The difference between secure empty and just empty trash?

Joined
Dec 28, 2006
Messages
173
Reaction score
0
Points
16
Location
Scotland, UK
Your Mac's Specs
MacBook Pro 15", 2.16 ghz, 1GB ram, 120GB; iPod Classic 80GB; iPod shuffle (2nd gen); iPhone 16gb
Just wondering what the difference is between the options to 'empty trash' and 'secure empty trash'. I notice that when you select 'secure empty trash' a dialogue box says that emptying the trash this way means no files can be recovered. Does that mean that emptying the trash the regular way allows for recovery of files later? How would I go about recovering an accidentally deleted file?
 
Joined
Mar 20, 2007
Messages
46
Reaction score
1
Points
8
When you delete files from your hard drive the standard way (ie Empty Trash in OS X and Empty Recycle Bin in Windows) the area on the hard disk where those files are stored is marked as deleted, but the files themselves are not actually removed. This is because it's a lot quicker to tell the OS that that space on the hard drive can be written over in the future without actually removing the information. Only when all your hard drive free space is used, and the hard drive comes to that area of the disk will the files be overwritten with new information.

This means therefore that that information, as it technically still exists, can be recovered. There's fairly simple software out there that will let you recover data marked is being deleted without it actually having been removed. If you had sensitive files on your hard drive for example, you could delete them the standard way and go on to sell the drive/computer at some point, and those files could technically be recovered.

"Secure Empty Trash" in Mac OS X performs an overwrite of the disk area where those files are stored, with 0's, 1's and random information several times. The upshot is that the files are definitely removed (or overwritten) on the hard drive, but it takes a lot longer.
 
OP
stevo-m
Joined
Dec 28, 2006
Messages
173
Reaction score
0
Points
16
Location
Scotland, UK
Your Mac's Specs
MacBook Pro 15", 2.16 ghz, 1GB ram, 120GB; iPod Classic 80GB; iPod shuffle (2nd gen); iPhone 16gb
When you delete files from your hard drive the standard way (ie Empty Trash in OS X and Empty Recycle Bin in Windows) the area on the hard disk where those files are stored is marked as deleted, but the files themselves are not actually removed. This is because it's a lot quicker to tell the OS that that space on the hard drive can be written over in the future without actually removing the information. Only when all your hard drive free space is used, and the hard drive comes to that area of the disk will the files be overwritten with new information.

This means therefore that that information, as it technically still exists, can be recovered. There's fairly simple software out there that will let you recover data marked is being deleted without it actually having been removed. If you had sensitive files on your hard drive for example, you could delete them the standard way and go on to sell the drive/computer at some point, and those files could technically be recovered.

"Secure Empty Trash" in Mac OS X performs an overwrite of the disk area where those files are stored, with 0's, 1's and random information several times. The upshot is that the files are definitely removed (or overwritten) on the hard drive, but it takes a lot longer.

Thank you for that explanation.
 
Joined
Apr 28, 2006
Messages
2,542
Reaction score
79
Points
48
Your Mac's Specs
iMac Core Duo 20", iBook G4, iPhone 8GB :)
If you are real worried about security, you could go to the disk utility and use the "Erase Free space" option. Writing 1s and 0s 35 times should do the trick I think!
 
Joined
Aug 11, 2006
Messages
172
Reaction score
1
Points
18
Location
California
What exactly does the option "erase free space" do for the computer? Does it get rid of only trashed items or what? Sorry.... I never even knew that option existed til now.
 
Joined
Oct 10, 2004
Messages
10,345
Reaction score
597
Points
113
Location
Margaritaville
Your Mac's Specs
3.4 Ghz i7 MacBook Pro (2015), iPad Pro (2014), iPhone Xs Max. Apple TV 4K
"Secure Empty Trash" in Mac OS X performs an overwrite of the disk area where those files are stored, with 0's, 1's and random information several times. The upshot is that the files are definitely removed (or overwritten) on the hard drive, but it takes a lot longer.


