at least the nineties.

Incinerator, Shredder, and various other 3rd party DAs or apps shipped for just such a market.

Apple has finally rolled some more security into the default install... same as FileVault and the earlier incarnations of encrypted disk images. But if you really wanted a secure laptop before now, you could have bought the clunky Mac OS 9 version of PGP, too.

Apple may have absorbed a technology or integrated one into a more elegant solution. Doubt the overwriting software was proprietary, though in these days of the DMCA who knows.
  quote