If you just use the
rm
command or drag a file to the
trash on a Mac OS X system, then it is possible for a technically
knowledgeable person to recover the information in that file. A
normal delete removes what is essentially a pointer to where the
file is stored on a disk drive, but doesn't overwrite the areas on
the disk where the file is stored. A normal file deletion is sort
of like removing an entry from a book's table of contents and
index; someone could read the entire book and still obtain the
information to which the entry pointed.
There is a secure way to delete the contents of a file, though, by overwriting the areas on the disk where the file is stored. If you overwrite the data on the areas with new data the old data is no longer accessible.
Note: if you only overwrite the areas occupied by the file once, it is still possible for someone to recover the contents of the file, but then it reqires not just technical knowledge, but specialized equipment. E.g. a company specializing in data recovery or a government agency with skilled forensics personnel and specialized equipment might still be able to recover the information from traces of the magnetic signals left by the old data, but for most purposes the data can be considered unrecoverable. However, if the data is overwritten multiple times, it becomes unrecoverable even with such equipment.
There is a utility that comes with the Mac OS X operating system that will
securely overwrite a file. That utility is srm
, which will
overwrite a file multiple times making it unrecoverable. The utility
is run from a shell prompt, which you can obtain by using the
Finder and going to Applications, Utilities, and
then double-clicking on Terminal. The syntax for the command is
srm [OPTION]... FILE...
, e.g. srm somefile.doc
.
You can obtain further information on the utility by opening a terminal
window on a Mac OS X system and typing man srm
.
NAME srm - securely remove files or directories SYNOPSIS srm [OPTION]... FILE... DESCRIPTION srm removes each specified file by overwriting, renaming, and truncat- ing it before unlinking. This prevents other people from undeleting or recovering any information about the file from the command line. srm, like every program that uses the getopt function to parse its arguments, lets you use the -- option to indicate that all following arguments are non-options. To remove a file called '-f' in the current directory, you could type either "srm -- -f" or "srm ./-f". OPTIONS -d, --directory ignored (for compatibility with rm(1)) -f, --force ignore nonexistent files, never prompt -i, --interactive prompt before any removal -r, -R, --recursive remove the contents of directories recursively -s, --simple only overwrite with a single pass of random data -m, --medium overwrite the file with 7 US DoD compliant passes (0xF6, 0x00, 0xFF, random, 0x00, 0xFF, random) -z, --zero after overwriting, zero blocks used by file -n, --nounlink overwrite file, but do not rename or unlink it -v, --verbose explain what is being done --help display this help and exit --version output version information and exit NOTES srm can not remove write protected files owned by another user, regard- less of the permissions on the directory containing the file. The -s option overrides the -m option, if both are present. If neither is specified, the 35-pass Gutmann algorithm is used. Development and discussion of srm is carried out at <http://source- forge.net/project/?group_id=3297>, which is also accessible via <http://srm.sourceforge.net>.
References:
-
Secure File Delete on Mac OS X
Date: August 16, 2007
Exxamine's Weblog