2012 MBP no "35-Pass Erase" option?

MacCrank

macrumors member
Original poster
Nov 22, 2011
97
0
UK
just performed the 35pass on my old macbook before thinking of selling and out of curiosity looked at my new MBP settings and noticed it only has 1, 3 or 7. Does this seems right? Why would they not give you the gutmann 35 pass erase as before? How can I get the 35?

 
Last edited:

Bear

macrumors G3
Jul 23, 2002
8,089
4
Sol III - Terra
just performed the 35pass on my old macbook before thinking of selling and out of curiosity looked at my new MBP settings and noticed it only has 1, 3 or 7. Does this seems right? Why would they not give you the gutmann 35 pass erase as before? How can I get the 35?

[url=http://img4.imageshack.us/img4/6176/screenshot20120611at112.png]Image[/URL]
As I explained in your other thread, it's not needed. One pass is enough.

If you use FileVault2 full disk encryption, a 1 pass erase is definitely all that's needed. And I use disk encryption in case a drive fails and I can't erase it.
 
Comment

Mr. Retrofire

macrumors 603
Mar 2, 2010
5,040
470
www.emiliana.cl/en
just performed the 35pass on my old macbook before thinking of selling and out of curiosity looked at my new MBP settings and noticed it only has 1, 3 or 7. Does this seems right? Why would they not give you the gutmann 35 pass erase as before? How can I get the 35?

[url=http://img4.imageshack.us/img4/6176/screenshot20120611at112.png]Image[/URL]
I see two errors:
1. SSDs only need one pass of random data (to avoid the SSD-controller data compression) and one pass of zeroes (to make your first pass "invisible"). Anything more is a waste of time. They do not work like HDDs. And even for HDDs, one pass of zeroes is enough.
2. You overwrite only the free space. You should erase the entire disk (boot from your boot-DVD or USB flash drive with Snow Leopard or Lion), not only the free space.

The 35-Gutmann option is not appropriate for modern (after the year 2000) high density HDDs and SSDs. And do not believe everything what you read about DoD-standards. Many are obsolete.

NIST said:
Guidelines for Media Sanitization
"Advancing technology has created a situation that has altered previously held best practices
regarding magnetic disk type storage media. Basically the change in track density and the
related changes in the storage medium have created a situation where the acts of clearing and
purging the media have converged. That is, for ATA disk drives manufactured after 2001
(over 15 GB) clearing by overwriting the media once is adequate to protect the media from
both keyboard and laboratory attack."
Peter Gutmann said:
In the time since this paper was published, some people have treated the 35-pass overwrite technique described in it more as a kind of voodoo incantation to banish evil spirits than the result of a technical analysis of drive encoding techniques. As a result, they advocate applying the voodoo to PRML and EPRML drives even though it will have no more effect than a simple scrubbing with random data. In fact performing the full 35-pass overwrite is pointless for any drive since it targets a blend of scenarios involving all types of (normally-used) encoding technology, which covers everything back to 30+-year-old MFM methods (if you don't understand that statement, re-read the paper). If you're using a drive which uses encoding technology X, you only need to perform the passes specific to X, and you never need to perform all 35 passes. For any modern PRML/EPRML drive, a few passes of random scrubbing is the best you can do. As the paper says, "A good scrubbing with random data will do about as well as can be expected". This was true in 1996, and is still true now.


----------

And I use disk encryption in case a drive fails and I can't erase it.
You can use encrypted disk images, if you do not need the full disk encryption.
 
Comment

Riemann Zeta

macrumors 6502a
Feb 12, 2008
662
0
As has been mentioned above, if you have a physical spinning disc HDD, there is absolutely no reason why 35-passes would ever be needed. The whole "Gutmann" algorithm and the risk of "ghost magnetic signatures" that remain associated with an HDD sector after a rewrite operation is an urban myth.

On an SSD, however, there is no way of securely erasing a single file, as: (1) flash cells are never overwritten until every single cell on the array has been used at least once (so using the "Secure Erase Trash" command wouldn't overwrite the file, but instead would write zeros to random cells on the SSD and relink the file LBA to those zeros) and (2) there could be hundreds of copies of that one file on the SSD, including ones in user- and OS-inaccessible slack space, due to write amplification. For an SSD, I'm not sure how to securely erase the whole disc, but most manufactures have a LiveCD boot utility that can perform a "factory reinitialize" of the SSD.
 
Comment
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.