Not one byte leaves the machine.
DuplicateDuster never transmits file names, hashes, or content anywhere. It works with the network cable pulled, and it's safe for sensitive files.
What's actually in place.
Fully local processing
Scanning, hashing and deletion all happen on your machine. No file names, hashes or content are ever transmitted anywhere.
Read-only scanning
Nothing is changed by a scan on its own. You always review duplicate groups before anything is removed.
An original is always kept
Every duplicate group preserves at least one copy. There is no path that removes every instance of a file.
Three-pass secure overwrite
Optional secure erase overwrites a file's data three times (0xFF, then 0x00, then random bytes), scrambles the filename, and zeroes the timestamp before removing it.
What secure erase doesn't guarantee.
Not a certified military standard
This is a genuine three-pass overwrite, not a certified DoD 5220.22-M implementation. If your compliance requirement specifically demands that certification, verify it independently before relying on this.
SSDs limit what overwriting can guarantee
On solid-state drives, wear-levelling and TRIM can move or discard data in ways an overwrite-based erase can't fully control. For SSDs, full-disk encryption is a stronger guarantee than file-level secure delete.
Want the implementation details?
The exact overwrite sequence and hashing approach are documented for technical review.