Recover erased harddisk?

[haralds]

There is a command line option Have not tried it...

Usage: diskutil secureErase [freespace] level MountPoint|DiskIdentifier|DeviceNode

"Securely" (but see "man diskutil") erases either a whole disk

or a volume's freespace. Level should be one of the following:

0 - Single-pass zeros.

1 - Single-pass random numbers.

2 - US DoD 7-pass secure erase.

3 - Gutmann algorithm 35-pass secure erase.

4 - US DoE 3-pass secure erase.

Ownership of the affected disk is required.

 

[NoBoMac]

On the other hand I wonder if that idea still applies to SSD's?

Short answer, no. See the link in deedawg's post (#20).

Original FileVault did have some issues, and was not full disk. This day and age, FileVault 2 is pretty rock solid. Been using it for years with no ill effect. Additionally, it's been a while, but, sometimes PII information does leak out via programs, logfiles. Full disk encryption helps minimize exposure to these.

And as pointed out, ways to do an overwrite with diskutil, dd, and third party apps that do secure erase (with proviso that might reduce SSD life; related note, frequent speed tests can also reduce drive life). Some folks like to create encrypted DMG files to hold their sensitive information: standard delete will make unreadable (assuming good passcode/key). Veracrypt for cross platform similar function.

 

[MBX]

I have now turned on FileVault on my new MBP. Surprisingly I noticed no calculations or "indexing" of files like many years back. Is that normal? Is it now just a quick background process?

 

[960design]

I'm a bit paranoid as I'm about to sell my previous/ old MBP and I erased the disk in CMD-R mode.

However is it possible for somebody to recover all my files with some recovery tools if they wanted to?

Yes. I can recover your hard drive. I do have are a very particular set of skills. Skills I have acquired over a very long career. Skills that make me a nightmare for people like you.

I also charge a fair price and would imagine 99.9% of the world would NOT be capable of recovering your files.

Fun Fact:
I prefer erased hard drives. For court, I can only recover very specific files ( location, type or by name ) as listed in the request on a computer that I have circumvented the login credentials. But, if a user has 'erased' a hard drive, I get to recover everything.

 

[Tex-Twil]

If you simply erased you partition, your data can be very simply recovered.

Have a look at this thread

 

[MBX]

If you simply erased you partition, your data can be very simply recovered.

Have a look at this thread

But on the linked page it says "secure erase" is no longer available for ssd's and Apple says it's not necessary.

 

[iMacDragon]

But on the linked page it says "secure erase" is no longer available for ssd's and Apple says it's not necessary.

I think on newer SSD's a standard erase tells the ssd controller to 'TRIM' the entire drive and mark everything unallocated, so any normal read/write to the drive will show all 0's.

 

[MBX]

I think on newer SSD's a standard erase tells the ssd controller to 'TRIM' the entire drive and mark everything unallocated, so any normal read/write to the drive will show all 0's.

So then it seems I shouldn't worry much?

 

[iMacDragon]

So then it seems I shouldn't worry much?

I'd think you're probably fine from any 'casual' attempt, any true serious attempt would involve desoldering flash chips and trying to access directly..

 

[maflynn]

So then it seems I shouldn't worry much?

Nope, but then I think the majority of people here have already stated that its highly unlikely that someone will be willing to undergo the high expense of trying to recover the data. Since you have now encrypted the data, even if they do pull it off the SSD, its all gobblygook

 

[Weaselboy]

I have now turned on FileVault on my new MBP. Surprisingly I noticed no calculations or "indexing" of files like many years back. Is that normal? Is it now just a quick background process?

Yep... on the new 2018 models with the T2 chip the drive is already encrypted, so when you turn in FV, you are just adding a password and that just takes a couple seconds.