Anything you delete or simply move to the Trash and empty normally, without using secure empty, is theoretically recoverable. What you are doing when you trash or delete an item is you are removing its known path from the system, but the underlying file is still there potentially recoverable... until it is actually overwritten by new data. You could use erase free space, but I am hesitant to do that myself since there have been glitches and problems associated with that. One is that it may create a huge temporary file which consumes all the free disk space and hangs things up pretty badly.
My best answer, though there may be better ones: AFAIK, the browser history and cache of any browser contain only URLs. The purpose of history is to enable you to locate a previously visited site. The purpose of the cache is to speed loading of previously visited sites. It was probably much more useful when many people had very slow dial-up connections. Now I don't think it much matters. Anyway, I don't think there's any sensitive data recorded in the history or the cache, except if you wouldn't want someone to know which sites you had visited. Many browsers allow "private browsing" to defeat this.
What might potentially be exploited is the form history, where the browser records for future use any phrases, keywords or answers to various fields. Many people recommend turning off AutoFill in Safari. I don't use Safari, but perhaps someone else will know how to find the AutoFill history and maybe selectively delete any previous entries. In Firefox, which I use, there is an Add-on to do this called Form History Control.
From any browser, you would want to remove the following:
• Card numbers: Every credit and debit card number • CVV/CVC: The 3 digit verification codes from the back of several cards • Social security / national insurance numbers • Bank accounts: Several bank account numbers and sort codes • Addresses: Home address, amongst others • Date of birth: Handy in combination with the above data • User names: login name for many many websites, even those where I said not to remember the actual passwords • Phone numbers: my home and mobile phone numbers, amongst others • Answers to several “security questions” used to reset passwords on sites
Thank you, I would think the cache would also fill with images from every page you visit as it does on PCs, not just URLs, I have no idea how it would work on Apple though. Like files, wouldn't these also bloat the HD. Where would images store as they do on a PC?
It's a good list of items to remove, but my point is it's just a delete, not a secure delete, that's what I would be happier about doing after bank details etc. Something like secure delete for Trash, but for finances websites from Safari. Assume reset safari is not secure as it could be?
If your really really paranoid, then you should remove the drive and destroy it, if it's a SSD then that's the only way to truly destroy data. SSD's can't be secure deleted at all despite what software says or does.
If your moderatly paranoid, then learn how to use Lion Recovery (or 10.6 install disk) to 7x erase the entire OS X parittion and reinstall OS X and your files from backup.
If your just wanting to remove traces of your online adult type behavior, embarrasing if discovered, then:
You need something like OnyX's cleaning and maintenance (all!) and CCleaner for OS X, once you have deleted the "caches" reboot the machine.
Mac's have many hidden caches, also you need to reboot the machine to clear the DNS cache too.
Once you do that you need to clean the "free space" on the drive using Apple's Disk Utility using the 7x overwrite feature, takes several hours.. 1x Zero is faster and may be good enough, isn't quite enough for the government spy types and that's how Brian Manning got caught. He used the 35x at first, but that takes several days to complete, it was taking too long so he used the Zero erase (about a hour) and then reinstalled OS X, it wasnt' good enough, the government got the communications with Wikileaks. LOL
If you just want a clean machine for viewing makware laden adult sites, the best way is to use a virtual machine software and a guest OS either Windows or free Linux, then save a "snapshot" of a pristine guest OS version. Revert back to that older snapshot when your done and use the Erase Free Space 7x if your paranoid.
If the law wants to check you out, they will consult the ISP records for the last year to see if you have been doing anything illegal, those records are not erased, I think the government gets a copy of that and keeps it forever. LOL.
You do know your cell phone is tracking you and recording all your behavior on it right?
You need to read Slashdot daily, you learn there is no such thing as online privacy.
Unless there's some as yet unknown exploit that can read the erased data the way specialized recovery software does, I don't think there's much to worry about as you are actively using your computer. I can't imagine an exploit that would go to all this trouble, or even if it would be possible. Anyway, there are much easier ways of stealing data.
For Safari Cache, have a look at this old thread, which might or might not still be applicable.
Or navigate to Caches/com.apple.Safari in your home Library, and move the Cache.db to the Trash. Then secure empty.
Thank you for your answers.
Why does everyone assume that when we're asking for safety online, relating to sites that have personal information and bank details you automatically suspect we're trying to hide p*rn sites? Every thread I've searched makes the same remarks,... was kind of hoping I could avoid it. I moved to Apple to avoid the problems of Windows and having bank details/credit card nicked from the laptop....
And what is 'local storage' and plist files that can't be viewed properly when opened.
When you reset Safari, the 'local storage' has all the history in there anyway, so what is the point?
Wzzz, What is the difference between Cache/Safari, and the Safari folder in Library, you delete both, or does cache empty the Safari Folder
the tall wrote:
I moved to Apple to avoid the problems of Windows and having bank details/credit card nicked from the laptop....
Mac's offer little protection for this, your life is a open book on a Mac, just like is on iPhones and iPads. Haven't heard of CarrierIQ yet?
it's just harder to gain access remotely, but Mac's have been cracked and trojaned. What's bad about it is most won't know because of the most clever will get in and be sure to be covert and low key, not gain a wide attention with a mass infection.
Anyone who does banking online or ATM, debit/checks with amounts they can't afford to lose is not well informed of the dangers.
Banks love online bankers, it takes the responsibility off their shoulders.
More details of the story.
I already said you can delete the Cache.db. I hardly use Safari, so what's in mine is not at all representative, but you could open yours with TextEdit and look inside to see if there's anything remotely sensitve. I don't see anything in mine to be concerned about. But that may be because I use Safari so rarely.
I would be more concerned with AutoFill. It looks like this may be where that stuff is kept. You would have to do some more research on your own to determine exactly how to go about removing any or all of those entries. Maybe some Extension for Safari to do that. I don't know, since I don't use Safari. You might ask here.
I really don't know enough to pursue this any further. Not to be patronizing, but I think you are taking this to an unnecessary extreme.
This is in your home folder Library/Safari. Mine is completely empty.
Reset should take care of it.
Message was edited by: WZZZ
If they're going to get your on line banking information, it's much more likely your bank's database or third party processing will be hacked.
Yes. A lot of people who worry about this don't realise just how small a target they are. Nowadays, much of this stuff is done for profit, and it just doesn't pay to break into computers retail-fashion. How many credit cards does the average Mac user store on his machine? Say, 10? Is it worth a hacker's time to break through 10 different routers in 10 different configurations into 10 different machines -- when he can break into STRATFOR's (ha!) servers and get hundreds or thousands of cards in one go?
Thanks again for your help.
The reset Safari you show above does not remove the files and they still have alot of the files with old site info in the folders. So wondered what reset actually does, because it doesn't delete them
I saw the cache.db folder, but wondered what the 'webpage previews' one is in the same folder, and also all the files in Library/Safari. Can you delete any of them?