CarderPlanet
Professional
- Messages
- 2,549
- Reaction score
- 722
- Points
- 113
Hello, moneymakers! Hello, random carders. In one of the previous articles, we looked at ways to safely delete information on Windows. Now it's the Mac's turn.
Most people think that it is enough to send a file to the trash, empty it, and the file is deleted. This is not entirely true. When a file is erased, the operating system makes it invisible to the user, and marks the disk space occupied by this file as "free". The operating system can use this location to write information. It may take weeks, months, or even years for the file to be overwritten with other data. Until then, the" deleted " file remains on disk. A little effort, the right tools (a computer program for data recovery or special techniques of a specialist in a forensic laboratory), and the file is alive and well again. So, the data is not deleted immediately and irrevocably; it remains on the computer until you need space for other data.
If you want to delete the file for sure, you need to immediately overwrite it with other information. Then you won't be able to restore your data. Perhaps your operating system already includes some tool that allows you to write a set of "random" data over the deleted file and thus protect the confidentiality of the erased information.
Please note: Securely deleting data from solid-state drives( SSDs), USB flash drives, and SD memory cards is a difficult task. The recommendations below apply only to regular hard drives, but not to SSDs (which are increasingly common in modern laptops), USB flash drives, or SD cards.
The reason is that the above types of storage media use wear leveling technology.
On OS X 10.4 and later, you can securely erase files by simply moving them to the trash, then selecting Finder > Secure Empty Trash.
How do I make sure that deleted data cannot be restored?
Apple made its own explanation about data recovery in the Mac OS X system:
"To prevent recovery of previously deleted files, open Disk Utility, select "Help" > "Disk Utility Help>", then find information on how to free up disk space.»
Limitations of Reliable Data Deletion programs
First, the described procedure allows you to securely delete only files on your computer's hard drive. It will not affect backups saved on other disks, USB flash drives, on an email server, or in cloud storage. To securely delete a file with all its backups, you need to erase each of them, no matter where they are located. In addition, if the file is saved in a cloud storage (such as Dropbox) or file sharing, there is usually no guarantee that it will be securely deleted at all.
Alas, this is not the only caveat. Even if you followed our advice and deleted all copies of the file, there is a chance that some traces of the file remained on your computer. This is not due to a reliable file deletion error, but is due to the operating system or other programs that store records about this file.
There are many examples of such situations. We'll limit ourselves to two. On Windows or Mac OS operating systems, Microsoft Office can store a link to a file in the Recent Documents menu, even if the file itself has already been deleted. Sometimes Office can even store copies of the current file in a special temporary file. On Linux (and other *nix operating systems), OpenOffice can store as many file records as Microsoft Office, and the logs will contain commands that let you know the name of the file, even if the file itself has been securely deleted. Programs that "behave" in this way are found at every turn.
What can be done in this regard?
This is not an easy question. You will have to admit that even after a reliable deletion of the file, its name may remain in the system for some time. Overwriting absolutely the entire disk is the only way to make sure that the file name is not left anywhere else. An inquisitive reader will ask, " What if someone examines the data on disk byte by byte? Is it possible to detect the presence of copies of a document in this way?" Yes and no. This operation will detect copies in text format, but if some application used compression or other methods of data processing, this will not work. And remember: the search itself can also leave a trail! Thus, the chance of finding copies of the file exists, although it is small. Only a complete rewrite of the entire disk and installation of the operating system again can guarantee that the file or its fragments are not saved anywhere.
Do you want to get rid of Yandex. Disk? Don't forget to securely delete your data!
So, it's time for the disk to go to the landfill, or you're going to give it away/sell it. It is important to know that no one can extract your information from it. Unfortunately, many computer owners forget to do this. Hard drives are often sold packed with important data. Before you part with the disk, securely delete all data. Is your disk very old? Don't you think anyone will be interested in it? It still doesn't hurt to be careful. There is a program specifically for this purpose – Darik's Boot and Nuke.
Some disk encryption programs have built-in the ability to destroy the master key. This makes all encrypted data inaccessible forever. Because the key is a tiny amount of data, it can be destroyed almost instantly. This approach saves a lot of time compared to programs like Darik's Boot and Nuke (they can run for a very long time on large disks). However, if you do not use full disk encryption, you will have to overwrite all data on the storage medium.
Destroying the CD-ROM
For CD/DVD discs, it is better to use the same approach as for paper media: a shredder. There are inexpensive devices that can "digest" your disks. Never throw a CD in the trash unless you are 100% sure that it doesn't contain any important information.
Reliable data erasure on solid-state drives (SSDs), USB flash drives, and SD cards
Unfortunately, technologically advanced SSDs, USB flash drives, and SD cards make it difficult (if not impossible) to reliably erase data – both individual files and all free space. It is best to build data protection on such media based on encryption. Then, of course, the information will remain, but it will look like gibberish to anyone who gets it without being able to force you to decrypt the data. Today, we can't offer any specific working method for reliably deleting data from an SSD drive.
As mentioned earlier, SSDs and USB flash drives use a technology called wear leveling. Here's how it works. Disk space is divided into blocks like the pages of a book. When a file is written, it is assigned a specific block or blocks (pages).
If you want to overwrite data, you should tell us in which blocks you need to do this. But on SSD and USB media, the blocks "wear out".
Each block can be used for writing and rewriting a limited number of times, then it loses its functionality (imagine that you write with a pencil and erase what you have written with an eraser; sooner or later the paper will become unusable). To solve this problem, the controllers of SSD disks and USB flash drives "take care" that the number of write actions to each block is approximately the same throughout the media. This allows you to extend its life. Sometimes, instead of overwriting a specific block where the file was originally located, Yandex.Disk doesn't touch this block, marks it as broken, and writes data to another block (you skip the page, write the necessary data to the next one, and make corrections to the contents of the workbook). Such actions occur at a low level, in the disk's electronics, and the operating system doesn't even know about it. Accordingly, if you want to overwrite the file, there is no guarantee that this will happen. This is the main reason why it is so difficult to reliably delete data from an SSD drive.
Gentlemen running in the shadows! And all those who consider themselves such, or strive to. Learn these articles and try them out in practice. Because, security, bitch, decides. In the future, we plan to conduct training. We will not teach those who can't even delete a folder from their computer normally. Sorry, noobs, but it's more profitable for us to let fool go to jail, giving space to normal shadowrunners.
