Shred

Shredding, in the context of computers, refers to the act of deleting a file securely, so that it cannot be restored by any means.

Deleting a file will typically only mark the diskspace occupied by the file as available (for use by new files, or files growing in size), and mark the file as gone from the directory it was in, but leave the actual contents of the file on the disk. This is, for instance, how the MS-DOS tool undelete could recover recently deleted files.

Because the diskspace is marked as available, it will eventually (assuming the disk gets written to) be used by other files, replacing the contents of the deleted file. At this point, the file can no longer be recovered in software. However, it may still be possible to recover the file by more advanced, physical means, because older magnetic recordings (such as those on a harddisk) can be read using the right equipment, even with new recordings on the same disk.

The Unix command shred, and a number of similar Windows freeware and shareware programs, will repeatedly overwrite the file with other data (typically all zeros, or random garbage) a large number of times, to make such physical recovery more difficult.

Shredding depends on the assumptions that files are not moved in the file system during their lifetime, which fails if defragmentation is done, and that they are overwritten in place, which may fail on modern file systems. These can be addressed by shredding the whole partition, not only single files. Even this may fail, since hard disk controller may mark sectors as bad and these may contain data but are not visible to the operating system.

If one wants to be absolutely sure that the file is not recoverable by any means, there's only one thing to do: Physically burn or crush the harddrive.

As an alternative, the file can be stored using strong encryption at all times, in which case there won't be any useful data to recover, assuming the encryption key is secure.