Secure File Delete on Mac OS X

Under Linux I always used wipe within a terminal to securely delete my files, and I was about to purchase “ShredIt X” to essentially perform the same thing under Mac OS X when I came across a comment on a software download forum mentioning srm.

srm is a Unix command-line tool to securely delete a file. It is installed by default for us Mac OS X users too, just open up a Terminal and type the following:

srm my-file.doc

Quick, right? You did type srm, not just rm, right? srm is designed to operate just like rm so it takes the same command line switches or options, but rather than just deleting the file (or the link between what is essentially an index of files and the actual location of the data on the physical disk which in reality is exactly what a normal delete does (hence it’s lightning quick)) it looks at the data on the physical disk and overwrites it.

Now, the US Department of Defence specifies certain requirements about the overwriting process to ensure the chances of recovery are limited. Basically hard disks are like magnets and file data is stored as magnetic fingerprints (yes, this is highly simplified) on those disks. Consider a fridge door with magnetic letters spelling out a message. Same difference. However, remove those letters and although the information cannot be read by the naked eye specialist data recovery firms (and law enforcement agencies) have methods and tools to retrieve the fingerprints just like they were ghosts or shadows of the original data. Very clever, very scary.

Anyway, the DoD specification reads quite simple compared with a data overwriting algorithm specified by a guy called Guttman which basically entails random data repeatedly written over the data thirty six times. The DoD I think specifies six.

There is a disadvantage to using Guttman’s method: The process is a whole lot slower than the DoD’s method and obviously orders of magnitude slower than a standard delete. Swings and roundabouts, as they say.

I prefer the more secure route. And srm uses the Guttman method by default. So that .doc file above really did go, unless you forgot the s.

Now, if you think you have already removed via Trash or rm files that you wish you’d securely deleted, there is a get out clause. You can ask Disk Utility to securely delete your free disk space. When a file is removed the normal (non-secure) way, the physical space on disk although not overwritten is now available for other files to be written to. Otherwise when you deleted a 1 gigabyte file you’re disk free space wouldn’t go up by the same amount! However, once it has been overwritten (in whole or in part) by future files like videos, emails, documents or resources used by your operating system, the physical area on the disk may or may not right now be in use. Areas not in use will be securely erased, areas in use obviously not.

Thank you Apple and open source software developers.

Advertisements

1 Response to “Secure File Delete on Mac OS X”


  1. 1 thinker4ever October 7, 2007 at 3:35 am

    Thank you for the GOOD information

    Is there a differance between srm and the gui secure erase,
    most likely not since the gui is built on the fantastic free-bsd unix os system.

    I am so happy :} for your simple but great answer to my question of secure wipe of free space on disk.

    It is scary that the goverment is starting to look into our private lives. Even God keeps eyes closed what we feel is private and does not hurt others. The internet should be a place where we can gain information of both good and evil (that which causes injury to another). It only the use of information that causes harm, not the gaining of information.

    How can downloading free information be wrong? Let the bad persons pay for the cost of internet fees, let everyone go to the bad sites and cause them to collapse.

    When the goverment starts to control what we see, then evil grows.

    Thank for helping me keep my fig leaves on my private parts.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s





%d bloggers like this: