File system type and data recovery chances
Before you make efforts to restore lost or unintentionally deleted files, it sometimes doesn't hurt to understand what the chances are for a successful outcome. As you may notice, even the most effective tool may deliver different results, depending on the particular scenario. Of course, there are many factors that determine the recoverability of data. But if it still exists on a storage medium that hasn't been damaged, the possibility of getting it back is primarily influenced by the type of filesystem available on your device. This series of short articles will give you an idea of what you might expect if you know which of the described formats has been actually utilized. To keep things comprehensible even for novices, we won't get deep into technical details and concentrate just on the basic principles. If you need a more profound overview, you can find it in another article devoted to data recovery chances.
Before getting to the point, let's make sure that you're acquainted with several key concepts. First and foremost, any storage device must be partitioned before you can use it. This means that at least one independent region called a partition is created on it, or a couple more, if needed. Once partitioning is completed, each region can be formatted. Formatting involves creation of various structures that organize data within the given partition, decide how and where it will be stored for easy access by all applications. Without them, digital media would simply be unable to function. Fortunately, as users, we do not have to arrange anything ourselves. These structures are already available for us in the form of a ready filesystem (abbreviated as FS). When formatting a storage, you may be presented with several filesystem types or, as they are sometimes called, formats. The choice usually depends on the OS, the type of medium involved or other circumstances.
Different filesystems have their own approaches and particular sets of structures to manage data. Along with the actual content of your files, they have to keep such information as their names, sizes, locations and positions in the directory hierarchy. These details are called metadata and are typically placed separately from the data itself. Meanwhile, the content may be located far off, in one or many blocks, depending on its size. Over time, as new files are written or the existing ones get removed, gaps may start appearing between the occupied blocks. When the FS runs out of successive blocks, it may store files as fragments that are scattered at a great distance one from the other. This phenomenon is called fragmentation.
The FS also knows about every used and free block within the partition it controls. Not only does it have to find blocks for the new files you are saving, but also release the blocks belonging to files that are no longer needed. More often than not, they do not erase them straight away to avoid wasting resources. They prefer to postpone this operation until these blocks will become necessary for new files to reside in. Therefore, when you delete a file or format a partition, the filesystem simply makes some adjustments to its structures in order to be aware that certain data can be overwritten at the earliest convenience.
However, as each filesystem does things differently, the ways in which they modify the remaining structures may also diverge greatly. Some of them retain lots of information about the previous files and directories, making it easier for a data recovery program to bring them back. In contrast, others may wipe it entirely, leaving just numerous disconnected fragments that are impossible to piece together. That is exactly why the chances to recover data are so heavily dependent on the employed format. And being aware of their peculiarities, we can assume what part of allocation information is still available to data recovery software.
With these facts in mind, let's explore in more detail the FS types of Windows, macOS and Linux. If you know which of these is applied on your storage, you can estimate the likelihood of successful data recovery, even before getting on with the procedure: