If you just use the
rm command or drag a file to the
trash on a Mac OS X system, then it is possible for a technically
knowledgeable person to recover the information in that file. A
normal delete removes what is essentially a pointer to where the
file is stored on a disk drive, but doesn't overwrite the areas on
the disk where the file is stored. A normal file deletion is sort
of like removing an entry from a book's table of contents and
index; someone could read the entire book and still obtain the
information to which the entry pointed.
There is a secure way to delete the contents of a file, though, by overwriting the areas on the disk where the file is stored. If you overwrite the data on the areas with new data the old data is no longer accessible.
Note: if you only overwrite the areas occupied by the file once, it is still possible for someone to recover the contents of the file, but then it reqires not just technical knowledge, but specialized equipment. E.g. a company specializing in data recovery or a government agency with skilled forensics personnel and specialized equipment might still be able to recover the information from traces of the magnetic signals left by the old data, but for most purposes the data can be considered unrecoverable. However, if the data is overwritten multiple times, it becomes unrecoverable even with such equipment.
There is a utility that comes with the Mac OS X operating system that will
securely overwrite a file. That utility is srm, which will
overwrite a file multiple times making it unrecoverable. The utility
is run from a shell prompt, which you can obtain by using the
Finder and going to Applications, Utilities, and
then double-clicking on Terminal. The syntax for the command is
srm [OPTION]... FILE..., e.g. srm somefile.doc.
You can obtain further information on the utility by opening a terminal
window on a Mac OS X system and typing man srm.
NAME
srm - securely remove files or directories
SYNOPSIS
srm [OPTION]... FILE...
DESCRIPTION
srm removes each specified file by overwriting, renaming, and truncat-
ing it before unlinking. This prevents other people from undeleting or
recovering any information about the file from the command line.
srm, like every program that uses the getopt function to parse its
arguments, lets you use the -- option to indicate that all following
arguments are non-options. To remove a file called '-f' in the current
directory, you could type either "srm -- -f" or "srm ./-f".
OPTIONS
-d, --directory
ignored (for compatibility with rm(1))
-f, --force
ignore nonexistent files, never prompt
-i, --interactive
prompt before any removal
-r, -R, --recursive
remove the contents of directories recursively
-s, --simple
only overwrite with a single pass of random data
-m, --medium
overwrite the file with 7 US DoD compliant passes (0xF6, 0x00,
0xFF, random, 0x00, 0xFF, random)
-z, --zero
after overwriting, zero blocks used by file
-n, --nounlink
overwrite file, but do not rename or unlink it
-v, --verbose
explain what is being done
--help display this help and exit
--version
output version information and exit
NOTES
srm can not remove write protected files owned by another user, regard-
less of the permissions on the directory containing the file.
The -s option overrides the -m option, if both are present. If neither
is specified, the 35-pass Gutmann algorithm is used.
Development and discussion of srm is carried out at <http://source-
forge.net/project/?group_id=3297>, which is also accessible via
<http://srm.sourceforge.net>.References:
-
Secure File Delete on Mac OS X
Date: August 16, 2007
Exxamine's Weblog
