Why use secure deletion?

Operating systems do not actually remove the contents of a file when it is deleted, even after emptying the trash or explicitly removing the file, from the command line for example.

Instead, they simply remove the file's entry from the file system directory, because this requires less work and is therefore faster. The contents of the file—the actual data—remain on the storage medium. The data will remain there until the operating system reuses the space for new data.

Likewise, reformatting, repartitioning or reimaging a system is not always guaranteed to write to every area of the disk, though all will cause the disk to appear empty or, in the case of reimaging, empty except for the files present in the image, to most software.

Finally, even when the storage medium is overwritten, physical properties of the medium may make it possible to recover the previous contents. In most cases however, this recovery is not possible by just reading from the storage device in the usual way, but requires using laboratory techniques such as disassembling the device and directly accessing/reading from its components.

Quoted from Wikipedia: Secure file deletion.

Warning about USB sticks and solid-state disks

The methods described below will not work as expected on USB sticks and solid-state disks.

  • The existing hard disk-oriented techniques for secure deletion of individual files are not effective.
  • Overwriting twice the entire disk is usually, but not always, sufficient to securely clean the disk.

Unfortunately, Tails does not currently allow you to perform this task with graphical tools. See #5323.

For more details read the corresponding section of the Wikipedia article on Data erasure.

Securely delete files

In Tails you can securely delete files thanks to an extension of the file browser.

  1. Open the file browser, either from the Places menu or the Home icon on the desktop.

  2. Navigate to the folder containing the files that you want to delete.

  3. Select the files that you want to delete with the mouse.

  4. Right-click on the files and choose Wipe.

    Right-click ▸ Wipe

  5. Confirm.

  6. The deletion will start. It can last from a few seconds to several minutes, according to the size of the files. Be patient…

Securely deleting files does not erase the potential backup copies of the file (for example LibreOffice creates backup copies that allow you to recover your work in case LibreOffice stops responding).

Emptying the trash

Before considering securely cleaning the available space on a disk, make sure to empty the trash.

  1. Open the file browser, either from the Places menu or the Home icon on the desktop.

  2. Click on the disk on which you want to empty the trash in the left pane to navigate to the root of this disk.

  3. In the titlebar, choose Menu ▸ Show hidden files to show hidden files.

  4. Delete the .Trash-1000 folder or similar.

Apply this technique to the Persistent folder to empty the trash of the persistent volume.

Securely clean available disk space

In order to clean up the contents of all files that were previously suppressed but not securely deleted from a disk, it is also possible to securely clean all the free space on the disk.

This method does not work as expected on solid-state disks or USB sticks.

The disk or the folder may or may not contain other files. Those files will not be deleted during the operation.

  1. Open the file browser, either from the Places menu or the Home icon on the desktop.

  2. Click on the disk that you want to clean in the left pane to navigate to the root of this disk.

  3. Right-click in empty space in the right pane and choose Wipe available diskspace.

    Right-click ▸ Wipe
 available diskspace

    On the previous screenshot, the trash in the .Trash-1000 folder is not deleted. See the instructions above.

  4. Confirm.

  5. The cleaning starts. It can last from a few minutes to a few hours, according to the size of the available diskspace. Be patient…

    Note that a file with a name similar to tmp.7JwHAyBvA9 is created in the folder. It is made as big as possible to use all the available diskspace and then securely deleted.

This option does not delete hidden files. Choose Menu ▸ Show hidden files in the titlebar to show them.