It is the files that are taking up all the space. The reference (or index, pointer) barely take up any space. Then how do deleted files free spaces if they are not permanently deleted?
First, let's understand what does "free space" mean. "Free space" doesn’t mean “empty space", it just means that this space is available, regardless of whether it is empty or “occupied”. When we delete a file, the space it used to take up will no longer be “protected”. Surely the file is still there (not forever), but when new files are created, the system will try to find places to allocate them. It could be any available space so there are chances your deleted files will get overwritten because their space is now marked as available.
It’s just like your rent is due and you are suppose to move out already. But you have no place to go and the landlord is kind enough to let you stay a bit longer because he has other available rooms for now. But he also tells you that when new tenants are moving into your room, you’ll have to leave.
This is basically how deletion works. Deleted files aren't removed permanently until they got overwritten by new files. Why won't the system just delete them right away? As stated above, to permanently remove a file requires the file to be overwritten. That means each time you delete file, the system will overwrite the file with random 0s and 1s. This is time consuming and inefficient. The larger the deleted file, the longer it will take to overwrite. Just think about the painful waiting each time you copy a huge file. For users with specific security requirements, there are tools available to erase files permanently in case of unauthorized recovery. What's more, due to its "Wear Leveling" feature, you can hardly erase individual files on SSDs.
Technically, ‘’empty space” does not even exist. Depending on the storage medium, hard disk drives and solid-state drives work differently regarding how to store data. HDD stores date on its magnetic platter surface, which is divided into billions of tiny magnetic domains. Each domain can be independently magnetized (1) or demagnetized (0). SSD flash memory works by charging or removing electrons in floating gate transistor cells to represent 0 and 1. Brand new hard disk drive is filled with 0s (demagnetized) and brand new solid-state drive is filled with 1s (no electron or discharged state). You files are just different combinations of 1s and 0s, so in a sense, there is no empty space on drives, only available spaces or occupied spaces.
When or how the deleted files will get overwritten is sort of random. You cannot predict exactly where the file system is going to put the new data. So your best chance is to act quickly after accidental deletion. That’s why professional data recovery services always suggest that you don’t use the hard drive after accidental deletion to increase the chance of a successful recovery.
No comments:
Post a Comment