I'm not aware of Linux actually holding files after the trashcan is emptied.
Maybe your friend is referring to the phenomena in magnetic media (spinning, magnetic hard disks and old floppy disks) where files aren't actually erased when you "delete" them. I think the normal "delete" process in Linux is more accurately called "unlinking" because the reference to the file is removed from the disk partition's catalog of files, but the data on the disk is not really touched. There are utilities that can recover files that have been only "unlinked".
Furthermore, just overwriting the data on the disk once might not be enough either. To some degree, magnetic media retains what was written to it previously. It's kind of like erasing something that was written in pencil and then overwriting it. Someone who was really interested in what was written there before could find traces of it and probably piece it back together. The solution to this is to overwrite the area on the disk where your file was with random data several times. I don't know if there's a standard for how many passes it takes to really make the data unrecoverable by anyone. At one point I had a secure-deletion program for Windows in which one of the options was something like "7 pass Dept of Defense standard", so I suppose 7 is as good of a number as any.
NOTE: I don't know if flash memory like you find in thumb drives and "SSDs" (Solid State Drives) behaves like this or not. But I do know flash memory can only be written to so many times, so doing this to those types of drives will shorten their life. The more often and larger the files, the more it'll shorten the drive's life. Also, many (most? Nearly all now a days?) of these types of drive have built in smarts for "wear leveling" meaning that they keep track of what parts of them have been written to most and spread the wear around so as to extend the life of the drive. Doing a multi-pass delete on one of these drives would probably be completely ineffective at obscuring your file because each pass would probably hit a different part of the disk.
Also note that copies of files can be stored in RAM and might so might be written to swap space as well, so cleaning the swap file might be desirable.
Finally, there are utilities out there which will write random data a specified number of times over all the bits on your disk partitions which, according to the disk partition's file catalog, aren't in use. You can use these utilities to try to remove the contents of old files from the disk even long after you've deleted them.
For secure multi-pass deletions of files in Linux, try "shred -uz <filename>".
To handle directories and the "empty" parts of your disks, try the "secure-delete" package (apt-get install secure-delete)
Also find articles like this one [
http://techthrob.com/2009/03/02/howt...rely-in-linux/ ].
I hope this helps :-)