Securely erasing a file on disc

Let me apologize in advance because I somehow just KNOW that this topic has been covered somewhere in the forums or one of the email lists. Indeed I have found topics close in nature but not answering this question directly and clearly:

Is there any way, either in Xojo code or in plugin code, that anyone is aware of, to SECURELY ERASE/OVERWRITE a file that already exists on disc?

My concern is that simply overwriting the file using the various methods discussed in recent conversations in the forum might cause the O/S to simply allocate new sectors to the new data being written out rather than reusing the same sectors for the information. Lord knows that with today’s disc sizes it would certainly take forever to find, but nevertheless out of an abundance of caution I would like to know that if I need to write a temp file or process a download, once encrypted I can with absolute certainty erase it.

I know you will tell me that nothing is absolutely certain but any hints to get me closer would be greatly appreciated :wink: Thank you very much!

Kevin B.

What operating system? You could use a Shell call to “srm” (Secure ReMove) on Mac and Linux systems.

The issue is that, unlike hard drives, SSD’s will not (natively) overwrite the same area of the file, even if you open the file as Binary and write random data the size of the file. I don’t know any way around this.

I’m pretty sure that is the reason why Apple removed the secure delete / empty trash options from the OS X GUI.
The only solution is possibly to delete the file and then zero all free space on the volume.

You are correct, but if you “delete the file and then zero all free space on the volume” they you will limit the lifespan of your SSD very quickly, plus slow your app to a crawl.

I checked out @Jason King 's suggestion of SRM, but there is no indication that I could find that it gets around the SSD problem. If it does, then that’s where I would head.

Apple has dropped SRM for Sierra and later. Some discussion here that rm -p can help, and that it may all be moot with a TRIM enabled SSD.