Secure Erase Trash

When it comes to deleting files and useless junk data from your computer, that one thing on your mind is…… “Has it been erased forever?” Answer may probably be no. Luckily Mac OSX comes with a Secure Erase Trash feature hidden in the Preferences. Finder > Preferences (⌘ ,) > Advanced, the standard for Secure Erase Trash is 7-Pass Erase which is standard for the US DoD.

By default Secure Erase Trash isn’t enabled, but turning it on will be sure delete junk data more securely by writing over it 7 times. However 7-Pass erase may not enough for you and you may be wondering if you can alter that to make it go over the data 35 times. There is a way to change the default 7-Pass erase to the 35-Pass Erase (Gutmann Algorithm). Paranoid or not, but it’s best you’re gonna get in ensuring those files can never be recovered by recovery software. However… changing the pass writes over the files will take longer naturally, without Secure Erase enabled files you sent to the trash will be easily recovered, lets just call it ghost data. Ghost data can be easily recovered by file recovery software. The normal Zero-Pass Erase will delete files in minutes, while 7-Pass and 35-Pass will take half-hour/hour maybe longer or less, depending on the size of files that are being erased.

If you want to switch the default Secure Erase of 7-Pass to the 35-Pass you’ll need Xcode 4.3 to edit the Plist file, you can download and install that from the App Store, it’s Free to download it’s about 1.68Gb

Now you’ll need to find the Plist file you’re going to edit, first open Finder or click on Go from the Menu and select Home then click on Library > Preferences then search for next Right-Click and select Open with ‣  Xcode 4.3

Next right-click anywhere on the Plist and select Add Row, then type in the first text box _FXSecureEmptyTrashLevel next you want to make sure the type is String then enter the value -1

Entering the value of -1 will change the erase to use 35-Pass Erase. If you were to change it to another value……say 9, it will only do single erase, I’m not 100% what the other values are that can be used which would probably default to 7-Pass Erase, but I’m gonna take a guess and say 1, there are other values which should only just Zero Out Data which only erases information used to access your files and writes 0’s all over them once. I only found out this info after a bit of digging around the Internet, hopefully this proves useful.

So now that you’ve entered a new Plist item, go ahead and save it and quit Xcode, you should notice that data gets erased much slower than usual because it’s doing it 35 times. If you wish to remove the Plist item, just edit the Plist in Xcode and delete the Item by clicking on the minus button next to it’s name.

For extra added security, if you’re a first time Mac user or just gotten a new Mac, be sure to turn on FileVault Encryption from Security in Preferences. This will encrypt your entire Home folders, but will Encrypt and Decrypt as you use your files automatically. Be sure to set a strong Master Password for the FileVault, if you can’t think of good strong password, then use Password Assistant to help create a strong random password. But be warned… if you forget your password you’ll lose all access to your files. Turning on FileVault will create a stronger chance that any data you send to Trash and Secure Erase will be unrecoverable to a near 100%. –– Normally… if you’re gonna sell off your Mac, you’ll use the Disk Utility to erase everything off the drive, by selecting Erase Options, you can select the 35-Pass Erase. If you do select it to erase everything off your disk it may take a few days to erase everything depending on how big the drive is and how much stuff is on there, but in the end it’s well worth it.

FYI: Done on Mac OSX 10.6.8, so it may differ on older systems. Newer systems such as Lion 10.7 will probably be similar.


Comments are closed.