6 Replies Latest reply: Aug 17, 2010 6:23 AM by Kurt Lang
3gfisch Level 1 (0 points)
I Would like to know
How many Times "Secure emty trash" overwrites?
I have to know this for my company and we must delete our data Safe!
Can someone from Apple answer Plz a 100% correct how man Times and with wich oder (00,00,FF,00...?)

MacBook pro 09, Mac OS X (10.6.4)
  • Richard Segedi Level 4 (1,050 points)
    Here's a website in which Secure Empty Trash is discussed along with some other methods of totally deleting files.

    http://www.techtalkpoint.com/articles/how-to-secure-erase-files-from-your-hard-d rive-in-osx/

    Note the third paragraph under "Shredding" which says:

    "As of 10.3, Apple made it easy to securely erase your data, and in 10.5 they made it even more easy. Basically, once you have moved whichever items you need to securely remove to your trash, via drag-and-drop or using the Finder “Move to Trash” keyboard shortcut: Apple Key + Delete, then select “Secure Empty Trash” from the File menu in the Finder.

    In 10.5, this can be done the same way, or by using the respective button in the windw tool bar having opened the Finder window for the trash by double-clicking the Trash icon in the Dock.

    And so, once that button has been clicked, OSX will run a 35-pass overwrite of the file, essentially going well beyond the basic recommendations of any government security department. And once it is done, there will be no going back, even the most persistent Mac Digital Forensics expert or Data Rescue Professional will NOT be able to get that data back from that hard drive or memory store for you."

    I don't know how reliable this information actually is but I know from my own experience that Secure Empty trash takes quite a long time to delete a single page document, plenty of time for a 35 pass overwrite, it seems to me.

  • garrett.ifland Level 1 (0 points)
    It overwrites 7 times - 0000000
  • 3gfisch Level 1 (0 points)
    Thx for all but now i have two answers 7 times an 35 Times???
    7times is enough but Not if 0000000...
  • Richard Segedi Level 4 (1,050 points)
    I doubt whether anyone here on these forums can really answer your question with the exactness that you are looking for since this is a user forum and not necessarily monitored by anyone at Apple, itself. To get as definitive answer to your question as possible you'll need to contact Apple directly. Their customer service number in the U. S. is 1-800-676-2775. You should start with them. Hopefully they can steer you to some department at Apple which can give you the information you need. Good luck and if you do find the answer, please post back. I'm curious now myself

  • BobHarris Level 6 (17,629 points)
    Thx for all but now i have two answers 7 times an 35 Times???
    7times is enough but Not if 0000000...

    I think Secure Empty Trash is a 7-pass DOD 5220-22 M standard erase.

    Disk Utility can erase an entire disk using either a single pass of zeros, the 7-pass DOD 5220-22 M standard, or a 35-pass Gutmann algorithm.

    Google is your friend.
  • Kurt Lang Level 8 (36,635 points)
    Here's part of an article explaining the process for attempting to retrieve overwritten data from a few years back. Apologies to the author, I didn't save your name so as to give you proper credit here.

    Once the disk clusters that were occupied by a deleted file have been overwritten with new data, the file is gone forever. Or is it? In fact, the old data may still be present on the magnetic media, as a kind of wiggle in the waveforms that represent the data. Using intricate, high-tech equipment, technicians first copy the exact waveform recorded on an area of the disk, without translating the signal into bits and bytes. They then generate a perfect waveform representing the corresponding data bits, subtract the perfect waveform from the actual waveform, and amplify the differences. When successful, this process recovers the data previously stored in the specified area of the disk. Theoretically, you can even repeat the process, obtaining yet an earlier chunk of data. Physical limitations preclude more than seven repetitions of the recovery process. That doesn't mean you can recover seven layers of data, only that you can't recover more than seven. This level of recovery must be performed by experts, and is painstaking and expensive. In most cases, recreating the lost data from scratch is more cost-effective.

    So unless you have access to expensive software which can maybe, but necessarily successfully, dig lower than 7 passes of other data, your data is for all intents and purposes, gone. Seven passes is considered secure by the U.S. government for all but the most sensitive data. For that, they literally take a hatchet to the drive platters and break them apart.