Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

How to make sure an external harddrive (mac) is completely erased for returning

I

iyiyi

macrumors member
Original poster
Jan 13, 2013
82
17
I bought an external SSD from Amazon to use on my iMac. However, it is having some issues and I need to return it. It has a lot of my files on it.

If I do an erase/format does that mean everything is completely erased for good? Is there anything else I can/should do before returning to make sure there is no way anyone could access my files that were once on there?

I know some drives have a "security" option to erase over multiple times but my drive is not showing that option.

I just want to make sure as it seems a little sketchy to send my harddrive back to a random warehouse.

Appreciate any info.
 
Last edited:
Connect the drive and let it mount on the desktop
Open disk utility
In the list on the left, click on the drive and choose erase
Select the format you want (such as Mac OS extended with journaling enabled, GUID partition format)
Then... click "security options"
You want to move the slider "one notch to the right" (from "fastest").
That will be a "one-pass" write of random data.
That should be fine.
 
Fishrrman said:
Connect the drive and let it mount on the desktop
Open disk utility
In the list on the left, click on the drive and choose erase
Select the format you want (such as Mac OS extended with journaling enabled, GUID partition format)
Then... click "security options"
You want to move the slider "one notch to the right" (from "fastest").
That will be a "one-pass" write of random data.
That should be fine.
Click to expand...

Thanks! Is there any benefit to doing the erase process several times or no?
And any benefit to choosing "encrypted" when erasing?
 
That doesn’t usually work for SSD’s, since they have firmware that tries to avoid overwriting blocks/sectors for wear leveling.

The standard way is to turn on FileVault (to encrypt the stuff that is there), then do a normal erase/reinstall, which will delete the FileVault key.
 
  • Like
Reactions: hobowankenobi and bernuli
Red Menace said:
That doesn’t usually work for SSD’s, since they have firmware that tries to avoid overwriting blocks/sectors for wear leveling.

The standard way is to turn on FileVault (to encrypt the stuff that is there), then do a normal erase/reinstall, which will delete the FileVault key.
Click to expand...

Thanks. I already did a regular erase. Will turning on FireVault and erasing still securely erase everything?
 
If wiping it is not good enough, you could always try reformatting it so it must erase the content. Just an idea.
 
iyiyi said:
I already did a regular erase. Will turning on FireVault and erasing still securely erase everything?
Click to expand...
As mentioned, writing to SSD’s works differently than mechanical drives, so doing stuff like writing zeros or random numbers just doesn’t work to erase all the old data.

FileVault encrypts the whole disk, so a password is needed to access anything on it - if the password is lost (from formatting or erasing, for example), the data might as well be random since there isn’t a way to get at it.
 
Red Menace said:
As mentioned, writing to SSD’s works differently than mechanical drives, so doing stuff like writing zeros or random numbers just doesn’t work to erase all the old data.

FileVault encrypts the whole disk, so a password is needed to access anything on it - if the password is lost (from formatting or erasing, for example), the data might as well be random since there isn’t a way to get at it.
Click to expand...

So SSDs will keep the original data on them even after a regular erasing? That seems really dangerous.

And to confirm if I turn firevault on now (even though I already did an erase) will it still work the same way safely erasing everything? Thanks

Edit: It seems that firevault can only be turned on for the main internal Mac harddrive, not an external drive.

Should I just encrypt it? And Should I encrypt it before I return it so that no-one can access it, and if they want to use it, they have to erase it again?
 
Last edited:
So it seems if I encrypt it, erase it, then encrypt it again there should be no way even a hacker could get access to any past data on the drive?
 
iyiyi said:
So SSDs will keep the original data on them even after a regular erasing?
Click to expand...
Not just SSDs, standard drives also. Regular erasing just deletes the file record in the table and marks the space as available. Unless something new is written to that space the data could still be retrieved. A quick format is similar, it just re-writes the file table for the entire drive.

When I sold my MBP I encrypted it then wiped it. Once it's encrypted, if it gets wiped the data is gibberish.
 
hallux said:
Not just SSDs, standard drives also. Regular erasing just deletes the file record in the table and marks the space as available. Unless something new is written to that space the data could still be retrieved. A quick format is similar, it just re-writes the file table for the entire drive.

When I sold my MBP I encrypted it then wiped it. Once it's encrypted, if it gets wiped the data is gibberish.
Click to expand...

So what is the standard way to actually erase a drive?
 
iyiyi said:
So SSDs will keep the original data on them even after a regular erasing? That seems really dangerous.
Click to expand...
The data on a mechanical drive is not normally erased either, which is why there are secure erase utilities to write zeros or random numbers across the disk.

The issue with SSD’s is that the “media” is different - the flash memory they use wears out when written to, so the drive controllers use various schemes to even out the wear across the blocks of memory. These are usually variations on remapping the used and invalid/erased blocks, which doesn’t necessarily write any data (the wear thing again).

Since all this is implemented in the drive controller, doing stuff that works with a mechanical drive may not overwrite everything - it would depend on the manufacturer and the features they implement. FileVault (or other whole-disk encryption, if available) would make any data on the drive inaccessible without a password, so it wouldn’t really matter if it was erased or not.

