Secure Delete Files in Terminal on OS X

By | February 12, 2009

Securely delete files on Mac OS X in the Terminal by using srm:

srm <filename>

This will delete the file, then rewrite random data over the spot on the hard disk where the file was previous stored several times to prevent any file recovery attempts.

A regular delete using rm in the Terminal will only remove any pointers to the file itself, but this information can be recovered using file recovery and undelete tools.  This is similar to erasing an entry in the telephone book for someone’s house and phone number; the house is still standing and telephone number is still valid.  Using srm would send a bulldozer to the house to tear it down and break it into bits so small, it would be difficult to tell that a house ever stood there.

Securely deleting files is useful when you need to destroy a password file.  For example, I keep a file that is pgp encrypted with all my passwords within it.  When I need to add new passwords, I decrypt the file, add the new username/passwords, then re-encrypt the file.  Afterwards, I need to securely destroy the text file that I updated.  For that, I use srm.

Read more about srm at Wikipedia.


Related Articles:

5 thoughts on “Secure Delete Files in Terminal on OS X

  1. Uri

    Great website. I loved some tricks.

    PS: The feed is not working and I want so subscribe. Can you fix it? (and, if you do, kindly send me an e-mail so I can subscribe)

    Reply
  2. Pingback: OS 10.5 - Secure erase email? - Mac-Forums.com

  3. pdf23ds

    The rm command built into OS X has a -P option that does a 35-pass truncating renaming secure delete. srm has a few more options, including a nice -s option to make it go 35 times faster.

    There is no reason to do more than one overwriting pass on a file. Any more than that is absolutely pointless. Way back when, when hard disks were 6 ft wide and held a few hundred KB, when Guttman’s paper was written, things were different.

    Reply
  4. Jimmy Leighton

    I never realized that one overwrite and the file would be completely destroyed. For sensitive date, i have always done at least three overwrites.

    Whilst i appreciate HDD’s have evolved over the years, what exactly is it that makes one overwrite so effective now?

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *