Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'A faster way to securely delete files' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
A faster way to securely delete files
Authored by: victory on Feb 05, '09 10:17:47AM
Nice tip!

To do this from the cmd-line instead, use:

diskutil secureErase freespace 1|2|3 [device]

Where:
1 = Single pass randomly erase the disk.
2 = US DoD 7 pass secure erase.
3 = Gutmann algorithm 35 pass secure erase.

Use df, mount, etc. to determine the device specifier for the volume.
** DO NOT FORGET THE 'freespace' KEYWORD! **

In the past, I've used a slightly safer (but less secure) method:

dd bs=1024 if=/dev/zero of=dummy-file; sync;rm -f dummy-file

The idea is simply to create a huge dummy file filled with zeros (you could also use /dev/random) that grows to use up all your remaining space on a volume. Once it does, dd will quit and the dummy file is deleted immediately afterwards. Note that this method isn't 100% secure because it doesn't take into account all the underlying disk caching mechanisms and it's probably not ideal for running on your root OSX volume which expects to have a certain amount of minimum free space all the time.

On another note, I believe the Finder uses /usr/bin/srm under the hood for its secure-delete option. As you mentioned, it appears from the srm manpage that a multi-pass method is used by default:

"The -s option overrides the -m option, if both are present. If neither is specified, the 35-pass Gutmann algorithm is used."

One final reminder: Once files are deleted, I don't know if Spotlight securely overwrites its underlying database files used for metadata storage. In other words, unless Spotlight was specifically disabled for a volume, it's possible that some file metadata may survive in the internal Spotlight database, even using the techniques described in these hints.

[ Reply to This | # ]