Note: Ignore with SSDs
Most solid-state drives on the market today support TRIM for managing their free space, a feature in their firmware that reallocates their contents. Combined with the journaling file systems in Linux, like Ext3/4 and Reiser FS, the deletion beyond recovery of individual files can’t be guaranteed. The only solution in those cases is, unfortunately, is a full nuke of all contents in an SSD.
Bypass the trash
We saw in detail how you can pull this off in the past, but it’s worth another brief mention: if you wish, you can bypass the trash folder. This way, your deleted files won’t linger in the trash and will be marked fully gone. It won’t make their recovery impossible, but it is a step up from having them accessible. To do that in a distro like Kubuntu with KDE, run its default file manager, Dolphin. Click on “Control -> Preferences -> Trash” to reach the related preferences. There isn’t an option to fully disable the trash, but you can use a neat trick that covers most bases: enable the Size limit and reduce it to the smallest value. On our disk, this translated to 205.09 KiB. Dolphin will erase the contents of the trash when they exceed that value, and that would probably happen every other hour with typical desktop use. Other file managers like Nautilus or Nemo have options for you to bypass the trash completely.
Using shred
If you’re running some variant of Ubuntu, shred is probably already a part of it. You can start using it immediately to fully erase any sensitive files you want to send to oblivion. How? If you wanted to obliterate “deleteme.jpg,” you could use: From the options …
u tells shred to first remove the file before overwriting it.v displays verbose information.z fills the space that was taken by the data with zeros to further reduce any chance of recovery.-n 2 translates to three deletion passes – shred does one pass by default, and with “-n,” you can specify how many additional passes you require over that for extra security. The general consensus is that three passes should be more than enough for most people.
To eliminate multiple files or the contents of a folder, you can use wildcards like: In the first case, “?” would be a wildcard for a single character, and shred would delete files named “delete_those_images_01.jpg” and “delete_those_images_02.jpg,” for example. In the second case, shred would wipe out all files in the directory Pictures, no matter their name or type.
Using wipe
Wipe is another excellent alternative. Search for it in the software center of your distribution and install it from there or use: Its use is almost as simple as shred’s, if not simpler. To erase any file or directory or use wipe, use: This can become annoying since, by default, wipe uses too many time-consuming passes for extra security. Plus, it will request confirmation for the deletion. Use the f flag to get rid of the confirmation and r to recurse into subdirectories. c tells wipe to chmod if necessary (when a file or directory has no write permissions set), and q allows you to reduce the number of passes for a quicker deletion. When using q, notice that it’s lowercase. It can be followed by a capital “Q” specifying the number of passes you demand. For example, the previously simple command, with those tweaks applied, would change to:
Using Secure Delete
SRM is one of the tools in the Secure Delete suite of tools that specializes in secure removal of data from your HDD. It’s held by many as the best tool for this job. To install the full Secure Delete suite on Ubuntu and compatible distributions, use: Afterward, you’ll be able to annihilate any file with: You’ll probably want to use the z flag, that overwrites your file’s contents with zeros for extra security and v to get verbose information about the process. If dealing with directories and subdirectories, also include the r flag for recursive mode. If the 38 rewrites are too much for you, you can decrease the time required – as well as the security – by utilizing the l flag to reduce the number of passes to “only” two. This would turn the previous command to:
The GUI way: using Bleachbit
If you have an aversion to the command line, Bleachbit is one of the best solutions for securely erasing your data. By default, the tool specializes in discovering and disposing “redundant files” that keep taking up space long after you’ve needed them. But it also incorporates the usually forgotten ability to manually “shred” any file beyond recovery. You can install it on your Ubuntu-compatible distribution through its software center or by using: Click on “Edit -> Preferences” and enable the option “Overwrite contents of files to prevent recovery” for enhanced security. Go back to its main interface, click on “File -> Shred,” and from the requester that pops up, choose the files you wish to beam to nothingness. Click “Delete” and re-assure Bleachbit that you’re sure of what you’re trying to do. You should always keep in mind that our use of journaling file systems, and the fact we don’t know how each HDD’s firmware “manages,” for lack of a better term, its contents, means that the best solution is wiping out the full HDD – or even better, physically destroying the device.
