Secure Empty Trash missing on El Capitan

use cmd + space

type in terminal

terminal window will open, wrote:

man srm

mac:~ mac$ man srm | cat | head -40

SRM(1) SRM(1)

NAME

srm - securely remove files or directories

SYNOPSIS

srm [OPTION]... FILE...

DESCRIPTION

srm removes each specified file by overwriting, renaming, and truncat-

ing it before unlinking. This prevents other people from undeleting or

recovering any information about the file from the command line.

srm, like every program that uses the getopt function to parse its

arguments, lets you use the -- option to indicate that all following

arguments are non-options. To remove a file called '-f' in the current

directory, you could type either "srm -- -f" or "srm ./-f".

OPTIONS

-d, --directory

ignored (for compatibility with rm(1))

-f, --force

ignore nonexistent files, never prompt

-i, --interactive

prompt before any removal

-r, -R, --recursive

remove the contents of directories recursively

-s, --simple

For my purposes, it would be silly to log in and log out, ever. Not everyone is in the same situation and not one solution works for everyone. Why such an adamant advocate of FileVault? To you, it seems it is all or nothing. FileVault or forget it. You seem to be saying that any other form of encryption is useless. Only FileVault is worthy. I do not work in the State Department or in any other ultra-secure environment (any more). The particular files I have to secure will probably never be opened in my lifetime, so there is no concern about key-loggers. The password is never used. If someone steals the computer (extremely unlikely) and the files go missing, it is no big deal (and, oh, by the way, the same issue exists with FileVault. If the computer goes missing, so do the files.). The information is in my head and only on the disk in the case of my untimely demise. There are other options than FileVault. It depends on one's situation. An encrypted folder, even, is overkill for my particular situation. I can see instances when an encrypted folder could be useful, though. And, in extreme cases, FileVault is probably necessary.

Whickwithy wrote:

Why such an adamant advocate of FileVault? To you, it seems it is all or nothing.

I am only saying that full disk encryption is the only reliable way to secure data that is on a computer.

The particular files I have to secure will probably never be opened in my lifetime, so there is no concern about key-loggers.

If you leave your user account running & don't require a password to take it out of display or computer sleep when it is unattended, anybody can do anything you can do -- as far as the computer can tell they are you. So while they may not know the encryption password to unlock your encrypted file, they can still rummage around in caches, inspect logs, read your email, & even copy anything you can access to a thumb drive, including your encrypted stuff, or install anything you could, malware included.

If this doesn't bother you, it should -- you would be amazed at everything anybody with even "script kiddy" skills or a decent understanding of how the OS works can to to compromise your security, particularly if they have the time to work with whatever they have copied to a thumb drive, instead of just the relatively brief time your Mac is left unattended.

I am only saying that full disk encryption is the only reliable way to secure data that is on a computer.

Like I said, your view is: "FileVault or forget it. You seem to be saying that any other form of encryption is useless. Only FileVault is worthy."

Reliability??!?! Riiiiight! The first rule-of-thumb concerning anything run by software: keep it as simple as possible to avoid it breaking. If you want something reliable, don't use software or moving parts. The more software or the more moving parts involved, the more likely the breakage. Software and moving parts are, routinely, what breaks. With FileVault, you don't even have the protection of backups if FileVaut breaks!!!!! If you didn't back up with FileVault, it's not secure, so what was the point in the first place??!?!? I wouldn't trust anything that I considered important to something like FileVault. That's insane unless you have world-class secrets and no other options.

Keep it simple. Just ask all of the people that don't have El Capitan working yet. Ask the guy in this thread that had a train-wreck with FileVault.

I'd go into what I think of Key chain, as well, but I've ranted enough for one night and one thread.

I'm outta here.

Whickwithy wrote:

Like I said, your view is: "FileVault or forget it. You seem to be saying that any other form of encryption is useless. Only FileVault is worthy."

Nope, not even close.

With FileVault, you don't even have the protection of backups if FileVaut breaks!!!!! If you didn't back up with FileVault, it's not secure, so what was the point in the first place??!?!?

For the truly paranoid, the backup disks can be FileVault protect too (or some other encrypted method, such as an encrypted disk image on an external disk, or the backup utility encrypts the backup data before sending it to a remote backup location).

NOTE: Since FileVault 2 has been released, there have been almost no problem reports for it. At least not in the forums. The worse that has happened is forgetting encryption keys, which is devastating for the user, but that just means FileVault is doing its job very well.

I think I'm hearing that your sensitive information is not the kind of info that someone would spend money trying scavenge from your disk/SSD free space nor spend even more money to recovery information from replaced sectors.

You could most likely protect your sensitive information by using an encrypted disk image, storing it in a KeyChain secure note, or using something like 1Password secure notes (or other 3rd party encrypted password manager with secure note capabilities).

But just be aware, that these methods can have leaks that someone with money to burn and a strong enough desire to see what you are encrypting might be able to recovery from temporary files, deleted files, replaced sectors, etc...

On the other hand, I have seen lots of stories of people buying systems or disks from eBay and finding all kinds of personal information that would allow them to impersonate that person sufficiently to gain access to their on-line accounts, including banking, and other places their money is stored. This would not happen to anyone that was encrypting their whole disk.

But from Apple's perspective, these information leaks because secure erase cannot get every bit of data that went into creating the file that is being erased, they have a liability problem from the people that really do need to make sure all bits of that data are erased, but do not really understand how the applications they use work with the data, how the file system does its job, how the operating system pages/swaps data to disk, how the disk itself moves the data around, etc... And that today most of Apple's shipping systems are SSD based, which suffer reduced life from secure erase without even touching the original data. With all of that in mind, Apple most likely decided it was better to remove secure erase than pretend it was doing anything.

