rhdor wrote:
This seems to be contradicted by post from Apple which indicate that files are not securely deleted and that file fault is to be used to secure data "from creation of file to deletion"
Secure Empty Trash is not really secure. And if you have an SSD, it is even less secure.
Files get moved by the operating system behind your back. The previous storage is not securely deleted.
Disk Drives map out bad sectors that may have your data on it, but skilled people can recover the data.
SSDs never overwrite a location which already has data. It will remap the sector and mark the original for cleaning. However, it only cleans clusters of sectors and if most of the cluster still has good data, it will defer cleaning your data indefinitely, but skilled people can recover your data. And even if the SSD does get around to clearing your remapped sector, there is a delay between it being marked for clearing and when that event happens.
If your data sensitive, then it is always sensitive, and any intermediate movement, or sector remapping should not expose your sensitive data to someone unauthorized reading it. FileVault keeps your data encrypted. If it is moved or remapped the old locations are still encrypted even after you have deleted the file. And that encrypted data is just random bits without the key.
The only truly secure erase is to melt the storage device into a puddle of molten material. Most people cannot afford that, so try FileVault 😁
