Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Secure Erase MacBook SSD?
- Thread starter MM022
- Start date
- Sort by reaction score
Do it the quick way,
1, create a new admin account
2, reboot
3, log into that account
4, delete your account from the new account
5, dialog pops up, select delete all data and tick secure erase.
Simples
Last edited:
Unless you have files residing outside of your home folder. In that case you want to boot into recovery CMD + R at boot then go to disk utility select your drive and choose erase with secure overwrite. 1 pass is fine, 3 pass is what most government uses, 7 pass is NSA/CIA stuff, 36 pass is just because you can and will take a long time even on an SSD.
Once this is done, close Disk Utility and go to Install Mac OS <Version>. Install to your freshly formatted drive and you're done.
Once this is done, close Disk Utility and go to Install Mac OS <Version>. Install to your freshly formatted drive and you're done.
That won't work. The secure erase options will not not be there if it is a Mac that comes with flash storage.
OP>> Not the same thing, but similar end result. You can turn on FileVault encryption for the drive, then once the drive is encrypted, boot to Internet recovery and erase the drive then reinstall the OS.
So even if someone were able to use a file recovery utility to somehow recover part of what you deleted, it would still be encrypted and not accessible.
Wow, I never thought of that, all I would need to do is log into recovery and delete the corestorage and reinstall the OS.
Thanks!
I didn't know that about SSDs, learned something new, it was available on my fusion drive so I was assuming it was the same for any drive.
With that being said...
Be careful about deleting CoreStorage if you have a fusion drive, rebuilding a fusion drive from scratch is not fun. (For other people who are reading this with a fusion drive) Just giving out that warning because I have a 4 year degree in IS and been working on computers for almost 15 years (7 of which is professional experience) and I still grumble when I have to do it.
Here are instructions on how to securely erase an SSD: http://osxdaily.com/2013/04/22/secure-erase-mac-ssd-drive-recovery-mode/
[doublepost=1464125858][/doublepost]Here is another and simpler alternative: http://www.macworld.com/article/2906499/mac-911-how-to-erase-your-macs-hard-drive-the-right-way.html
[doublepost=1464125858][/doublepost]Here is another and simpler alternative: http://www.macworld.com/article/2906499/mac-911-how-to-erase-your-macs-hard-drive-the-right-way.html
None of those secure erase options are available for an Apple flash storage device. If you boot to recovery and try to select those options, you will see they are greyed out.
It's better than writing zeros as ATA secure erases only erases the flash, whereas writing zeros first erases and then fills the flash with zeros. ATA secure erase is the best way to erase an SSD because it doesn't cause any extra wear and also fully restores performance, whereas zero erase can actually hurt performance, at least in short term.
Parted Magic is a great tool for that, but any Linux distro will actually work if you use hdparm commands in Terminal (just two simple commands).
It's not comparable.
Writing zeros needs to be done on magnetic media such as a drive with spinning platters. You write zeros over the sectors on those platters to overwrite any data that's there. The more passes you make, and if you randomize the data too (not just do zeros), then the more "secure" the "erase" is.
Flash storage is different. Something like PartedMagic is a decent tool to use, because its disk erase utility has the ability to send an ATA secure erase command directly to an SSD's controller, which (in theory) should erase everything. There is no magnetic media with flash storage. It's just 1's and 0's stored in memory cells. The issue with flash is that an SSD's controller can mark a cell as bad, even though technically it's still working ... Just "failing", which makes it no longer accessible by a user. The data's still there. Using legacy format or those traditional "secure erase, multi pass" methods will not erase the data that's there. Only the SSD's controller can do that ... Hence the need to send that ATA secure erase command to the controller.
But wait, there's more. In the early days of SSD's, somewhere like 4-6 years ago or even earlier, not all SSD manufacturers followed the ATA specs when they made their products. If I remember right, early Sandforce controllers were bad for this. So, even if you passed a secure erase command to the controller, it wouldn't actually erase all the data that was in any region not accessible by the user. I believe all of that's been dealt with these days, so that it's most likely not a concern today, but as a general rule of thumb, if you want to be certain your data is gone, then encrypt it all before you erase. Then, maybe cross your fingers and pray that there's no unencrypted data in areas that are not accessible by anything except the drive's controller.
Of course this is all kinda silly anyway, because you would have to be a pretty important individual or have some sort national security type data on your system in order for it to be important enough for it to be worth the effort of person with the skill and know-how to get data from those hidden regions of flash memory, and anybody in that position that would have that type of data on a portable system that is taken outside of a secure facility (even if it's encrypted) should probably be fired, but that's veering off-topic.
Encrypt it, then boot into recovery, repartition and format.
It's been a while, but here's how I remember the process going:
First off - the tricky part is getting the actual Parted Magic USB stick. A co-worker let me use his disk image, and that's been rock solid. You can probably head on over to Parted Magic's site and purchase a dongle from them.
Once you have it, just boot up holding "opt" and then select Parted Magic. You have a choice of boot methods. The 1st one seems to work the best for me, but you may go with a different one.
Once inside the Linux environment, select the "hard drive tools" or whatever it's called. From there you can select your SSD and perform the secure ATA erase. Be aware that if your drive is "frozen", it won't allow you to proceed. You'll need to sleep and then wake your computer to "unfreeze" the drive. This can be a pain in the ass on a Mac Pro - I had to use the terminal on another Mac and remotely sleep and wake the tower in order to get it unfrozen.
Viola!
Wish I could be of more help, but the process is pretty simple once you get a working thumb drive.
Thank you for that, I think I tried this before on an older retina MacBook and ended up killing the SSD, but you say you've had a good experience doing this many times?
Thanks man
I've done it dozens of times - about to perform a round of Secure ATA erases on 4 of my machines. Never had it kill one of my drives. My condolences. Can you provide any more details about how it happened? I'm sure some of the more knowledgeable users on the forum can figure out what went wrong.
I have no idea, it just came back as failed, it was replaced for free by apple though.
I have just done a secure ATA wipe on a 2015 MacBook Pro 15 500gb and it went perfectly. The drive is even faster than it was before
Did you have any issues with the 2015 computers not going to sleep? Im having an issue using parted on a mid 2015 Mac book pro. Every time I go to do a ata secure erase the drive is frozen. When I choose the sleep option the computer screen go blank and becomes unresponsive except for the keyboard backlit which stays lit. The only thing that can be done once this happens is to hold down the power button and restart the computer.
Just use a different linux distribution, for example an Ubuntu live dvd, or a Debian linux one. I am sure there will be one out there that supports sleep and wakes up from it, and they all run the hdparm package needed.
you need a updated version of the live CD, search parted magic 2017. there is a button to force the computer to sleep then you just close and open the lid if I remember correctly