Is securely emptying trash on a Mac that has FileVault enabled redundant?

Discussion in 'Mac Basics and Help' started by Applechunckin, Apr 4, 2014.

  1. Applechunckin macrumors newbie

    Joined:
    Dec 3, 2012
    #1
    I am wondering if it is pointless to securely erase something in the trashbin when the Mac drive is already encrypted via FileVault.

    Will just emptying the trash normally on an encrypted Mac be equivalent to securely emptying the trash on an unencrypted Mac?

    If there is some marginal security to securely emptying trash on an encrypted drive does anyone know the value of this?
     
  2. Weaselboy Moderator

    Weaselboy

    Staff Member

    Joined:
    Jan 23, 2005
    Location:
    California
    #2
    In my opinion, it is overkill. The hidden .Trash folder is within the encrypted space, so unless someone has your password to login, they can't access this folder.

    It is not equivalent in that the first hypothetically the files are still there, just in encrypted space.... and the second hypothetically the files are gone because they have been overwritten. As a practical matter though, I would argue they are equally inaccessible to intruders.

    I suppose so. What you would be guarding against is if someone got your password then was able to access the .trash folder on your Mac to try and recover deleted files, that would be made more difficult by a secure empty trash.

    One thing to consider is if you are on flash storage like an SSD, the secure empty trash does result in extra write cycles to the NAND chips on the storage device and that is normally something you want to avoid.
     
  3. Applechunckin thread starter macrumors newbie

    Joined:
    Dec 3, 2012
    #3
    So securely emptying trash on a SSD drive MacBook Pro will prematurely cause the storage device to "wear out" faster? I thought flash drives were more resistant to wearing out and repeated write cycles than HDD. I am probably missing something here, but would love an explanation.

    Thank you
     
  4. Weaselboy Moderator

    Weaselboy

    Staff Member

    Joined:
    Jan 23, 2005
    Location:
    California
    #4
    Yes exactly. It is discussed in this article a bit. A good article here showing what happens as the drive "wears down."

    The NAND storage modules used in an SSD have a finite number of write cycles. Most are between 1,000 and 3,000 write cycles. Once that number is reached NAND, cells start having higher error rates and the drive will mark those areas off as not available for use any longer. Over time the entire drive will begin to degrade and eventually it will die.

    I don't mean to scare you as even under fairly heavy usage most users will not hit these limits for many many years. But that said, why add to the wear cycles needlessly.

    If you have a Macbook with a factory flash storage device like an Air or Retina and you do a command-r boot to recovery and try to use Disk Utility to do a secure erase on the disk, you will see this option is greyed out in Disk Utility as it would add wear cycles to the flash storage.

    The other issue is even with no secure erase and no encryption, it is much harder to restore deleted files from a SSD than a HDD.
     

Share This Page