A lot of Mac users actually don’t realise that there is a “Secure Empty Trash” option for securely deleting the files in their trash.
What does this mean exactly? Well, when you empty your trash the usual way, the contents of the files are still lying around on the disk until they are overwritten by other data. This implies that, with appropriate tools, someone could potentially read a deleted file, or even recover most or all of it.
With the “Secure Empty Trash” option (in your Finder’s application menu, in case you were wondering), the trash is removed in a secure fashion – the data is overwritten a number of times before removal (in the first release of this feature you could choose the number of passes in the overwriting process, but that choice was removed in a later OS X update. It is believed to be 7 pass now with no other options provided1).
This is a useful feature if you have documents you don’t want others to ever see2 – especially for business or government users. Note though that this feature is slower than normal emptying of the trash.
Accessing the Option
The problem with this option is that it isn’t that easy to access. You can’t set it to be the default when emptying your trash, and it has no keyboard shortcut3. Worse still, if you do a normal “Empty Trash” and then realise you wanted to do a “Secure Empty Trash”, you can’t securely remove it after the event.
A simple improvement
A lot of the problems go away by just providing a simple option. In the “System Preferences”, under “Security”, Apple could add an option to “Always securely empty the trash”. People in secure environments would simply turn this option on and have the ability to delete their files with some degree of security.
[Note: Apple have actually implemented this in Leopard, though in the Finder’s Advanced preferences. I’m not sure this is the obvious place people would look for such a feature (surely they’d look in System Preferences under “Security”), but at least the feature is there.]
Note though that this option should work for all applications too. That is, if you delete a mail item for example, it should also be securely deleted. Currently this does not occur. All applications should have access to the secure delete, or this should be transparent in deletion APIs so that applications will secure delete automatically if the default is to do so, without having to code especially for the feature.
If Apple wanted to make this more useful for everyday work, where someone may only want to securely delete certain files, Apple should provide a shredder. Perhaps the trash could act as a shredder when files are dragged to it directly (with a modifier key perhaps).
For example, an end user may want to shred the current document they are working on (say it is a list of all staff salaries). They option-drag it to the Trash (assuming option is the modifier). The Trash icon visually shows a shredder rather than a trash can. They drop it in – they are presented with a warning (an option), and then the item is shredded securely. Other items in the trash are not affected. I could also see a “Shred” context menu on Finder items to go with the existing “Move to Trash” – including those in the Trash already.
Audio and visual feedback
Apple could further add some audio feedback. When shredding, the shredder could make a mechanical shredding sound, similar to the way emptying the trash currently makes a “screwing up” sound (not sure how you describe that sound).
Visually Apple could do more with the Trash/Shredder. For example, if you CMD-DELETE a file in the Finder currently, it moves to the trash with a sound as if it was thrown in. Why not make the object screw up visually in to a ball and shoot towards the bin in a nice arc? This wouldn’t be a first for Apple – the Newton did this when you deleted a file – an entire page would screw up in to a paper ball that would visually launch towards the bin.
When it comes to the Shredder, perhaps visually show the file being shredded in to thin strips and have them fall towards the bottom of the screen where they fade away. All of these effects would be optional of course. Apple could provide easy API calls to these new effects so that others could make us of them – for example a mail client could show a collection of mail items visually shredded when you “Erase deleted messages” and you’ve chosen the “shred” option, otherwise they would screw up in to a ball and be launched towards the bin.
Sure, these effects are not essential. But they aren’t totally frivolous either. Visual indication that you’ve accidentally sent a file to the trash is quite helpful. Regardless – they make the desktop fun to work with, and that’s part of the OS X experience.
1 OS X also provides a command-line tool “srm” to securely remove files. This tool allows you to choose the number of passes – either 1, 7 or 35, along with other options. It would appear that the Finder calls this tool with 7 passes in order to secure delete. It is unfortunate that there is no option to increase this to 35 passes for those with more secure requirements (such as defence organisations).
2 Though secure against casual snoopers, a professional (the sort of person who may work for some security agency) taking the drive to their lab for investigation, may still be able to recover some information after a secure delete. I’m no expert on these matters – I’ve read you need 30+ passes with random data to be certain the file can’t be recovered.
3 You could provide a keyboard shortcut through the “Keyboard & Mouse” preference pane in your “System Preferences”, but by default there is no shortcut assigned.