How to delete file(s) in secure manner?

Shred

This command line tool is already installed from the core utilities in Ubuntu to securely erase and overwrite single files using the Gutman method.

Fast shredding

shred -vzn 0 /dev/sdc1

erases whole partitions by overwriting everything with 0s in a single iteration. If no legal aspects require another procedure, doing so is most probably safe to securely delete your private data.
from Craig Wright Lecture Notes in Computer Science, 2008, 5352, 243-257.

Secure shredding

shred -vzn 3 /dev/sdc1

erases the whole partition using 3 iterations with random numbers. In addition (option -z) this writes zeros to hide the shredding process at the end. This will take 4 times longer than the fast method.

NOTE: By shredding a partition we will overwrite this partition with 0 or random numbers. It therefore efficiently deletes everything including file system caches on that partition forever. This can also be used to remove unwanted remnants of deleted files. Files we want to keep will have to be backed up before shredding.

Wipe

More options, and the possibility of erasing directories in addition to single files, are offered by this command line utility.

wipe filename
wipe -r dirname

Additional notes on journaling file systems and SSDs:

  • Please read the notes in the linked manpages on security issues arising from still recoverable backups in journaling file systems when erasing single files. Overwriting whole partitions rather than single files will effectively erase all data even when using a journaling file system.

  • Erasing data on a solid state disk (SSD) can if at all only be done by overwriting the whole drive (not only single partitions) with several iterations. Some SSDs may have an inbuilt feature to erase data but this may not always be efficient (see this link from comment). At present there is no general recommendation on the wiping processes or number of erase iterations needed to securely remove all data remnants on all SSDs available.

These options can be added in the context menu of Nautilus and Thunar.

  • In Thunar, open "Edit" then "Configure Custom Actions"

Add (the plus sign)

Name "Shred File"

Description whatever you like

Action "shred -u %f"

Similarly for wipe.

  • For Nautilus see this question and those related

Select "Appearance Conditions" and select "Other Files"


There isn't one command that you can run which will easily clean up all the already-deleted files for you. However, there are a number of things you can do to reduce your vulnerability to this sort of attack in future.

As others have said, using tools like shred or srm allows you to delete a specific file by actually overwriting it, rather than just removing it from the filesystem. If you're feeling bold, you can replace the rm command with shred or srm to securely delete files going forward. That means that whenever you (or another program) tries to delete something using rm, the secure delete command will run instead.

However, if you're using a solid state disk, or even some newer mechanical disks, shred and other overwriting-based methods may not be effective, since the disk may not actually write where you think it's writing (source).

Full-Disk Encryption

A more convenient option is full-disk encryption. If you use the alternate installer, Ubuntu can automatically set up a fully-encrypted disk for you you, but you can also customize and configure the settings yourself. Once installed, the encryption is almost invisible to you: after you enter the passphrase (be sure to pick a good, long one) when the computer starts up, everything looks and feels just like normal Ubuntu.

You can also encrypt external media like USB drives using Ubuntu's Disk Utility. Setting up an encrypted external disk is as simple as checking the "encrypt underlying filesystem" box when formatting the disk. You can even store the passphrase on your (encrypted) keyring, so that you don't need to enter the phrase every time you plug that disk into your computer.

If your whole disk -- and all your removable media -- is encrypted, there's much less to worry about. A thief or police officer would need to swipe your computer while it's on, (or within a minute or two of turning it off if they're very good) in order to access your data. If you hibernate (rather than suspend) your computer when it's not in use, then you should be pretty safe.

If you ever need to completely destroy all your data, you don't need to do a Gutmann wipe of your whole disk. Simply overwrite the very beginning of the disk, to destroy the headers for the encrypted volume. Unlike with a regular filesystem, this will actually make it impossible to recover the data.

So, how do you go from your current setup to a safely encrypted disk? It's quite a challenge to retrofit a currently-installed operating system to use an encrypted disk. The easiest approach is to backup all your data and settings, then reinstall with an encrypted disk. When backing up, make sure to back up your data to an encrypted external drive, but don't save the passphrase in your keyring.

After you've backed everything up, you may want to aggressively wipe your hard drive, to make sure that none of your existing data can be recovered in the future. If you're using an SSD, the process is even more challenging, so depending how much you want to invest in the process, it might be worth destroying your current disk (a challenging proposition) and starting with a new one.

When reinstalling the OS, if you haven't aggressively wiped the disk already, you should make sure to completely fill the new encrypted partition, which will overwrite all your old data. Once you've restored your backup, you may want to aggressively wipe the start of the backup disk, to destroy the encryption header, so that it can't be recovered again.


Update: If you have not yet deleted the file that you want to be non-recoverable, use the accepted answer. If, however, you already deleted the file[s], then this is the next best method that I know of.

If I read you right, you want to erase all your previously deleted files. Here is a simple way to do that:

$ dd if=/dev/zero of=/path/to/mounted/partition/tmp_file bs=1M count=999999999999

Let that run till it complains till it gets a disk write error [out of space]. Then delete the file! What this does is just fill up your empty disk with 000s, so all your previous files get overwritten. Make sure to delete the file now, or you will not have any disk left. You might want to do this a few times if you are really paranoid. Or if you want to write random to your disk, I'd suggest replace /dev/zero with /dev/urandom.

However, this will take much much longer, so I'd run it overnight. Also, if you want a progress meter, do this instead:

$ free=$( df {PARTITION OR MOUNTPOINT}  |awk '{print $3}'|tail -1 )
$ dd if=/dev/zero bs=1M count=999999999999 | pv -s "$free" > /path/to/mounted/partition/tmp_file

First you are getting your free disk space with du, awk, and tail, then using dd to get /dev/zero, piping that to pv which stands for "pipe viewer", that redirects everything to tmp_file Once again, delete the file afterwards. $ rm tmp_file

Anyway, hope someone finds this useful! :)

Tags:

Security

Recent Posts