Since this is an external drive, another option would be to erase it, copy large files to it (music, movies, etc) until it is full, then erase it again. This would work essentially the same as writing random numbers to all sectors on a mechanical drive, which as mentioned before doesn’t work the same for a SSD since you don’t have the same kind of access to the individual blocks.
 
Red Menace said:
The data on a mechanical drive is not normally erased either, which is why there are secure erase utilities to write zeros or random numbers across the disk.

The issue with SSD’s is that the “media” is different - the flash memory they use wears out when written to, so the drive controllers use various schemes to even out the wear across the blocks of memory. These are usually variations on remapping the used and invalid/erased blocks, which doesn’t necessarily write any data (the wear thing again).

Since all this is implemented in the drive controller, doing stuff that works with a mechanical drive may not overwrite everything - it would depend on the manufacturer and the features they implement. FileVault (or other whole-disk encryption, if available) would make any data on the drive inaccessible without a password, so it wouldn’t really matter if it was erased or not.

Since this is an external drive, another option would be to erase it, copy large files to it (music, movies, etc) until it is full, then erase it again. This would work essentially the same as writing random numbers to all sectors on a mechanical drive, which as mentioned before doesn’t work the same for a SSD since you don’t have the same kind of access to the individual blocks.
Click to expand...

Thanks. I didn't know all that!

If it's encrypted, it can just be erased/reformatted by somebody else. If somebody else does this (after I return an encrypted drive) are they still able to go back and somehow retrieve old files that might have been on the drive?
 
iyiyi said:
If it's encrypted, it can just be erased/reformatted by somebody else. If somebody else does this (after I return an encrypted drive) are they still able to go back and somehow retrieve old files that might have been on the drive?
Click to expand...
If everything was encrypted, no one has access without the password/encryption key. You mentioned that you already erased the drive, in which case pieces of the “erased” stuff would still be there, the space it occupies is just marked as being available. Since there isn’t a “write some numbers across the disk” secure erase equivalent for SSD’s, you would need to perform a full-disk encryption (which also encrypts any empty space), or otherwise copy new data to the drive, which will use up those spaces marked as available.
 
Red Menace said:
If everything was encrypted, no one has access without the password/encryption key. You mentioned that you already erased the drive, in which case pieces of the “erased” stuff would still be there, the space it occupies is just marked as being available. Since there isn’t a “write some numbers across the disk” secure erase equivalent for SSD’s, you would need to perform a full-disk encryption (which also encrypts any empty space), or otherwise copy new data to the drive, which will use up those spaces marked as available.
Click to expand...

You can erase an encrypted drive without the password/key though. So does that mean if they just erase it they could get back in to see info?

"Full disk encryption" would just be erasing/formatting to an encrypted format right?
If so, I did that multiple times (after the first regular non-encrypted erase)
Does that mean I am ok to send back the drive?

It's a 1tb drive. I tried putting 1tb of files on it, but after I did, it said only like 200mb was used. Not sure what that means. But I'm guessing I'm fine since I've encrypted and erased several times now.

Thanks so much for the help. Just want to be careful.
 
Last edited:
Once the drive is encrypted, no one will have access to any of the data without the password (the data itself is what is encoded). Erasing the drive will just mark space as being available - any data that may have been on the disk will still be encrypted (and need a password, otherwise it just looks like random junk).

The main purpose of whole-disk encryption (as opposed to just encrypting certain items such as folders or disk images) is that the entire disk is encrypted, which includes everything - even deleted/trashed/erased items.

What kind of disk format was used? Something like APFS uses links in creative ways to make duplicates without actually duplicating anything.

The main thing to remember with a SSD is that it gets creative when writing to the drive in order to level the wear, so you need to write enough (unique) content so that previously written blocks will get used.
 
Red Menace said:
Once the drive is encrypted, no one will have access to any of the data without the password (the data itself is what is encoded). Erasing the drive will just mark space as being available - any data that may have been on the disk will still be encrypted (and need a password, otherwise it just looks like random junk).

The main purpose of whole-disk encryption (as opposed to just encrypting certain items such as folders or disk images) is that the entire disk is encrypted, which includes everything - even deleted/trashed/erased items.

What kind of disk format was used? Something like APFS uses links in creative ways to make duplicates without actually duplicating anything.

The main thing to remember with a SSD is that it gets creative when writing to the drive in order to level the wear, so you need to write enough (unique) content so that previously written blocks will get used.
Click to expand...

Thanks!
I am using the APFS (encrypted) format.
I am doing the erasing and encryption through disk utility on the Mac (choosing erase, and then choosing APFS encrypted as the format). I did this about 3-4 times to be safe.

Am I good to go do you think?
 
OP:

Just wondering...
What kind of problems did you have with this drive...?
 
Fishrrman said:
OP:

Just wondering...
What kind of problems did you have with this drive...?
Click to expand...

It got incredibly hot, even when idle. It also read/wrote very slowly for an SSD (slower than my regular drive). I wanted to make sure I erased and returned it before it failed
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back