Now, I'll admit I don't have a clue exactly what underlying filesystem you're using on this laptop disk, be it BtrFS, ReiserFS, Ext4, whatever -- I can tell you from experience about Ext4 that undeleting files under certain circumstances is trivial.
Ext4 is a journalled filesystem. That means that whatever modification you make to a file (or technically a file's metadata -- only the metadata for a file is recorded in the journal by default), the modification is recorded in the journal "temporarily". That means the exact (meta)data modified is recorded in the journal at the time of the file save operation, and also a log entry about where that (meta)data belongs in the filesystem. It may surprise you, but initially that metadata is not written to the main filesystem per se; actually the operation to write stuff to the main filesystem is put off for (by default) 5 seconds after you save the file. After that timeout elapses, the metadata is written to the "inode table", the area in the main filesystem where filesystem metadata is stored. And the filesystem metadata includes:
- The size of the file,
- The date the file was last modified, and
- The blocks on disk that the file occupies.
This is all information useful to an attacker. If you know the size of the file and the location where the file contents are stored on-disk, you've got the keys to the castle. I've experimented with this in the past. I've recovered (my own) confidential documents from /tmp before. And furthermore:
You may not expect it, but Ext4 is designed to avoid actually overwriting file data for as long as possible, spreading newer revisions of a file out over the disk in an attempt to even out the usage of the disk. By doing so, if you use the computer relatively casually, your documents that were "long deleted" may remain on-disk totally intact for months. It's not uncommon at all for the journal to use 256 MB on the disk; filesystem metadata is usually backed up only one block at a time, so every time you save a file you may only add 1 block (say 4096 bytes / 4 KB) to the journal. Barring directory modifications (directory contents also gets added to the journal), you could modify files 65,536 times before ever writing over any of the journal entries. On an average day for me, that might mean a few weeks of file modification. For someone else, it could mean months. Also consider: How big is your disk? And how big are the files that you edit? You may be surprised to find that, even if you on average save a 512 KB file every 10 minutes to a 500 GB disk, theoretically (and there are a lot of complications here) you may find that the file still hasn't been overwritten with other stuff at year's end.
It's really a good idea to look into the GNU shred
utility if you value your privacy and possibly your money and well-being.