Ask any Unix filesystem developer, and they'll tell you that unlink(2) on a file does not erase any of its data, but simply enables the reuse of those blocks on disk.
Whenever I "delete" a social media account, or "Trash" anything on a cloud storage provider, I repeat the mantra, "revoking access for myself!" which may be sung to the tune of "Evergreen".
A reasonable cloud storage provider stores your data encrypted on disk. Certain standards like HIPPA mandates this.
Deletion of data is achieved by permanently discarding the encryption key which is stored and managed elsewhere where secure erasure can be guaranteed.
If implemented honestly, this procedure WORKS and cloud storage is secure. Yes the emphasis is on the "implemented honestly" part but do not generalize cloud storage as inherently insecure.
In the first case, there is nothing preventing the development of software to overwrite data before unlink(2) is called.
In the second case, you can choose to trust or distrust the cloud storage provider. Trust being backed by contractual obligations and the right to sue if those obligations are not met. Of course, most EULAs for consumer products are toothless is this respect. On the other hand, that doesn't prevent companies from offering contracts which have some teeth (which they may do for business clients).
> there is nothing preventing the development of software to overwrite data before unlink(2) is called.
It’s not that simple: this command already exists, it’s called `shred`, and as the manual[1] notes:
The shred command relies on a crucial assumption: that the file system and hardware overwrite data in place. Although this is common and is the traditional way to do things, many modern file system designs do not satisfy this assumption.
[1] https://www.gnu.org/software/coreutils/manual/html_node/shre...