Q: Secure Empty Trash missing on El Capitan

apparently if you hold down the Option key it empties it securely, but it doesn't work for me. Does it work for anyone? https://www.youtube.com/watch?v=0N0gKrHELk4

John Galt wrote:

 

Your concerns are addressed in my second reply to kohls. Sometimes replies are not visible until you post a reply. It's a longstanding bug with this site.

 

Why do you need bumpers on your car? just drive a tank for safety. I need an easy way of deleting sensitive material from my computer as it was implemented before.

 

Not really. Sensitive material is sensitive upon creating it, and doesn't suddenly become sensitive the moment you decide to delete it. FileVault satisfies the need to ensure data security from creation through deletion. The "easy way" you advocate is analogous to installing bumpers on your car right before an accident.

So, by analogy, you would say that someone should keep all private documents in a safe rather than a mere filing cabinet, and then shredding them when he wants to dispose of them? Makes no sense to me, and I doubt it would to Ayn Rand, either.

Not quite. I'm saying you should stop deceiving yourself into thinking that your documents are secure when they are not.

Nothing changed about Secure Empty Trash, except its elimination for the sound reasons I explained. If you like, you can always use srm to perform the equivalent task. It remains available in El Cap. It will have the same limitations it always has, preserving your illusions.

It appears Apple has changed the way the trash is emptied.

Right or control click the Trash icon then right or control click file then click:  Delete Immediately

That removes the location and overwrites the file so it can’t be recovered ever by anyone.

Carolyn Samit wrote:

 

It appears Apple has changed the way the trash is emptied.

 

Right or control click the Trash icon then right or control click file then click:  Delete Immediately

 

That removes the location and overwrites the file so it can’t be recovered ever by anyone.

I just tried and and found nothing like you describe. Control-click produces the following:

Hi kohls,

It seems as though there was an issue in this current OS release, and will possibly be addressed in a future OS update.

For security reasons (per OS X El Capitan Security Content Release Notes):

• Finder
  • Available for: Mac OS X v10.6.8 and later
  • Impact: The "Secure Empty Trash" feature may not securely delete files placed in the Trash
  • Description: An issue existed in guaranteeing secure deletion of Trash files on some systems, such as those with flash storage. This issue was addressed by removing the "Secure Empty Trash" option.

Resource:

About the security content of OS X El Capitan v10.11 - Apple Support

Keep up to date on your software, as I'm sure this will be added back just as soon as Apple can find a fix to this issue and once they can ensure that "Secure Empty Trash" is able to actually securely place deleted files in the trash.

Take care.

--------

<Edited by Host>

For me this has nothing to do with security, but everything to do with allocated space and the immediate freeing up of it in order to keep a disk as non-fragmented as possible. Hear me out... Yes, I know that OS X defragments in the background, but only up to a point. If one works with extremely large files *as in the case of video/illustration etc* AND those files are sitting on an external HDD, that is another issue vs. regular usage from an internal SSD. I don't keep ANY working files on my SSD. I have several external drives which are regularly populated and culled for the use of photo/video editing.

Taking away the secure delete option for people using HDD's was short sighted IMO. If I were able to afford large volume external SSD's, I wouldn't care. TRIM would take care of those woes. But this isn't the case with HDD's.

Doug

Doug,

I can definitely see where you are coming from and how this is inconveniencing  you, however and I posted above the security content release notes for OS X El Capitan note that the ability to securely empty trash was removed due to a security concern that came up. They don't explicitly say that this change is permanent, so we will have to see whether Apple finds a way to better secure this method and present a fix in an upcoming software release.

We'll our fingers crossed that Apple finds a way to address thing and bring back this feature that you find so helpful.

https://support.apple.com/en-us/HT205267

lol the most ignorant thing I've ever read, a file is deemed 'sensitive' whenever the a person thinks it is. The removal of this feature as well as the 'erase free space' is completely horrendous. FileVault is a piece of trash, I guess I'll go back to old school 'overwriting' to erase data... that's basically what erase free space did in a more convenient manner.

<Edited by host>

Carry out a Left click on the Trash icon, the Trash folder will open - then right click on an item and you will see the Delete Immediately choice as Carolyn has described.

Rocky_Balboa wrote:

 

Carry out a Left click on the Trash icon, the Trash folder will open - then right click on an item and you will see the Delete Immediately choice as Carolyn has described.

 

 

How is that relevant to the issue of secure deletion of files>

Sure, but Secure Empty Trash was convenient for deleting files the Finder kept telling you were in use, even when they were not.

There's no Apple solution for this. The free version of CCleaner for Mac does this and more.

https://www.piriform.com/ccleaner-mac

It's impossible to securely delete files from flash storage. The only protection there is full disk encryption. However this doesn't explain why this option is disabled for users with hard drives.

I've found that sometimes, when using iCloud Keychain to suggest a password, the password is not actually saved into the keychain. This happens occasionally when resetting a password, rather than creating one for a new service. To counteract this, I screenshot the suggested password when resetting passwords, log out after resetting the password, try to log back in, and if it still uses my old password to log in, I manually type the screenshotted password, then securely remove it.

There is no “illusion of security” there. Security is not a binary, it's a continuous spectrum. Yes, screenshotting it is less secure than not doing so, since it gives access to anyone grabbing files off my desktop (at which point they have access to my Keychain, anyway, however) or recording my screen from a nearby hardware camera (the suggested password is exposed for a short second by Safari, anyway, however), etc., but it's a compromise. That's what *all* security is. Yes, humans may not be intuitively good at knowing which security practices are important and which are illusions, but if you're going to make the claim that a particular security measure is an illusion, at least back it up. I would say the same to someone claiming it isn't an illusion. If you don't have anything to back up your claims, a question is more appropriate than a statement of fact; “are you sure that's actually secure and not just something that soothes your fears?”

Installing bumpers right before an accident would be an apt analogy for someone just securely deleting their files and erasing free space when the FBI are knocking, not what people are advocating here. I can't really think of a good analogy for the situation here, probably because analogies never map 1-to-1, anyway.