How to better hide your deleted files from prying eyes

mac, tech
Photo by Flickr user Jason Weaver

Photo by Flickr user Jason Weaver

Last year, I began my foray into minimalism. I’ve not yet embraced the concept to its extremes, but I have benefitted a great deal from the influence it’s had over my thinking. There’s something wonderful about getting rid of shit. Imagine if the next time you moved, you only had six boxes of books instead of sixteen. Sounds heavenly, doesn’t it?

About a week ago, I finished reading a book called A Day in the Life of  Minimalist by Joshua Fields Milburn (of The Minimalists fame). The book is a collection of essays that Milburn has contributed to his blog over the past few years. While I subscribe to the blog, I haven’t delved deeply into its archives, so there was a lot of stuff in the book that was new to me. One essay talked about getting rid of extraneous virtual possessions. It had me intrigued.

My first leap into minimalism had everything to do with downsizing my media collection. I digitized my music and movies and got rid of the physical copies. But all of that stuff takes up space. Between my wife and I, we have three portable hard drives; all three are loaded with stuff. I started poking around our largest hard drive (where we do our computer backups and store media) and found a bunch stuff that could be deleted. I had duplicate copies of my entire music library, for example. That stuff had to go.

So I set about getting rid of the old backups of my computer and replaced them with a new one, with all the fat trimmed away. Not only did I get rid of the music duplicates, I actually let go of the albums I hadn’t listened to in years (GASP!). Clicking the “empty trash” button felt good.

Since I had backed up my laptop to the hard drive, I thought it would be a good idea to back up our family photos to cloud storage (I try to follow the rule of three when backing up important stuff- laptop, external hard drive, and cloud storage- so that I won’t be screwed if one fails). Imagine my surprise when I open up my recently created backup only to find that three years worth of photos are missing. The births of my children, my wedding, birthdays, vacations- all gone.

I fell into a deep depression for exactly thirty seconds before I leapt to action. I opened up a data restoration program I had installed just in case a while back  (Data Rescue 2). I fired it up and ten hours later, it had recovered 600 GB of deleted files. I had my photos back (albeit in a horrible, unorganized mess).

Data Rescue

Sorting through the mess was a nightmare (and continues to be). I like to help people fix their computers when something goes wrong, which means that I’ve backed up a lot of hard drives to our external. Data Rescue gave me back all of my files, and all the files of everyone I’ve ever helped out, all lumped together in one inconvenient spot. I’m just going to come out and say it: there was a lot of porn.

Sweet Jesus, was there a lot of porn.

Thankfully, I had no way of identifying the source of the porn, so I don’t have to give weird looks to my friends and family. I’m just going to assume they’re all perverts and social deviants and leave it at that. I spent an hour (AN HOUR!) deleting all the porn and everything was well and fine. But then I started thinking- what if that wasn’t anonymous porn? What if those naughty images were actually naughty bank statements or scans of social security cards? What if I tried to delete some sensitive information and had to hand over my computer to some random stranger to fix it? Like someone at a computer repair shop, the Apple Store, or Best Buy’s Geek Squad?

Luckily for me, retrieving my missing files was laughably easy. It was as simple as opening a program and clicking “Go.” Unluckily for me, though, everything I’ve ever deleted and wanted to remain deleted was up for grabs by the same process. I figured there had to be a way to easily add a layer of security to deleted data.

Now, I understand how this process works. Data deleted from a drive is still there until it is overwritten. That’s why it’s always good practice when giving away a computer to use a software that will overwrite all the data on the drive. It’s just more secure. But I’m not going to do that with our external hard drive or my laptop, things I delete stuff from on a daily basis.

So here’s my tested (Mac) solution: I took some sample images and packaged them into a disk image. This may sound complex to a novice user, but, really, it’s pretty simple. I frequently use disk images to store sensitive information because it’s so easy to encrypt them and add a password. So that’s what I did with my test images. I created an encrypted, password-protected disk image on my flash drive. Then, I deleted the image and emptied my trash. From there, I opened up Data Rescue and attempted to recover the image.

And… it wasn’t there. Neither the image or the photos I put inside of it were to be found. Data Rescue found all kinds of other stuff, but not that encrypted image. I did a quick Google search and stumbled upon some poor schmuck who duplicated my results (and is probably divorced by now).

So there you have it. Before deleting sensitive files, package them up in an encrypted disk image, delete them, and empty the trash. I have no idea how well this would hold up against powerful forensic tools (but this paper suggests they might hold their own quite well), but it’s almost certainly going to protect you from your teenage son’s shady friend or the guy you found on Craigslist. I’d be interested in seeing how this would be approached on a Windows computer (perhaps with an encrypted ZIP file?), but I no longer own a Windows computer. Perhaps you could try it and let me know down below?

Advertisements

2 thoughts on “How to better hide your deleted files from prying eyes

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s