Even if you shred files religiously, law enforcement officials, and possibly others, have a variety of computer forensics tools at their disposal to pry out any secrets your deleted files may be hiding. So how can you protect your computer from their prying eyes? Basically, you can't. While you can make recovering data harder by periodically purging your cache directory and only storing files on removable disks (such as rewritable DVDs) and physically destroying them afterwards, just remember that everything you do on your computer can potentially be recovered and examined later.
To destroy the contents of a hard disk quickly, grab a copy of DiskZapper (http://diskzapper.com), available as a bootable floppy or CD. If you boot up from a DiskZapper disk, the program starts erasing your hard disk right away. It can be a handy tool to have around when you want to destroy data quickly.
If you're a programmer and want to understand exactly how a file shredder works, download the source code for Eraser (www.tolvanen.com/eraser), written by Sami Tolvanen. Not only is this file shredder absolutely free for anyone to use, but it is also distributed with Microsoft Visual C++ source code, so you can see how it works and even customize it for your own particular needs.
Linux users can download a file-deleting program called Wipe (http://gsu.linux.org.tr/wipe). Like Eraser, Wipe is free and includes C source code so you can look under the hood and maybe even improve the program on your own to wipe out data even more securely.
But don't assume you can rest easy even if you've gone ahead and scoured your hard disk until it's squeaky clean. Just as every bullet fired can potentially be traced to a specific gun, so everything created by a computer can be traced to a specific machine given the right circumstances and a determined enough searcher.
Edward Delp (http://dynamo.ecn.purdue.edu/~ace), a professor of electrical and computer engineering at Purdue University, has developed a technique to identify the unique "signatures" of printers based on their subtle variations. The United States Secret Service is particularly interested in this technology for tracing documents and counterfeit bills back to specific printers.
Tadayoshi Kohno, a University of California Ph.D. student, has even found a way to identify individual computers over the Internet, as documented in the research paper "Remote physical device fingerprinting" (www.caida.org/outreach/papers/2005/fingerprinting). The technique works by "exploiting small, microscopic deviations in device hardware: clock skews." Essentially, Kohno's technique analyzes how a particular computer's clock timestamps the information it sends over the Internet, which can be used to uniquely identify that specific computer even if it's behind a firewall or connecting to the Internet through multiple proxy servers.
So, if your hard disk data can be retrieved despite your best attempts to destroy it, and if your printer and your computer hardware can give away your activities, can you ever keep any of your stuff private? The answer is no—unless, of course, you only use someone else's computer. Will you ever really need to go this far? That answer depends on you.