Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

comda

macrumors 6502a
Original poster
Mar 15, 2011
619
85
im in CMD + R and i want to secure erase my hard drive. But blast this new Disk Utility in El Captain.

I want to secure erase the ssd and then reinstall OSX for the next owner.
 
a SSD cannot be secure erased. the only thing you can do is to encrypt it with file vault 2 and then do a regular erase.

make sure you erase your PRAM also. your PRAM contains the password to the last known wifi network


if you do not want to encrypt it with file vault 2 and want a better solution, the only thing you can do is smash the drive into a million pieces
[doublepost=1461552603][/doublepost]it's not el capitals fault. you could never do more then one pass erase on a SSD
 
  • Like
Reactions: chabig
I disagree with the statement that it's not possible to "securely erase" an SSD.

I propose that it could by done thusly:

1. First, one would need to have a disk image of an "empty" SSD available, in the same size as the SSD to be securely erased.

1a. By "empty" SSD, I mean an SSD that has only been initialized for the first time, and has never held any data in its sectors.

2. Next, one would mount the image of the empty SSD as "the source" in Disk Utility.

3. Then, select the SSD to be erased as "the target".

4. Then, turn Disk Utility loose to copy the entire image from one SSD to another.

4a. I reckon one could also use a cloning app such as CarbonCopyCloner or SuperDuper to do this, would work as well.

5. This would replace nearly every available sector on the "previously used" drive with data from the "empty" drive -- which would be "no data at all", since there never was data on the source drive.

6. In this case the existing data would be over-written with "null data".

This might not replace EVERY sector on the old SSD due to provisioning, etc., but it would pretty well guarantee that the overwhelming majority of files that once were on that drive would now be un-recoverable for all practical purposes.

Would this not work?
Why not?

One other observation:
I can use older copies of Drive Genius to "shred" (securely erase) the free space on my SSD's. Or at least DG tells me it's doing this (when perhaps it may not be). What's going on here?
 
im in CMD + R and i want to secure erase my hard drive. But blast this new Disk Utility in El Captain.

I want to secure erase the ssd and then reinstall OSX for the next owner.

You can secure erase an SSD with the ATA Secure Erase command, but it is kind of a hassle. You need to make a Linux boot CD to do it. If you search around you can find instructions like this.

Otherwise, the next best thing is to encrypt the drive with FileVault then erase afterwards. That is not a true secure erase, but even if somebody managed to recover some data from the erased drive, it would still be encrypted.
 
  • Like
Reactions: 997440
Thank-you to all That assisted here! Its well appreciated! However since i imaged the SSD drive to another hard drive, i booted off it and used yosemite Disk utility and selected a Secure erase option. Hopefully that was it.
 
because of wear leveling, a ssd drive can not be secure erased. you have to encrypt it or smash it
256 bit is good enough. that is what protects our iPhones and wifi networks but you could go 4096 bit if you want.


The NSA approved method for data destruction on a SSD, flash drives, hybrids etc., is by grinding them into a fine powder.

this is basically how AVAST purchased hundreds of android phones and were able to recover data off of them.

with an android phone you have to plug it in and wait 2 hours, only to find out the data was recoverable. when you securely erase an iPhone, all your doing is telling the iPhone to erase its key.

if you believe that ssd memory can be securely erased, you should notify apple of your discovery. i think all of us really want to go back to the days of the iPhone in 2007 and have to wait 2 hours for your iPhone to erase. i hear retro is in


you can wipe a ssd drive 40 times, and the data would still be there.

https://nakedsecurity.sophos.com/2011/02/20/ssds-prove-difficult-to-securely-erase/
http://macosxfilerecovery.com/data-recovery-possible-on-securely-erased-ssds/



https://en.wikipedia.org/wiki/Write_amplification
 
use cmd R and go to recovery, or use a bootable installer.

Then type in terminal "diskutil info disk0" as disk0 should be your internal drive. Somewhere in the output you see something like the following:

Total Size: 251.0 GB (251000193024 Bytes) (exactly 490234752 512-Byte-Units)

This is for my 256GB drive in a rMBP. So the block size is 512 bytes and there are 490234752 blocks.

The you could do "dd if=/dev/urandom of=/dev/disk0 bs=512 count=490234752"
You could use urandom, random, or zero, or some combination of them. I once knew the difference between urandom and random but I forget now, I think it has something to do with the PRNG not being mathematically perfect in one of them but im not sure.
 
I have a hypothetical question -- I've never tried this, and it might not work anyway, but...

Let's use a 240gb SSD for an example.

Suppose I have a 240gb SSD with data on it.
I'd like to overwrite that data so as not to be recoverable.

What if -- one took ANOTHER, NEVER-USED 240gb SSD, also of 240gb size,
then
Initialized it for the first time, but put NO data onto it,
then
Used a cloning app (such as CarbonCopyCloner or SuperDuper) to clone the contents of the "new-but-empty" SSD to the old SSD (with data on it).

What would be the result?
 
I have a hypothetical question -- I've never tried this, and it might not work anyway, but...

Let's use a 240gb SSD for an example.

Suppose I have a 240gb SSD with data on it.
I'd like to overwrite that data so as not to be recoverable.

