An Edison Chen reminder to use Secure Empty Trash for sensitive files

Discussion in 'OS X and OS X Apps' started by elbert, Jun 6, 2009.

  1. elbert

    elbert Active Member

    Joined:
    Apr 8, 2004
    Messages:
    13,923
    Likes Received:
    12
    Location:
    Manila
    Watch the interview here: http://edition.cnn.com/2009/SHOWBIZ/06/05/edisonchen.extras/index.html

    Here's the transcript: http://hi.baidu.com/fairex/blog/item/4e12c500a09c2719738b6570.html

    Excerpt:
    It is a known fact that Edison Chen is a Mac user, and the story goes that he had his assistant bring in his computer for repair. What I didn't know until now was that the technicians involved maliciously and thoroughly dug through his files to find stuff that he had deleted.

    I feel sorry for him (the same way I feel for Hayden Kho). He is very much the victim here. These files were created for private use, without any intention to make them public. Unfortunately, they were stolen and made public by someone else. The natural tendency is to blame the person who created those files rather than the person/s who stole the files and were responsible for making it public.

    Okay, I'm veering off topic here. Anyway, back to being Mac related...

    Let this be a lesson to all Mac users: use Finder's Secure Empty Trash feature to delete files that are highly sensitive and incriminating. Otherwise, you may find yourself being a victim as well.

    EDIT: you can also make "Empty Trash Securely" a default setting in Finder > Preferences > Advanced.
     
    #1 elbert, Jun 6, 2009
    Last edited: Jun 6, 2009
  2. ricpac

    ricpac Active Member

    Joined:
    Oct 14, 2007
    Messages:
    1,277
    Likes Received:
    0
    Location:
    Cagayan de Oro
    Thank you for the reminder Bossing. This is very much appreciated.
    I just hope that Edison can get his life back soon after staying in the dark.
     
  3. REDcrazy

    REDcrazy Well-Known Member

    Joined:
    Mar 12, 2006
    Messages:
    1,413
    Likes Received:
    34
    Just a question about using "Secure Empty Trash":

    Scenario is like this; User puts some files in the Trash and then selects "Empty Trash". After a couple of days, the user put another batch of files into the Trash and then this time selects "Secure Empty Trash".

    Question: Does the user's act of utilising the "Secure Empty Trash" on the second batch of files delete traces of the first batch of files (just "Empty Trash") as well?
     
  4. loko__loko

    loko__loko Well-Known Member

    Joined:
    Apr 15, 2004
    Messages:
    4,176
    Likes Received:
    39
    i think only the 2nd batch w/c u used "secure empty trash" will be securely erased.. 1st batch can still be recovered

    btw on our disk utility, erase... you can ERASE FREE SPACE
     
  5. dryxzzz

    dryxzzz Active Member

    Joined:
    Aug 19, 2008
    Messages:
    1,063
    Likes Received:
    5
    Location:
    P8, QC
    I make it a habit to press ⌘+⌥+⇧+⌫ when emptying trash. Won't prompt you anymore to confirm the action. Just make sure you are so certain for that command 'coz there's no way of recovering them...or is it so?
     
  6. rafaelc378

    rafaelc378 Active Member

    Joined:
    Mar 19, 2008
    Messages:
    5,464
    Likes Received:
    2
    1) Secure Empty Trash
    2) Erase Free Space
    3) Use Truecrypt to secure the files you don't want anyone else to see (http://www.truecrypt.org). Am back to using this instead of Espionage because it's finally well integrated with OSX.
     
  7. stevezone

    stevezone Active Member

    Joined:
    Nov 13, 2008
    Messages:
    1,285
    Likes Received:
    0
    Location:
    QC/Bulacan
    it's just the basic thing.. don't ever ever forget to throw those unwanted files to the trash or else.. you can be the next victim.. some geeks can still dug those batch files on your trash! so be carefull..

    choose Finder > Secure Empty Trash

    [​IMG]

    Thanks for the reminder! :)
     
  8. byt_898

    byt_898 Member

    Joined:
    Oct 28, 2008
    Messages:
    132
    Likes Received:
    2
    Location:
    Manila
    Just a quick question, is there still a way for a hacker to recover your files once secure trash has been applied?
     
  9. rafaelc378

    rafaelc378 Active Member

    Joined:
    Mar 19, 2008
    Messages:
    5,464
    Likes Received:
    2
    Secure trash overwrites the sectors where the trashed files are with pseudorandom data. If you format a disk using disk utility, you have the same option (zero out data, 7 pass, 35 pass). It would be difficult to near impossible to recover something when the disk sector has been overwritten with data.
     
  10. melo

    melo Member

    Joined:
    Aug 24, 2008
    Messages:
    301
    Likes Received:
    1
    which of the 3 should i choose if i want to delete free space? zero out, 7 pass or 35? thanks
     
  11. alistair

    alistair Member

    Joined:
    Feb 11, 2005
    Messages:
    931
    Likes Received:
    0
    Location:
    Makati
    Even zero-ing out data is enough security for most users. If the people after your data are dedicated enough to try and recover it after has been zero-ed out, then you should be using stronger encryption to begin with. If the people who're after your data are capable of recovering your data even after zero-ing out, then you have much bigger problems.
     
