kohls

Q: Secure Empty Trash missing on El Capitan

Just installed El Capitan and discovered that the Secure Empty Trash feature is missing. Anyone know how to get this back?


Posted on Sep 30, 2015 2:42 PM

Close

Q: Secure Empty Trash missing on El Capitan

  • All replies
  • Helpful answers

first Previous Page 3 of 15 last Next
  • by Starry001,

    Starry001 Starry001 Oct 3, 2015 12:46 PM in response to John Galt
    Level 1 (6 points)
    Mac OS X
    Oct 3, 2015 12:46 PM in response to John Galt

    This is what I hear: "You can't secure empty trash, bla bla bla bla." With all due respect, this does not help me. That's a why the problem exists response, not a how to fix the problem response.

     

    So I appreciate the reply, but it doesn't address the problem.

     

    You say its possible under FileVault. Okay... how can we set it up so the entire OS is under FileVault thus returning the functionality.

  • by Starry001,

    Starry001 Starry001 Oct 3, 2015 12:55 PM in response to jwpastor
    Level 1 (6 points)
    Mac OS X
    Oct 3, 2015 12:55 PM in response to jwpastor

    I used it a few years ago and it messed up my system. I had to repair my disk every time I ran it. Maybe they have fixed it since then but once bitten, twice shy.

  • by gumparker,

    gumparker gumparker Oct 3, 2015 1:55 PM in response to Carolyn Samit
    Level 1 (0 points)
    Oct 3, 2015 1:55 PM in response to Carolyn Samit

    Helped me. Thanks!

  • by NBW,

    NBW NBW Oct 3, 2015 3:08 PM in response to Starry001
    Level 1 (9 points)
    Mac OS X
    Oct 3, 2015 3:08 PM in response to Starry001

    File Vault does not delete files. What he is getting at is that, after you install OS X, and before you place any files on your SSD, you should enable File Vault's full disk encryption. This is found in System Preferences -> Security & Privacy -> File Vault. This will begin the process of encrypting your entire SSD using a password.

     

    I am going to keep things very simple here as the underlying technology at work is complex. Basically, once the process of encrypting your entire SSD is complete all files on it and those you add to it will be stored encrypted. When you log into you Mac it will use your password as a key to 'unlock' your encrypted disk (again keeping this explanation simple) and you will see your files like always. You will be able to create new files, modify files and delete files as always.

     

    If someone takes your disk, or turns on your laptop and they don't know your password they will not be able to access any files on the disk as they are encrypted. So for all intents and purposes to someone without the password the disk contains a bunch of random 0s and 1s that don't make up anything useful.

     

    So using File Vault does not exactly give you secure delete functionality in the same sense as what secure delete did. However, by using it no one (without the password) will be able to access your file whether or not you delete it with regular 'non secure' delete or if you never delete it from the encrypted disk.

     

    To me this is still somewhat less secure then explicitly secure deleting the file because secure delete would not only write random bits to the file (essentially what an encrypted file looks like when it is 'locked') but it would repeat this process multiple times. This is important with 'old fashioned' hard drives (non-SSD) because when you write a file to them, even if you overwrite the file with random bits, there is still a physical residual magnetic signature which can be used to recover them. The more times you write random bits over it the harder and harder it becomes to read the original signature. Think of it like you dripped some spaghetti sauce on your white shirt. You spray it with oxyclean and wash it. The first time you take it out of the wash you can still make out some of the stain. That's the residual signature that can be used to recover your deleted file. So you spray it again and repeat the wash. The next time there's even less of a stain. You rinse and repeat until you can't see it anymore.

     

    However, the problem with that approach with SSD (flash) drives is that flash memory/drives physically store data differently than a traditional magnetic hard drive does. In addition sophisticated controller software is used to manage how and where data is written to and deleted from them to ensure performance and longevity. Again all needed due to the underlying physical characteristics of flash based storage. In short, unless you use tools from the flash drives' manufacturer for secure deletion, there is no way for an operating system to directly guarantee secure deletion. Again, I am keeping things very simple here. If you want to learn more Google is your friend (secure delete SSD).

     

    So I can understand the general principal of removing the option, however, many people still use non SSD drives like external USB, SCSI, Firewire etc. and may want to securely delete a file from it.  From that standpoint this is a loss of convenient functionality. For those folks your best bet is either a 3rd party utility if you want a GUI, or use the 'srm' command from the terminal. Neither option is quite as convenient as the original functionality was.

