Ubuntu – How to delete file(s) in secure manner

Security

Is there a way to make sure that a deleted file can not be recovered?

As you know, deleting a file by pressing shift-del or using trash doesn't mean that file is gone forever. It resides somewhere in the computer.

In day to day life, law enforcement or thieves use recovery programs to reveal our private data or something else.

They can recover all data that resides on hard disk, in RAM, and even USB.

To protect us from these people, what should one do? Which program should one use?

Note: I don't want an answer like first use a recovery program then erase that file with shred. With just one program, I want to erase all unused/deleted files on my computer.

Best Answer

  • Shred

    This command line tool is already installed from the core utilities in Ubuntu to securely erase and overwrite single files using the Gutman method.

    Fast shredding

    shred -vzn 0 /dev/sdc1
    

    erases whole partitions by overwriting everything with 0s in a single iteration. If no legal aspects require another procedure, doing so is most probably safe to securely delete your private data.
    from Craig Wright Lecture Notes in Computer Science, 2008, 5352, 243-257.

    Secure shredding

    shred -vzn 3 /dev/sdc1
    

    erases the whole partition using 3 iterations with random numbers. In addition (option -z) this writes zeros to hide the shredding process at the end. This will take 4 times longer than the fast method.

    NOTE: By shredding a partition we will overwrite this partition with 0 or random numbers. It therefore efficiently deletes everything including file system caches on that partition forever. This can also be used to remove unwanted remnants of deleted files. Files we want to keep will have to be backed up before shredding.


    Wipe

    More options, and the possibility of erasing directories in addition to single files, are offered by this command line utility.

    wipe filename
    wipe -r dirname
    

    Additional notes on journaling file systems and SSDs:

    • Please read the notes in the linked manpages on security issues arising from still recoverable backups in journaling file systems when erasing single files. Overwriting whole partitions rather than single files will effectively erase all data even when using a journaling file system.

    • Erasing data on a solid state disk (SSD) can if at all only be done by overwriting the whole drive (not only single partitions) with several iterations. Some SSDs may have an inbuilt feature to erase data but this may not always be efficient (see this link from comment). At present there is no general recommendation on the wiping processes or number of erase iterations needed to securely remove all data remnants on all SSDs available.

    These options can be added in the context menu of Nautilus and Thunar.

    • In Thunar, open "Edit" then "Configure Custom Actions"

    Add (the plus sign)

    Name "Shred File"

    Description whatever you like

    Action "shred -u %f"

    Similarly for wipe.

    Select "Appearance Conditions" and select "Other Files"