  12. sawtooth

    sawtooth Member

    Joined:
    Oct 7, 2007
    Messages:
    433
    Likes Received:
    0
    Location:
    QC

    what does this erase free space do? im just curious, it wont erase my HD wont it? ;)
     
  13. elbert

    elbert Active Member

    Joined:
    Apr 8, 2004
    Messages:
    13,923
    Likes Received:
    12
    Location:
    Manila
    When you delete files or empty trash, the files are actually still there. All the system does is allow the space occupied by those files to be overwritten by new ones. Until that space is overwritten, then whatever files were previously there can still be recovered.
     
  14. warpedart

    warpedart Member

    Joined:
    Nov 17, 2007
    Messages:
    185
    Likes Received:
    0
    but can still be retrieved if one used time machine right? provided the culprit has access to your external drive/time capsule as well..

    correct?
     
  15. rafaelc378

    rafaelc378 Active Member

    Joined:
    Mar 19, 2008
    Messages:
    5,464
    Likes Received:
    2
    @warpedart: Yes, it can be retrieved from your Time Machine backups. Thus my recommendation of: 1) If there's anything you have worth keeping private, use Truecrypt to encrypt it. Therefore even if it's backed up, it's encrypted using military-grade and open source encryption software; 2) Use the option of excluding certain folders from Time Machine if you're REALLY concerned about keeping things off of the Time Machine backup files. (Although I use this feature to exclude folders such as my iTunes TV Show Library since it would eat up a lot of space on my TM Drive, and I use another drive strictly for backing up my Media files).

    Also, to add to Alistair's comment, and to answer melo's question; zero out will do for most people's needs. It's A LOT faster than 7-pass and A HECKUVA LOT faster than 35-pass. Both 7 and 35 pass are US Dept of Defense standards for proper "cleaning" of hard drives. I'd recommend that if you're selling or giving away a computer or a hard drive, to take the time to do a 35-pass wipe before it goes out of your hands.

    Just as an example, I once bought a used 250GB 3.5" hard drive from someone. That person didn't even bother to erase the contents of the drive. Thus I was able to gain several hundred gigs of, ahem, films that that person apparently had been collecting. When my girlfriend bought her used MacBook, the previous owner didn't reinstall OSX or even delete her personal files. There were quite a few personal photos (nothing too daring) that they had left.

    So again, keep your computers (especially laptops) secure. I try to do so all the time. I keep my important files encrypted and backed up. I always have the mindset of "if my laptop were stolen today, what would be particularly damaging to me?" Therefore I keep things such as electronic bank statements, quicken spreadsheets, anything with my SSN, personal photos, etc; encrypted using Truecrypt.
     
  16. King

    King PhilMUG Addict Member

    Joined:
    Jul 25, 2005
    Messages:
    1,759
    Likes Received:
    676
    According to the US military the only sure of destroying data from any form of media is to destroy the media itself physically.

    If I was Kho I would've wished I stuffed my computer and memory cards with a grenades and blew them up.

    I still find it bizarre that the Philippine Senate would waste our time and money on investigating a badly made sex video. I also find it bizarre that people who havent even seen any part of the video are condemning it for being pornographic.
     
  17. rafaelc378

    rafaelc378 Active Member

    Joined:
    Mar 19, 2008
    Messages:
    5,464
    Likes Received:
    2
    Indeed. One thermite grenade will make a hard drive nothing but molten slag. Below are examples of incomplete destruction of sensitive materials that ended up falling into nonfriendly hands.

    http://en.wikipedia.org/wiki/Hainan_Island_incident
    http://en.wikipedia.org/wiki/USS_Pueblo_(AGER-2)

    And as for my UST Med batchmate(s) I can only say: 1) Truecrypt Truecrypt Truecrypt! (Steal my laptop all you want; the important stuff will take you centuries to cryptanalyze), 2) The amount of people who really know a secret is the cube of the amount you think know.
     
  18. ice_man

    ice_man Active Member

    Joined:
    Sep 25, 2006
    Messages:
    2,996
    Likes Received:
    2
    Location:
    SoCal
    Ei Bro, What's the advantage of TrueCrypt from Espionage? Except for the paid service ofcourse... thanks
     
  19. rowinms

    rowinms Member

    Joined:
    Apr 4, 2009
    Messages:
    424
    Likes Received:
    0
    Location:
    Hong Kong
    The last time I used was 7 pass. That was before I brought my laptop to service centre. It is already difficult to get the data.
     
    #19 rowinms, Jun 7, 2009
    Last edited: Jun 7, 2009
  20. mannyespejo

    mannyespejo Active Member

    Joined:
    Jan 28, 2009
    Messages:
    1,144
    Likes Received:
    2
    is there an option for PC users? I have personal files on my office PC, mostly bank, credit card statements, and I'm leaving in a few months, "l'll transfer them to my external HD before I leave, is erase and empty recycle bin enough? Obviously I can't physically destroy it (wish I could) since it's company property, any suggestion guys? Thanks a lot!

    OT: Prison Break: Michael Scofield threw his HD in the water, unfortunately the FBI guy (forgot his name) was smart enough to send frogmen and retrieve the HD and blew-up his plans.
     

Share This Page

  • About PhilMUG

    Since the mid-1990s, PhilMUG (formerly the Philippine Macintosh Users Group) has grown to become not just the Philippines’ but one of the world’s foremost Apple user groups. Our online community brings together thousands of members from the Philippines and around the world for the latest news and discussions covering all Apple products and related hardware and software. Anyone can join PhilMUG, from newbies to experts, subject to our membership rules and guidelines.
  • Like us on Facebook

  • Buy us a beer!

    The staff works very hard to make sure that PhilMUG is running 24/7. Care to buy us a beer or help out with our hosting fees? We'd really appreciate it!

    Donate to us!