What if -- one took ANOTHER, NEVER-USED 240gb SSD, also of 240gb size,
then
Initialized it for the first time, but put NO data onto it,
then
Used a cloning app (such as CarbonCopyCloner or SuperDuper) to clone the contents of the "new-but-empty" SSD to the old SSD (with data on it).

What would be the result?

I would assume it would make a bit for bit copy of the drive with no data on it onto the drive you want to erase, but it would be easier to just zero the drive or write random data over it.
 
Finder

From the foot of Disk Utility (El Capitan): Create a disk image I assume that Secure Empty Trash is still offered by Finder.

As far as I can tell, Finder in pre-release macOS Sierra no longer offers that feature.

srm - securely remove files or directories

Apple notes for a pre-release (thanks to @tywebb13) show that srm(1) has been removed because it is no longer useful on SSD/Flash-based systems.

Thoughts

I understand the constraining of Finder to suit an Apple ecosystem that assumes no customer use of hard disk drives.

However: Apple's removal of srm is inconsiderate to customers who understand the technology, and wish to securely remove data from a hard disk drive.

Related

OS X Yosemite: Securely erasing your deleted files


Does Secure Empty Trash actually write random patterns of data?

http://opensource.apple.com/source/srm/srm-7/ in Apple open source for OS X 10.11.6
 
  • Like
Reactions: 997440
I understand the constraining of Finder to suit an Apple ecosystem that assumes no customer use of hard disk drives.

Who would sell a hard-disk drive these days... :rolleyes:

Screen Shot 1.png
 
To clarify: I understand the constraining of Finder to suit an Apple ecosystem that assumes no customer use of hard disk drives. – I understand things to be that way, but I don't like it.
 
To clarify: I understand the constraining of Finder to suit an Apple ecosystem that assumes no customer use of hard disk drives. – I understand things to be that way, but I don't like it.
You can still customize the system yourself.

You could get the source for 'srm' from Apple, compile it, then use it from Terminal. Or run the compiled 'srm' from a script or Automator, as a Service. Or write a Mac app. Or look for a secure erase app on the App Store.

Plenty of options remain, especially if you can compile or write software yourself. By removing 'srm', Apple has not forbidden you from doing a secure erase. It's simply moved the capability from the "standard equipment" category to "aftermarket add-on".

In short, you're free to not like it, and you're still free to change it.
 
  • Like
Reactions: grahamperrin
its more easier and more secure to just use filevault and then do a regular erase + reset pram

That only works reliably if you’ve been using volume encryption the whole time. Opportunistic encryption prior to sale does not work for the same reason that overwriting with random data does not: the SSD may still have pages with data in the ‘over-provisional’ part that it uses for garbage collection. ATA Secure Erase is the only method that should produce an acceptable result, provided the manufacturer actually supports it well.

The trouble really is that you can never be sure. Disk encryption should be used from the start as an additional layer, in case Trim or Secure Erase don’t work correctly. The costs of having this professionally verified probably easily outweigh the costs of the SSD itself, which is why you should indeed destroy it if you are unsure.
 
Opportunistic encryption prior to sale does not work for the same reason that overwriting with random data does not: the SSD may still have pages with data in the ‘over-provisional’ part that it uses for garbage collection.

I don't agree this is accurate. You are correct a FV encryption would not get the data in the over provisioned area, but that is a very small portion of the drive. Between that and the way data is stored on a SSD to begin with, any data retrieval is going to be very very difficult and even then only likely partial recovery. I agree a FV encryption then wipe is not perfect, but I would not say it does not work.
 
I don't agree this is accurate. You are correct a FV encryption would not get the data in the over provisioned area, but that is a very small portion of the drive. Between that and the way data is stored on a SSD to begin with, any data retrieval is going to be very very difficult and even then only likely partial recovery. I agree a FV encryption then wipe is not perfect, but I would not say it does not work.

This is a contradiction. ;) You cannot get around the fact that data may still be there. Some SSDs reserve about 10% of their storage cells for this purpose.

Encrypting the volume with system tools is not different from ‘overwriting’ with zeros, at least not to the SSD controller. It can even be less reliable than the latter depending on the disk setup. FileVault only encrypts the Macintosh HD volume, not the disk. If you have additional free space or empty partitions, then the data may end up there. Besides, encrypting with FileVault takes more time than ‘overwriting’ with zeros.

It is better to use FileVault from the start, to make sure that even the over-provisional part of the disk has no retrievable data. Before you give it away, you can safely call ATA Secure Erase with tools from the manufacturer, with the Linux tools you mentioned or with free commercial tools like Paragon Disk Wiper.
 
Last edited:
  • Like
Reactions: peter329
This is a contradiction. ;) You cannot get around the fact that data may still be there. Some SSDs reserve about 10% of their storage cells for this purpose.

I believe I acknowledged that in my reply. You are just saying the same thing over and over.
 
Would I get the equivalent of secure erase on mbp ssd if I reformatted it first then do a clean install then load photoshop and create a sribbley piece of artwork then saved it to the ssd at a file size that would fill the ssd?

I realise that there will be some stuff left but that should get rid of most of the SSD shouldn't it?
 
Last edited:
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.