Register FAQ / Rules Forum Spy Search Today's Posts Mark Forums Read
Go Back   MacRumors Forums > Apple Hardware > Notebooks > MacBook Air

Reply
 
Thread Tools Search this Thread Display Modes
Old Oct 31, 2011, 12:12 PM   #1
RichardF
macrumors 6502
 
Join Date: Oct 2006
Location: New York City
Need to Secure Wipe the SSD on my 11"

I have a APPLE SSD TS128C (Toshiba), Revision CJAA0201 with TRIM support in Mac OS X 10.6.8.

With the SSD highlighted in Disk Utility > Erase tab: everything is grayed-out save for "Erase Free Space...".

I have read that when you wipe a SSD, it just "forgets" where the files are and doesn't actually delete the files.

Does anyone know how to secure-wipe the SSD properly?
RichardF is offline   0 Reply With Quote
Old Oct 31, 2011, 01:22 PM   #2
KPOM
macrumors G3
 
Join Date: Oct 2010
Quote:
Originally Posted by RichardF View Post
I have a APPLE SSD TS128C (Toshiba), Revision CJAA0201 with TRIM support in Mac OS X 10.6.8.

With the SSD highlighted in Disk Utility > Erase tab: everything is grayed-out save for "Erase Free Space...".

I have read that when you wipe a SSD, it just "forgets" where the files are and doesn't actually delete the files.

Does anyone know how to secure-wipe the SSD properly?
Unfortunately, it's very difficult, and as far as I am aware, there aren't any consumer applications for wiping files that can properly handle an SSD. My suggestion would be to run FileVault 2, encrypt the drive, and then do a "wipe free space." That way, if someone is able to retrieve something, it likely would be an encrypted file.

http://nakedsecurity.sophos.com/2011...ecurely-erase/

If you have a bootable drive with Linux, you might see if the Toshiba or Samsung SSD in the 11" will respond to a secure erase command.
KPOM is offline   0 Reply With Quote
Old Nov 1, 2011, 11:37 AM   #3
RichardF
Thread Starter
macrumors 6502
 
Join Date: Oct 2006
Location: New York City
Quote:
Originally Posted by KPOM View Post
Unfortunately, it's very difficult, and as far as I am aware, there aren't any consumer applications for wiping files that can properly handle an SSD. My suggestion would be to run FileVault 2, encrypt the drive, and then do a "wipe free space." That way, if someone is able to retrieve something, it likely would be an encrypted file.

http://nakedsecurity.sophos.com/2011...ecurely-erase/

If you have a bootable drive with Linux, you might see if the Toshiba or Samsung SSD in the 11" will respond to a secure erase command.
Thank you KPOM.

If you overwrite something in the SSD, is it gone? I believe that isn't necessarily the case with HDDs.

Last edited by RichardF; Nov 1, 2011 at 11:45 AM.
RichardF is offline   0 Reply With Quote
Old Nov 1, 2011, 12:41 PM   #4
KPOM
macrumors G3
 
Join Date: Oct 2010
Quote:
Originally Posted by RichardF View Post
Thank you KPOM.

If you overwrite something in the SSD, is it gone? I believe that isn't necessarily the case with HDDs.
I think it's also "not necessarily" the case with an SSD, which is why the encryption recommendation works best before the drive is used to store data.
KPOM is offline   0 Reply With Quote
Old Nov 1, 2011, 12:43 PM   #5
RichardF
Thread Starter
macrumors 6502
 
Join Date: Oct 2006
Location: New York City
Quote:
Originally Posted by KPOM View Post
I think it's also "not necessarily" the case with an SSD, which is why the encryption recommendation works best before the drive is used to store data.

oh Snap... Wish Lion was around when I got my MBA. Encrypting the whole drive seems so logical in this day and age.

I appreciate your help.
RichardF is offline   0 Reply With Quote
Old Nov 1, 2011, 03:35 PM   #6
heyloo
macrumors 6502
 
Join Date: Nov 2006
Location: NY
Quote:
To properly secure data and take advantage of the performance benefits that SSDs offer, you should always encrypt the entire disk and do so as soon as the operating system is installed. SSDs prove difficult to securely erase
Does anyone know why and if there is a performance difference between encrypting the drive on a clean install versus after things have been been written on? Curious why there's a difference, if at all...

Also I've read that there's a performance drop with using File Vault2 with the SSD, which is why I've opted out of encrypting for now. If/When I choose to sell my MBA, I was wondering if I could do the following and get the same results as if I had kept my drive encrypted all along:

1) Wipe SSD
2) Reinstall Lion
3) File Vault2
4) Wipe SSD
5) Reinstall Lion
6) Ready to ship

Would this work?
heyloo is offline   0 Reply With Quote
Old Nov 1, 2011, 05:04 PM   #7
KPOM
macrumors G3
 
Join Date: Oct 2010
Quote:
Originally Posted by heyloo View Post
Does anyone know why and if there is a performance difference between encrypting the drive on a clean install versus after things have been been written on? Curious why there's a difference, if at all...
I don't know if there is a performance difference. The issue is that it might be easier for someone to dig up data from the SSD.