Just to expand on this, it overwrites the files 8 times with 1 & 0. This particular number comes from an older US Department of Defense security specification, that has since changed (it now requires 32 times btw). The point behind this is that the data would be irretrievable by any means.
 
Joined
Mar 20, 2007
Messages
46
Reaction score
1
Points
8
What exactly does the option "erase free space" do for the computer? Does it get rid of only trashed items or what? Sorry.... I never even knew that option existed til now.
It basically goes to all the space on your hard drive marked as free space (everything that doesn't have a visible file stored on it) and performs the routine mentioned above. Therefore, if you delete files without secure deleting them (as mentioned above) and you want to make sure that they're definitely gone, you can use the "Erase Free Space" option and run the deletion routine over all the space on the hard drive marked as free space. This does take quite a while however.
 
Joined
Aug 15, 2007
Messages
306
Reaction score
8
Points
18
Location
Denver, CO
Your Mac's Specs
Mac Pro, 8GB o' RAM, 4.5 TB o' disc space, OS Ecks 10.6.7, etc
How could the data be retrieved if all empty space was written over with random 1's ans 0's once versus 32 times? Are the files still magically there if it were only overwritten a sparse 31 times? Or is this number just for emotional security?
 
Joined
Mar 20, 2007
Messages
46
Reaction score
1
Points
8
How could the data be retrieved if all empty space was written over with random 1's ans 0's once versus 32 times? Are the files still magically there if it were only overwritten a sparse 31 times? Or is this number just for emotional security?
It's to do with the way in which data storage works and the randomisation of the generated binary pattern works. Basically, because it's random 1's and 0's, the random pattern generated by the computer used to overwrite your data could, in theory, match the pattern already stored on the hard drive. For example, if the binary for a particular part of a file is thus:

0111000111000

The random 1's and 0's generated to replace it could be that same pattern, meaning the data wasn't overwritten at all and exists on the drive exactly the same. Therefore, this process is run several times. The more times you do it, the less likely it is that the random pattern generated will match, and is therefore more secure. So it basically comes down to a trade off between the processing power of the computer (as in, how quick it can perform each write) compared with the amount of time it takes and the user has. It's been upgraded from 8 to 32 because computers have become so much more powerful that it can handle it in about the same timeframe, and because 32 is much more secure than 8.
 
Joined
Aug 15, 2007
Messages
306
Reaction score
8
Points
18
Location
Denver, CO
Your Mac's Specs
Mac Pro, 8GB o' RAM, 4.5 TB o' disc space, OS Ecks 10.6.7, etc
What if the final overwrite, the 32nd time, has a 1 and 0 pattern that matched what my files were? It could happen, so multiple overwrites are no more secure. What I'd like is a random 1 and 0 pattern that is exactly what OS 10.7 will be. I could have it years early!

Instead of a random pattern which is obviously a security risk no matter how many times you do it, why not just overwrite the space with all 0's? Or a specific pattern of 1's and 0's that is the same each time and means nothing? That way it would only need to overwrite once, ever, and there is no way possible that it could match any data ever created. I think I will charge Apple lots of money for this idea.
 
Joined
Oct 10, 2004
Messages
10,345
Reaction score
597
Points
113
Location
Margaritaville
Your Mac's Specs
3.4 Ghz i7 MacBook Pro (2015), iPad Pro (2014), iPhone Xs Max. Apple TV 4K
The amount of computing power needed to match all 32 random patterns is hard to come by. We're not talking about something that a bunch of kids sitting around on their PC are doing, we're talking about the 1000 pound heads sitting around their computers trying to break it and then redesign it. Right now the only 2 likely entities in the world with the resources, and time, to do this sort of thing on their own are the US and Chinese governments.

It really has no application for the average user (unless there are things on your drive that you don't want to get put in jail for), even in the corporate world. It's actually easier to just use a great big magnet and zapp the drive that way, or physically destroy the platters if security is of that type of concern.
 

Shop Amazon


Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.
Top