A hands-on walkthrough of using PhotoRec (bundled with TestDisk) to recover deleted files from a 13-year-old Toshiba laptop and a GoPro SD card, with practical results and caveats.
Key Takeaways
PhotoRec recovered 16k+ files from the Toshiba in 5+ hours; the GoPro SD card yielded 12 files in under a minute, showing wildly different results by media age and usage.
Recovered files lose original filenames and folder structure; manual triage is slow without a sorting script or LLM-based deduplication pipeline.
Filter file types before scanning: PhotoRec supports 480+ extensions across 300+ file families, and broader filters mean longer runtimes.
Never write recovered files back to the source filesystem – doing so risks overwriting the very data being recovered.
Security implication: PhotoRec can resurrect files from secondhand or decommissioned drives, making physical disposal or overwriting critical for any sensitive device.
Hacker News Comment Review
Commenters consistently recommend imaging the source media with ddrescue before running PhotoRec, treating the raw image as the working copy to avoid permanent data loss on degraded hardware.
Mac-native formats and professional video codecs are a known weak spot for PhotoRec; recovery success drops noticeably for those file types compared to common JPG or MP4.
Custom file signatures (.photorec.sig) for niche formats like Unreal Engine .sav files remain tricky – at least one commenter confirmed correct fidentify output but zero recovered files, pointing to an open implementation gap.
Notable Comments
@code_biologist: Custom signatures with GVAS magic value pass fidentify but PhotoRec recovers nothing from EXT4 – a concrete unresolved edge case.
@EvanAnderson: Runs PhotoRec on every thrift store drive purchased and on every drive before disposal as a dual-use verification habit.