Quote:
Originally Posted by heyloo View Post
Also I've read that there's a performance drop with using File Vault2 with the SSD, which is why I've opted out of encrypting for now.
If there is a performance difference, I hardly noticed it after transitioning from a 2010 MacBook Air (Toshiba SSD) running Snow Leopard to a 2011 MacBook Air (Samsung SSD) running Lion and FileVault2. I think AnandTech ran some specifications and estimated a 15-20% difference on some extended read/write operations, which likely isn't noticeable, particularly for someone coming over from a hard drive. The difference might be more pronounced on an older MacBook Air, since the Sandy Bridge chips have special CPU instructions to speed up encryption that the Core 2 Duos lack. If you are running a 2011, I'd just go for it now.


Quote:
Originally Posted by heyloo View Post
If/When I choose to sell my MBA, I was wondering if I could do the following and get the same results as if I had kept my drive encrypted all along:

1) Wipe SSD
2) Reinstall Lion
3) File Vault2
4) Wipe SSD
5) Reinstall Lion
6) Ready to ship

Would this work?
I think that would help, but it wouldn't be as secure as having encrypted data from the start. I think the issue is that it is possible that the wipe process won't really wipe the SSD. In other words, the SSD's controller will just report back to the OS that the particular SSD block has been overwritten, when in reality it hasn't been, leaving unencrypted data "underneath" that can be picked up later.

Stated otherwise, that would likely stop a casual "hacker" from recovering information using an off-the-shelf utility, but it likely wouldn't be enough to satisfy enterprise/governmental requirements.
KPOM is offline   0 Reply With Quote
Old Nov 1, 2011, 05:37 PM   #8
heyloo
macrumors 6502
 
Join Date: Nov 2006
Location: NY
Thanks KPOM for your insight. Yeah I think I read the same report by AnandTech regarding the performance drop. You bring up a point that I didn't think of - I'm coming from a hard drive-based system after all, so the difference would in fact me unnoticeable.

Thanks for your input on my 'plan', completely makes sense. Hmm. Now the paranoia kicks in @_@. Being that my SSD has been 'written on' already with my data, would I be able to replicate the 'encryption-from-bottom-up(?)' style by wiping my SSD out, put File Vault2 on, then put all the data back where it was - say using SuperDuper? I think I'm making you repeat what you just said on the previous post but would like to know if doing a clean reinstall+encryption would make any difference at this point. Otherwise I'll just slap on File Vault2 on my current system without doing the whole clean reinstall.

There's nothing 'sensitive' on my computer that would require this level of protection, but it's always nice and interesting to know what can be done to improve security on my current system.

Thanks!
heyloo is offline   0 Reply With Quote
Old Nov 1, 2011, 07:29 PM   #9
GekkePrutser
macrumors 6502a
 
GekkePrutser's Avatar
 
Join Date: Aug 2005
Location: Ireland
I wiped my 2011 Air just fine before returning it.

You just have to do it from the recovery console (Cmd-R when starting up). It took about 20 minutes so I'm sure it was really wiping it and not just 'forgetting' stuff. But the recovery image will be damaged as well, you'll have to do a complete network install after that. And it didn't work with my WPA2 network for some reason, luckily I had an old router around that I just set up without a password temporarily.

By the way, like I said I'm pretty sure it did actually wipe the data blocks but due to optimization and the 'spare' space for the wear levelling there is a chance you leave some blocks untouched that are currently marked as 'spare'. It doesn't really matter though because the only way to read from those is by dismantling the SSD and reading directly from the NAND chips. Not to mention the difficulty in piecing whatever's left back together to sensible data. To the OS it will just be 128GB (or whatever) of zeroes after wiping and so it would deter all but the most professional attackers.

You won't see much of a performance drop on the 2011 Air, because it has hardware support for AES encryption (AES-NI). So the encryption is accelerated by the CPU.

I wouldn't do more than a single pass wipe though, as every pass will wear at least 1 program/erase cycle of all the NAND cells.
GekkePrutser is offline   0 Reply With Quote
Old Nov 20, 2011, 04:02 AM   #10
nooboob
macrumors member
 
Join Date: Sep 2011
Question Completely wipe 2011 MBA HDD?

delete
nooboob is offline   0 Reply With Quote
Old Nov 26, 2011, 08:57 PM   #11
cmace127
macrumors newbie
 
Join Date: Feb 2011
I found a workaround. Restart the computer and hold option to enter the setup screen. Go into disk utility and select the drive. Erase the drive using "Mac OS Extended (Case-sensitive, Journaled, Encrypted). Make a password for the encryption, it doesn't matter what it is because you won't need it. Hit "Erase". Now select the volume and the "Erase Free Space" and "Security Options" buttons should no longer be grayed out. Click and select your level of security and off you go. I presume "Erase Free Space" and "Security Options" should do the same thing because you just erased the drive so all space is considered free. This worked for me so let me know if it helps.
cmace127 is offline   4 Reply With Quote

Reply
MacRumors Forums > Apple Hardware > Notebooks > MacBook Air

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Disk Utility secure erase "7 pass secure erase" Appletise OS X Mavericks (10.9) 12 May 7, 2014 02:54 PM
Intel SSD 320M - Secure Erase undesign MacBook Pro 3 Dec 10, 2013 11:20 AM
Secure Erase an Apple SSD silverjam MacBook Air 6 Jul 15, 2013 04:17 PM
MBP Retina SSD Secure Erase Z3R0-CooL MacBook Pro 40 Feb 1, 2013 04:32 AM
How can I wipe my fried SSD? LeroOfTheKodiak MacBook Air 7 Sep 30, 2012 12:16 PM

Forum Jump

All times are GMT -5. The time now is 07:12 AM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC