logo

Home page
Articles for Windows, Linux, OS X
Mac tips and articles
Mac tips
Windows 8 tips and articles
Windows 7 tips and articles
Vista Tips
XP Tips
Linux tips and articles
Read the blog
Online store
Windows, Linux, OS X programs
Links
About

Apple Mac OS X tips and tweaks

Deleting files is not secure

Security is an important issue with computers and it seems like almost every day there is a problem with the computer or some internet service divulging personal information to all and sundry. As one security leak is plugged, another one pops up to take its place. You shouldn't worry too much about security, but whenever possible you should take measures to hide personal information and files.

Have you ever thought about the security issues when deleting files on your Mac? Any file you delete is simply moved to the Trash folder and it isn't really deleted. Anyone with access to your computer can pull a file out of the Trash and then open it or copy it. To really delete a file you need to erase its contents before it is deleted. There is one simple way to do this, but it has major drawbacks. Fortunately, there is a better way that solves the problems, but it's not for novices. Read on if you're an expert user.

Securely empty the Trash

Here is the simple way to securely delete a file so that no-one is able to recover it and access its contents: Delete the file by dragging it to the Trash in the Dock, then right click the Trash icon to display the menu. The menu says Empty Trash and if you click it, the file is deleted from the Trash folder. However, it is not really deleted and the space that it occupies on the disk is simply marked as free. Until that free space gets overwritten, which could be quite some time, someone with the right software tools can recover the file.

What you need to do is to right click the Trash icon in the Dock and then press the Command key (with the Apple logo on). The menu changes and it now says Secure Empty Trash. OS X will overwrite the contents of the file with junk before deleting it and this means that even if someone recovers it, they won't be able to see the original contents. They've been wiped.

It is therefore very easy to securely delete files. The problem is that everything in the Trash is deleted too. The whole point of the Trash is to store files you have deleted just in case you decide you actually wanted them. If you empty the Trash, you'd better make sure you will never want any of the files it contains because you'll never get them back.

Use the Terminal

Emptying the whole Trash folder just to securely delete one file seems like using a sledgehammer to crack a walnut. It's an overkill. Wouldn't it be better if we could securely delete just the file we want? We could keep the Trash just in case we need something in there and just get rid of one file.

Unfortunately, there isn't a way to do this using Finder, but there is a way to do this from the Terminal. Underneath the pretty user interface, OS X is similar to Unix and Linux, and you can access many advanced functions from the Terminal. It's a command line interface that is not very friendly at all, but sometimes you just have to use it, as in this case.

The command we're interested in is rm, which is short for remove. In its simplest form, you would type rm file where file is the name of the file you want to delete.

There are a number of command line switches that enable additional functions and if you use -P like this rm -P file then the file is overwritten three times with different values before the file is deleted. Unlike deleting files in Finder, they are not moved the to Trash folder. There are some more useful switches and -R will delete folders as well as files, including any subfolders and the files they contain. There's one more command line switch that is useful, and that's -f. This removes files regardless of their permissions. Sometimes you find that you can't delete a file in Finder because the permissions won't let you and this gets round the problem.

The whole command is therefore rm -fPR file. There's just one more thing. If you go to the Applications, Utilities folder and run Terminal, it opens in standard user mode, even though you may be logged on with an administrator account. When you use the rm command you should run it as an administrator like this: sudo rm -fPR file. The sudo prompts you to enter your administrator password before executing the command.

Step-by-step

Suppose that you have a file in your Documents folder called report.rtf and you want to securely delete it. Here's what you would do. Go to the Applications, Utilities folder and run Terminal. It always starts in your home folder, so you would type:

cd Documents
sudo rm -fPR report.rtf
exit

You can now quit Terminal

Clear files stuck in the Trash

Sometimes you empty the Trash and when you check to see if they are all gone, one or two files remain. No matter how many times you try to empty the Trash, you just can't get rid of them. Try this: Go to the Applications, Utilities folder and run Terminal, then type...

cd .Trash
sudo rm -fPR *
exit

Warning!

Remember that the rm command deletes files without prompts, without moving them to the Trash and with no chance of recovering them. This means that you need to take extra care when using it. Rememeber, whole folders and all the subfolders and all the files will be removed if you give it the name of a folder to remove. Using the wildcard * is very dangerous because it means everything. In the previous example we changed to the Trash folder first. If we hadn't, it would have wiped out everything in the home folder - documents, photos, videos, everything! The rm command is for experts only!



copyright