A common misconception when deleting files is that they are completely removed from the hard drive.
A common misconception when deleting files is that they are completely removed from the hard drive. However, users should be aware that highly sensitive data can still be retrieved from a hard drive even after the files have been deleted because the data is not really gone. Files that are moved to the recycle bin (on PCs) or the trash can (on Macs) stay in those folders until the user empties the recycle bin or trash can. Once they have been deleted from those folders, they are still located in the hard drive and can be retrieved with the right software.
Any time that a file is deleted from a hard drive, it is not erased. What is erased is the bit of information that points to the location of the file on the hard drive. The operating system uses these pointers to build the directory tree structure (the file allocation table), which consists of the pointers for every other file on the hard drive. When the pointer is erased, the file essentially becomes invisible to the operating system. The file still exists; the operating system just doesn’t know how to find it. It is, however, relatively easy to retrieve deleted files with the right software.
The only way to completely erase a file with no trace is to overwrite the data. The operating system will eventually overwrite files that have no pointers in the directory tree structure, so the longer an unpointed file remains in the hard drive the greater the probability that it has been overwritten. There are also many “file erasing” software products currently on the market that will permanently erase files by overwriting them.
Related Articles on Webopedia:
This article was originally published on June 24, 2010