  • by freediverx01,

    freediverx01 freediverx01 Oct 3, 2015 3:33 PM in response to Starry001
    Level 1 (90 points)
    Mac OS X
    Oct 3, 2015 3:33 PM in response to Starry001

    Full disk encryption used to be flaky. Apple nailed it a while ago though and it's very reliable now.

  • by Starry001,

    Starry001 Starry001 Oct 3, 2015 5:27 PM in response to freediverx01
    Level 1 (6 points)
    Mac OS X
    Oct 3, 2015 5:27 PM in response to freediverx01

    I am talking about CCleaner, as the comment I replied to recommended it as doing the same thing as a secure delete. Last time I used it it messed up my system and had to do extensive repairs.

  • by grdh20,

    grdh20 grdh20 Oct 3, 2015 5:36 PM in response to kohls
    Level 1 (43 points)
    Oct 3, 2015 5:36 PM in response to kohls

    or in terminal:

     

    sudo rm -rf ~/.Trash/*

  • by NBW,

    NBW NBW Oct 3, 2015 9:05 PM in response to grdh20
    Level 1 (9 points)
    Mac OS X
    Oct 3, 2015 9:05 PM in response to grdh20

    Thats bad advice with respect to the OPs original question because that command is  functionally the same as emptying the trash can from the Finder.

  • by Joe Gramm,

    Joe Gramm Joe Gramm Oct 3, 2015 10:28 PM in response to Satchmo
    Level 5 (6,344 points)
    iPhone
    Oct 3, 2015 10:28 PM in response to Satchmo

    It works for me if you right click on a file in the trash.  Still would like to see some evidence that Delete Immediately is the same as Secure Empty.

  • by kungfuu72,

    kungfuu72 kungfuu72 Oct 4, 2015 12:37 AM in response to John Galt
    Level 1 (0 points)
    Oct 4, 2015 12:37 AM in response to John Galt

    John Galt wrote:

     

    "Sensitive files ought to be considered sensitive from creation through deletion and everything in between. A document or file does not suddenly become sensitive the moment you decide to delete it.

     

    Haha. That's a good one... Tell that to Hillary Clinton...

  • by jDavis3,

    jDavis3 jDavis3 Oct 4, 2015 5:49 AM in response to John Galt
    Level 1 (0 points)
    Oct 4, 2015 5:49 AM in response to John Galt

    I totally disagree with Apple on this. It is not their right, nor does it make any sense for Apple to decide for me what data I decide not to have on my MacBook Air,

  • by habibmk,

    habibmk habibmk Oct 4, 2015 6:49 AM in response to jDavis3
    Level 1 (0 points)
    Oct 4, 2015 6:49 AM in response to jDavis3

    It is absolutely their right. Just as it is your right not to buy the computer.

     

    It's not a matter of agree or disagree, anyway. Apple cannot offer this to SSD owners. Listen to NBW! Read the long post he made a page back. It explains everything. I think John Galt has also explaining why SSDs cannot secure empty trash and I think a few others.

     

    Now if you have a hard drive, the terminal command `srm` is functionally the same. However, unless the file you're trying to secure delete exists for a very short time or something, I suggest also encrypting it during its lifetime (then secure deleting it when you no longer need it).

  • by deepquest,

    deepquest deepquest Oct 4, 2015 6:55 AM in response to kohls
    Level 1 (40 points)
    Oct 4, 2015 6:55 AM in response to kohls

    well the secure delete is here but have to use it manually in command line. Type arm --help for details in terminal.

  • by midiman1000,

    midiman1000 midiman1000 Oct 5, 2015 3:50 PM in response to bren_nan
    Level 1 (0 points)
    Oct 5, 2015 3:50 PM in response to bren_nan

    Option or command click on the trash and right click on the files you want to delete inside the trash, click on delete immeiately.

    That does it!

    Thank you so much!

  • by Satchmo,

    Satchmo Satchmo Oct 5, 2015 8:20 PM in response to habibmk
    Level 4 (1,263 points)
    Mac OS X
    Oct 5, 2015 8:20 PM in response to habibmk

    habibmk wrote:

     

    It's not a matter of agree or disagree, anyway. Apple cannot offer this to SSD owners.

     

    Then what has been happening to trashed files on SSD drives when secure delete was selected under Yosemite?

first Previous Page 3 of 15 last Next