Need to Secure Wipe the SSD on my 11"

RichardF said:

I have a APPLE SSD TS128C (Toshiba), Revision CJAA0201 with TRIM support in Mac OS X 10.6.8.

With the SSD highlighted in Disk Utility > Erase tab: everything is grayed-out save for "Erase Free Space...".

I have read that when you wipe a SSD, it just "forgets" where the files are and doesn't actually delete the files.

Does anyone know how to secure-wipe the SSD properly?

Click to expand...

Unfortunately, it's very difficult, and as far as I am aware, there aren't any consumer applications for wiping files that can properly handle an SSD. My suggestion would be to run FileVault 2, encrypt the drive, and then do a "wipe free space." That way, if someone is able to retrieve something, it likely would be an encrypted file.

http://nakedsecurity.sophos.com/2011/02/20/ssds-prove-difficult-to-securely-erase/

If you have a bootable drive with Linux, you might see if the Toshiba or Samsung SSD in the 11" will respond to a secure erase command.

RichardF said:

Thank you KPOM.

If you overwrite something in the SSD, is it gone? I believe that isn't necessarily the case with HDDs.

Click to expand...

I think it's also "not necessarily" the case with an SSD, which is why the encryption recommendation works best before the drive is used to store data.

To properly secure data and take advantage of the performance benefits that SSDs offer, you should always encrypt the entire disk and do so as soon as the operating system is installed. SSDs prove difficult to securely erase

Click to expand...

Does anyone know why and if there is a performance difference between encrypting the drive on a clean install versus after things have been been written on? Curious why there's a difference, if at all...

Also I've read that there's a performance drop with using File Vault2 with the SSD, which is why I've opted out of encrypting for now. If/When I choose to sell my MBA, I was wondering if I could do the following and get the same results as if I had kept my drive encrypted all along:

1) Wipe SSD
2) Reinstall Lion
3) File Vault2
4) Wipe SSD
5) Reinstall Lion
6) Ready to ship

Would this work?

heyloo said:

Does anyone know why and if there is a performance difference between encrypting the drive on a clean install versus after things have been been written on? Curious why there's a difference, if at all...

Click to expand...

I don't know if there is a performance difference. The issue is that it might be easier for someone to dig up data from the SSD.

heyloo said:

Also I've read that there's a performance drop with using File Vault2 with the SSD, which is why I've opted out of encrypting for now.

Click to expand...

If there is a performance difference, I hardly noticed it after transitioning from a 2010 MacBook Air (Toshiba SSD) running Snow Leopard to a 2011 MacBook Air (Samsung SSD) running Lion and FileVault2. I think AnandTech ran some specifications and estimated a 15-20% difference on some extended read/write operations, which likely isn't noticeable, particularly for someone coming over from a hard drive. The difference might be more pronounced on an older MacBook Air, since the Sandy Bridge chips have special CPU instructions to speed up encryption that the Core 2 Duos lack. If you are running a 2011, I'd just go for it now.

heyloo said:

If/When I choose to sell my MBA, I was wondering if I could do the following and get the same results as if I had kept my drive encrypted all along:

1) Wipe SSD
2) Reinstall Lion
3) File Vault2
4) Wipe SSD
5) Reinstall Lion
6) Ready to ship

Would this work?

Click to expand...

I think that would help, but it wouldn't be as secure as having encrypted data from the start. I think the issue is that it is possible that the wipe process won't really wipe the SSD. In other words, the SSD's controller will just report back to the OS that the particular SSD block has been overwritten, when in reality it hasn't been, leaving unencrypted data "underneath" that can be picked up later.

Stated otherwise, that would likely stop a casual "hacker" from recovering information using an off-the-shelf utility, but it likely wouldn't be enough to satisfy enterprise/governmental requirements.

Thanks KPOM for your insight. Yeah I think I read the same report by AnandTech regarding the performance drop. You bring up a point that I didn't think of - I'm coming from a hard drive-based system after all, so the difference would in fact me unnoticeable.

Thanks for your input on my 'plan', completely makes sense. Hmm. Now the paranoia kicks in @_@. Being that my SSD has been 'written on' already with my data, would I be able to replicate the 'encryption-from-bottom-up(?)' style by wiping my SSD out, put File Vault2 on, then put all the data back where it was - say using SuperDuper? I think I'm making you repeat what you just said on the previous post but would like to know if doing a clean reinstall+encryption would make any difference at this point. Otherwise I'll just slap on File Vault2 on my current system without doing the whole clean reinstall.

There's nothing 'sensitive' on my computer that would require this level of protection, but it's always nice and interesting to know what can be done to improve security on my current system.

Thanks!

I wiped my 2011 Air just fine before returning it.

You just have to do it from the recovery console (Cmd-R when starting up). It took about 20 minutes so I'm sure it was really wiping it and not just 'forgetting' stuff. But the recovery image will be damaged as well, you'll have to do a complete network install after that. And it didn't work with my WPA2 network for some reason, luckily I had an old router around that I just set up without a password temporarily.

By the way, like I said I'm pretty sure it did actually wipe the data blocks but due to optimization and the 'spare' space for the wear levelling there is a chance you leave some blocks untouched that are currently marked as 'spare'. It doesn't really matter though because the only way to read from those is by dismantling the SSD and reading directly from the NAND chips. Not to mention the difficulty in piecing whatever's left back together to sensible data. To the OS it will just be 128GB (or whatever) of zeroes after wiping and so it would deter all but the most professional attackers.

You won't see much of a performance drop on the 2011 Air, because it has hardware support for AES encryption (AES-NI). So the encryption is accelerated by the CPU.

I wouldn't do more than a single pass wipe though, as every pass will wear at least 1 program/erase cycle of all the NAND cells.

Completely wipe 2011 MBA HDD?

delete

I found a workaround. Restart the computer and hold option to enter the setup screen. Go into disk utility and select the drive. Erase the drive using "Mac OS Extended (Case-sensitive, Journaled, Encrypted). Make a password for the encryption, it doesn't matter what it is because you won't need it. Hit "Erase". Now select the volume and the "Erase Free Space" and "Security Options" buttons should no longer be grayed out. Click and select your level of security and off you go. I presume "Erase Free Space" and "Security Options" should do the same thing because you just erased the drive so all space is considered free. This worked for me so let me know if it helps.