On computer keyboards, the delete key (sometimes shortened “Del”), should, during normal text editing, discard the character at the cursor’s position, moving all following characters one position “back” towards the freed place. On Macintosh computers, however, the backspace key is called the delete key, while a separate key, also called delete and in the traditional location above the cursor arrows, serves as a forward delete key. The delete key may generate the ASCII delete character, 7F hex (127 decimal), which reflects its history in 7-bit paper tape. If a character was punched erroneously, punching out all seven bits caused it to be ignored (or deleted). Unix retained the Delete key as the way to erase characters, while DOS/Windows used the backspace (0x08, or control-H) instead. The delete key may also be mapped to ESC.
File deletion is a way of removing a file from a computer’s file system. The reasons for deleting files are:
- Freeing the disk space. (Learn how to get rid of low disk space)
- Removing duplicate or unnecessary data to avoid confusion.
- Making sensitive information unavailable to others.
All operating systems include commands for deleting files (rm on Unix, delete/del in MS-DOS and so on). File managers also provide a convenient way of deleting files. Files may be deleted one-by-one, or a whole directory tree may be deleted.
Problems with Accidental Removal
The common problem with deleting files is accidental removal of information that later proves to be important. One way to deal with this is to back up files regularly (For more information on backing up files, read how to back up your computer files). Erroneously deleted files may then be found in archives. Another strategy is not to delete files instantly, but to move them to a temporary directory whose contents can then be deleted at will. This is how the “recycle bin” (also known as “trash folder”) works. In MS-DOS, one can use the undelete command. In MS-DOS the deleted files are not really deleted, but only marked as deleted—so they could be undeleted during some time, until the disk blocks they used are eventually taken up by other files. Defragging a drive will prevent undeletion (Tips on how to get rid of disk fragmentation), as the blocks used by deleted file will be overwritten since they are marked as “empty”.. Another precautionary measure is to mark important files as read-only. Many operating systems will warn the user trying to delete such files. Where file system permissions exist, “ordinary” users are only able to delete their own files, preventing the erasure of other people’s work or critical system files. Under Unix-like operating systems, in order to delete a file, one must usually have write permission to the parent directory of that file.
Problems with Sensitive Data
The common problem with sensitive data is that deleted files are not really deleted and so may be recovered by interested parties. Most file systems only remove the link to data (see undelete above). But even overwriting the disk with something else or formatting it does not guarantee that the sensitive data is completely unrecoverable. Data remanence is the residual representation of data that has been in some way nominally erased or removed. This residue may be due to data being left intact by a nominal delete operation, or through physical properties of the storage medium. Data remanence may make inadvertent disclosure of sensitive information possible, should the storage media be released into an uncontrolled environment (e.g., thrown in the trash, or given to a third-party). Over time, various techniques have been developed to counter data remanence. Depending on the effectiveness and intent, they are often classified as either clearing or purging/sanitizing. Specific methods include overwriting, degaussing, encryption, and physical destruction.
Countermeasures Clearing: Clearing is the removal of sensitive data from storage devices in such a way that there is assurance, proportional to the sensitivity of the data, that the data may not be reconstructed using normal system functions. The data may still be recoverable, but not without unusual effort.
Clearing is typically considered an administrative protection against accidental disclosure within an organization. For example, before a floppy disk is re-used within an organization, its contents may be cleared to prevent their accidental disclosure to the next user.
Purging: Purging or sanitizing is the removal of sensitive data from a system or storage device with the intent that the data can not be reconstructed by any known technique. Purging is generally done before releasing media outside of control, such as before discarding old media, or moving media to a computer with different security requirements.
Specific Methods Overwriting: A common method used to counter data remanence is to overwrite the storage medium with new data. This is often called wiping or shredding a file or disk. Because such methods can often be implemented in software alone, and may be able to selectively target only part of a medium, it is a popular, low-cost option for some applications. The simplest overwrite technique writes the same data everywhere—often just a pattern of all zeros. At a minimum, this will prevent the data from being retrieved simply by reading from the medium again, and thus is often used for clearing. To counter more advanced data recovery techniques, specific overwrite patterns are often prescribed. These may be generic patterns intended to eradicate any trace signatures. For example, writing repeated, alternating patterns of ones and zeros may be more effective than zeros alone. Patterns based on the existing data may also be used, such as the complement, or bitwise inverse or NOT, of the existing data. For example, if the existing data is 1101 0110, its complement would be 0010 1001. Combinations of patterns are frequently specified. One challenge with overwrites is that some areas of the disk may be inaccessible, due to media degradation or other errors. Software overwrite may also be problematic in high-security environments which require stronger controls on data commingling than can be provided by the software in use. The use of advanced storage technologies may also make file-based overwrite ineffective. As of November 2007, overwriting is no longer a DoD-acceptable sanitization method for magnetic media. Only degaussing or physical destruction is acceptable. Gutmann method: Peter Gutmann investigated data recovery from nominally overwritten media in the mid-1990s. He suggested magnetic force microscopy may be able to recover such data, and developed specific patterns, for specific drive technologies, designed to counter such. These patterns have come to be known as the Gutmann method. Daniel Feenberg, an economist at the private National Bureau of Economic Research, claims that the chances of overwritten data being recovered from a modern hard drive amount to “urban legend”.
Degaussing: Degaussing is the removal or reduction of a magnetic field. Applied to magnetic media, degaussing may purge an entire media element quickly and effectively. A device, called a degausser, designed for the media being erased, is used. Degaussing often renders hard disks inoperable, as it erases low-level formatting which is only done at the factory, during manufacture. Degaussed floppy disks can generally be reformatted and reused. In high-security environments, one may be required to use a degausser which has been approved for the task. For example, in US government and military jurisdictions, one may be required to use a degausser from the NSA’s “Evaluated Products List.”
Encryption: Encrypting data before it is stored on the medium may mitigate concerns about data remanence. If the decryption key is strong and carefully controlled (i.e., not itself subject to data remanence), it may effectively make any data on the medium unrecoverable. Even if the key is stored on the medium, it may prove easier or quicker to overwrite just the key, vs the entire disk. Encryption may be done on a file-by-file basis, or on the whole disk.
Physical destruction: Physical destruction of the data storage medium is generally considered the most certain way to counter data remanence, although also at the highest cost. Not only is the process generally time-consuming and cumbersome, it obviously renders the media unusable. Further, with the high recording densities of modern media, even a small media fragment may contain large amounts of data. Specific destruction techniques include:
- Physically breaking the media apart, by grinding, shredding, and so on.
- Phase transition (i.e., liquification or vaporization of a solid disk).
- Application of corrosive chemicals, such as acids, to recording surfaces.
- For magnetic media, raising its temperature above the Curie point.
In any case, now that you know most everything there is to know about deleting files, your data management will be now be streamlined and effective. Just remember to make use of this tips and information, and your data should be fine.
Click here for more information about how to get rid of computer files