NOTE: In my opinion the only really secure erase is to take all the things that might have had a copy of your data, and melt it down in a very hot furnace until it is puddle of molten metal and plastic.😀 Of course I've never actually done that, but I'm sure it is secure.

simple use:

sudo srm -rf ~/.Trash/*

from man srm:

SRM(1) SRM(1)

NAME

srm - securely remove files or directories

Hi John,

I agree that sensitive data should have a lifecycle of protection that users should follow. What would be a proposed solution for proper destruction of sensitive information that is no longer needed? I.e. Tax returns 7 years or older, former employer documentation, or email attachments that were accidentally sent to you which downloaded upon opening?

There are many sound reasons to have a secure deletion features for files. I know of many consultants that destroy sensitive data that is client related that they no longer need due to completion of contracted terms.

In general, I am not a fan of features silently being removed without end user notification or a solid workaround to be put in place.

Thanks,

Vik

What would be a proposed solution for proper destruction of sensitive information that is no longer needed? I.e. Tax returns 7 years or older, former employer documentation, or email attachments that were accidentally sent to you which downloaded upon opening?

My use of the computer is strictly personal, so:

I shred my (paper!) tax returns.

I don't have an employer.

I don't get sensitive email attachments (or don't open them).

As for my hard drive(s): my iMac with a rotational HD will be erased with a 3 or 7 pass erase (using Yosemite) if/when I sell it and then will have the original OS reinstalled (as required by the SLA). Until then, there is no need for me to securely erase anything as no one else has access to it. My MBP's SSD will be destroyed (with a hammer or whatever else works) if/when I sell it; I will then reinstall the original HD (rotational) and, since I also need to erase and reinstall the original OS, I will be able to securely erase it once I return to a previous OS.

VicJaw wrote:

What would be a proposed solution for proper destruction of sensitive information that is no longer needed? I.e. Tax returns 7 years or older, former employer documentation, or email attachments that were accidentally sent to you which downloaded upon opening?

Hi Vic

Your ability to secure sensitive data is limited to the storage media on which those sensitive documents are stored. Obviously FileVault will encrypt whatever is on a Mac's hard disk regardless of the sensitive file's age, but no one has any control over what was sent using an unencrypted email or anything else that lies beyond their ability to control. Once a secure file is sent or otherwise uploaded so some server beyond your ability to control, it's in the wind, long before it even found its way onto your Mac. Depending on the email service you use, that file might exist – in whatever form it was sent – in perpetuity.

Clients with particular and unique needs to ensure magnetic storage media file destruction do not rely upon magnetic erasure in any form. They use industrial shredders that perform irreversible physical destruction of the device. Consumers can effectively perform the same task with a large hammer or similarly effective tools used along with personal protective equipment. I'll leave my favorite techniques to the reader's imagination.

In general, I am not a fan of features silently being removed without end user notification or a solid workaround to be put in place.

FileVault isn't a workaround, it's a solution that definitively addresses any uncertainty regarding sensitive data.

Apple simply removed a product feature that could not be reliably guaranteed to work in all cases. In fact it could only be relied upon to do what its user expected of it under very limited circumstances. As I wrote some pages ago, a consumer has a reasonable expectation that a product feature accomplishes what it is supposed to do. To leave "secure empty trash" in place with full knowledge of its limitations would be irresponsible and expose Apple and its many stakeholders to material harm. Ask Volkswagen.

i have no security concerns. i'm on mac air with limited space.
i just want to free up more space when emptying trash, like 'secure empty trash' accomplished.

how can i do this on el capitan?

pixallus wrote:

i have no security concerns. i'm on mac air with limited space.
i just want to free up more space when emptying trash, like 'secure empty trash' accomplished.

how can i do this on el capitan?

??? Secure empty trash never freed up any more disk space than emptying the trash normally does.

When you empty the trash, the space used by the trashed files is marked as unused in the file system maintained by the OS & references to them are removed from the file system structures that track where their data is located on the storage device. That doesn't erase that data, just the references to it, but because that space is marked as unused the OS can use it to store new files.

The secure erase was designed to erase the space where the data is stored by writing over it with some data pattern, either all zeros or some other data pattern, but that has no effect on the amount of available free space, other than in certain circumstances it can actually reduce the amount of available free space a bit (for instance, as a result of a bad sector being mapped out on a mechanical drive once the spare sectors reserved for replacing bad sectors is exhausted).

pixallus wrote:

i have no security concerns. i'm on mac air with limited space.
i just want to free up more space when emptying trash, like 'secure empty trash' accomplished.

how can i do this on el capitan?

Secure Empty Trash never freed up any more space. Where on earth did you get that idea from?

Pete

The link to the supposed solution is broken: https://support.apple.com/kb/PH21751?viewlocale=en_US&locale=en_US

Page not available

What gives Apple?

I use to use secure empty trash all the time. Why the **** was it removed? And why is the support page addressing the issue missing?

Good grief.

You might want to read the thread - your questions were answered some time ago. And, FWIW, we are not Apple here - we are users just like you volunteering our time to help others, so we cannot answer for Apple. You will need to contact Apple.

PD The article was most likely removed because it contained incorrect/outdated information (if it involved secure empty trash) - no need for the article if the feature is not available. FWIW, I've never used it - it is superfluous unless you are selling the Mac or regularly allow others access to your machine.