Quantcast

Got Homework?

Connect with other students for help. It's a free community.

  • across
    MIT Grad Student
    Online now
  • laura*
    Helped 1,000 students
    Online now
  • Hero
    College Math Guru
    Online now

Here's the question you clicked on:

55 members online
  • 0 replying
  • 0 viewing

agdgdgdgwngo

What really happens when you delete a file? What is the difference between 'sending the file to the recycle bin/trash' and permanently deleting it through the rm command, shift+delete, or emptying the recycle/trash can?

  • one year ago
  • one year ago

  • This Question is Closed
  1. asnaseer
    Best Response
    You've already chosen the best response.
    Medals 2

    although there are people who can retrieve files even if you delete them from the recycle bin. the only way of really deleting something is to overwrite the same area on the disk with random patterns of ones and zeros.

    • one year ago
  2. agdgdgdgwngo
    Best Response
    You've already chosen the best response.
    Medals 0

    on *nix you have the shred command which does that, but folks say that it is useless if you use a journaling file system like ext4. is that right?

    • one year ago
  3. dmarshall
    Best Response
    You've already chosen the best response.
    Medals 1

    The recycle bin on windows is just a folder. When you send things to recycle bin they are stored there and are not deleted at all, so they can be easily retrieved. When you empty the recycle bin, they are actually deleted. I believe similar systems are on *nix and ios. However, deleting a file merely removes the information that tells the operating system where to find the actual contents of the file - the contents are actually still there, and will remain there until the space they are in is needed for some other data. Shredder and programs like it actually over-write that data so it's no longer stored. Even then, previously stored data CAN usually still be retrieved, although it takes expensive hardware and skilled technicians. You need to save over data something like 30 times to make it impossible to retrieve.

    • one year ago
  4. dmarshall
    Best Response
    You've already chosen the best response.
    Medals 1

    A journaling system is basically a backup copy. There's nothing stopping someone who knows what they're doing from deleting the data from the journal as well as from the disk, although again you'd need software for that purpose.

    • one year ago
  5. rsmith6559
    Best Response
    You've already chosen the best response.
    Medals 0

    My brother told me that currently the DOD requires 100 overwrites to consider a deletion secure. Journalled file systems keep the last however many writes they have room for in a separate area of the disk. I believe that these writes are made before the "disk write" is made. If a crash occurs during the "disk write", the write can be recreated from the journal. It saves having to run fsck, which can take hours on large file systems and restores confidence in the disk's date almost instantly on reboot. Deleting a file is basically like removing it's entry from the table of contents of a book. The pages are still there, but they're marked free, and the OS can't find it. Since the blocks are marked free, they're not overwritten until the filesystem decides to use those blocks again. If you have a disk editor, you'd probably have fun looking around.

    • one year ago
  6. agdgdgdgwngo
    Best Response
    You've already chosen the best response.
    Medals 0

    If I want to completely 'zero' my storage, would something like 'dd if=/dev/zero of=/dev/sd*' work?

    • one year ago
  7. shadowfiend
    Best Response
    You've already chosen the best response.
    Medals 0

    I believe it should, yes. Writes to a filesystem are not always done on the actual disk, they can be done on the disk cache and not written through to disk until later. This is a major aspect in improving disk IO. In journaled FSes, I believe the journal does stay written to the disk, so that if a disk cache flush gets interrupted for any reason, the journal has a coherent view of what was supposed to happen. Regardless, the journal is still on disk, and there's probably a good way to wipe files on journaled FSes as well. Note that completely "zeroing" your storage as above does delete everything from the OS's perspective, but data is still recoverable with the right tools/instruments.

    • one year ago
    • Attachments:

See more questions >>>

Your question is ready. Sign up for free to start getting answers.

spraguer (Moderator)
5 → View Detailed Profile

is replying to Can someone tell me what button the professor is hitting...

23

  • Teamwork 19 Teammate
  • Problem Solving 19 Hero
  • You have blocked this person.
  • ✔ You're a fan Checking fan status...

Thanks for being so helpful in mathematics. If you are getting quality help, make sure you spread the word about OpenStudy.

This is the testimonial you wrote.
You haven't written a testimonial for Owlfred.