There are plenty of secure deletion software out there, but yesterday I had a need to securely erase my id_rsa file copied to a thumb drive. I didn’t want to have to download some software because I was on a non-personal Mac. A quick search turned up the ‘dd’ command. This simple command on unix which has been around forever to copy data from/to block devices in theory should be able to write over my data multiple times and erase the contents.

dd if=/dev/urandom of=/Volume/NO\ NAME/id_rsa conv=notrunc count=1024 bs=1024

That command writes out 1 MiB of random data to the specified id_rsa file. You can alternate the above command with

dd if=/dev/zero of=/Volume/NO\ NAME/id_rsa conv=notrunc count=1024 bs=1024

to overwrite with zeros and then with random data again.

Now, that in theory should overwrite the contents of the file and a simple unlink or rm should delete the file entry. If anyone reading this sees a flaw in my logic/implementation, or has improvements please leave me a comment.