Secure Erase MacBook SSD?

Discussion in 'MacBook Pro' started by MM022, May 24, 2016.

  1. MM022 macrumors newbie

    Joined:
    Oct 12, 2005
    #1
    Is there any tools or directions on how to securely erase the stock SSD in the MacBook Pro Retina since El Capitan no longer has the option built in?
    I want to make sure all the data is securely erased before i sell the MacBook.
     
  2. Gav2k, May 24, 2016
    Last edited: May 24, 2016

    Gav2k macrumors G3

    Gav2k

    Joined:
    Jul 24, 2009
    #2
    Do it the quick way,

    1, create a new admin account
    2, reboot
    3, log into that account
    4, delete your account from the new account
    5, dialog pops up, select delete all data and tick secure erase.

    Simples
     
  3. mildocjr macrumors 65816

    #3
    Unless you have files residing outside of your home folder. In that case you want to boot into recovery CMD + R at boot then go to disk utility select your drive and choose erase with secure overwrite. 1 pass is fine, 3 pass is what most government uses, 7 pass is NSA/CIA stuff, 36 pass is just because you can and will take a long time even on an SSD.

    Once this is done, close Disk Utility and go to Install Mac OS <Version>. Install to your freshly formatted drive and you're done.
     
  4. Weaselboy Moderator

    Weaselboy

    Staff Member

    Joined:
    Jan 23, 2005
    Location:
    California
    #4
    That won't work. The secure erase options will not not be there if it is a Mac that comes with flash storage.

    OP>> Not the same thing, but similar end result. You can turn on FileVault encryption for the drive, then once the drive is encrypted, boot to Internet recovery and erase the drive then reinstall the OS.

    So even if someone were able to use a file recovery utility to somehow recover part of what you deleted, it would still be encrypted and not accessible.
     
  5. MM022 thread starter macrumors newbie

    Joined:
    Oct 12, 2005
    #5
    Wow, I never thought of that, all I would need to do is log into recovery and delete the corestorage and reinstall the OS.

    Thanks!
     
  6. Weaselboy Moderator

    Weaselboy

    Staff Member

    Joined:
    Jan 23, 2005
    Location:
    California
    #6
    Yup... exactly. :)
     
  7. mildocjr macrumors 65816

    #7
    I didn't know that about SSDs, learned something new, it was available on my fusion drive so I was assuming it was the same for any drive.

    With that being said...
    Be careful about deleting CoreStorage if you have a fusion drive, rebuilding a fusion drive from scratch is not fun. (For other people who are reading this with a fusion drive) Just giving out that warning because I have a 4 year degree in IS and been working on computers for almost 15 years (7 of which is professional experience) and I still grumble when I have to do it.
     
  8. JohnDS macrumors 65816

    Joined:
    Oct 25, 2015
  9. Weaselboy Moderator

    Weaselboy

    Staff Member

    Joined:
    Jan 23, 2005
    Location:
    California
    #9
    None of those secure erase options are available for an Apple flash storage device. If you boot to recovery and try to select those options, you will see they are greyed out.
     
  10. Harry322 macrumors member

    Joined:
    Oct 11, 2005
    Location:
    Los Angeles
    #10
    "Parted Magic" can be used to perform a Secure ATA erase. I do it on my rMBP. In addition to wiping data, it also restores the SSD's factory-fresh performance. Not sure this is comparable to writing zeroes or any other erase procedure.
     
  11. Hellhammer Moderator

    Hellhammer

    Staff Member

    Joined:
    Dec 10, 2008
    Location:
    Finland
    #11
    It's better than writing zeros as ATA secure erases only erases the flash, whereas writing zeros first erases and then fills the flash with zeros. ATA secure erase is the best way to erase an SSD because it doesn't cause any extra wear and also fully restores performance, whereas zero erase can actually hurt performance, at least in short term.

    Parted Magic is a great tool for that, but any Linux distro will actually work if you use hdparm commands in Terminal (just two simple commands).
     
  12. duervo macrumors 68000

    duervo

    Joined:
    Feb 5, 2011
    #12

    It's not comparable.

    Writing zeros needs to be done on magnetic media such as a drive with spinning platters. You write zeros over the sectors on those platters to overwrite any data that's there. The more passes you make, and if you randomize the data too (not just do zeros), then the more "secure" the "erase" is.

    Flash storage is different. Something like PartedMagic is a decent tool to use, because its disk erase utility has the ability to send an ATA secure erase command directly to an SSD's controller, which (in theory) should erase everything. There is no magnetic media with flash storage. It's just 1's and 0's stored in memory cells. The issue with flash is that an SSD's controller can mark a cell as bad, even though technically it's still working ... Just "failing", which makes it no longer accessible by a user. The data's still there. Using legacy format or those traditional "secure erase, multi pass" methods will not erase the data that's there. Only the SSD's controller can do that ... Hence the need to send that ATA secure erase command to the controller.

    But wait, there's more. In the early days of SSD's, somewhere like 4-6 years ago or even earlier, not all SSD manufacturers followed the ATA specs when they made their products. If I remember right, early Sandforce controllers were bad for this. So, even if you passed a secure erase command to the controller, it wouldn't actually erase all the data that was in any region not accessible by the user. I believe all of that's been dealt with these days, so that it's most likely not a concern today, but as a general rule of thumb, if you want to be certain your data is gone, then encrypt it all before you erase. Then, maybe cross your fingers and pray that there's no unencrypted data in areas that are not accessible by anything except the drive's controller.

    Of course this is all kinda silly anyway, because you would have to be a pretty important individual or have some sort national security type data on your system in order for it to be important enough for it to be worth the effort of person with the skill and know-how to get data from those hidden regions of flash memory, and anybody in that position that would have that type of data on a portable system that is taken outside of a secure facility (even if it's encrypted) should probably be fired, but that's veering off-topic.

    Encrypt it, then boot into recovery, repartition and format.
     
  13. MarcusCarpenter macrumors 6502a

    MarcusCarpenter

    Joined:
    Feb 18, 2013
    Location:
    London
    #13
    I don't suppose you could share a tutorial on this please?
     
  14. Harry322 macrumors member

    Joined:
    Oct 11, 2005
    Location:
    Los Angeles
    #14
    It's been a while, but here's how I remember the process going:

    First off - the tricky part is getting the actual Parted Magic USB stick. A co-worker let me use his disk image, and that's been rock solid. You can probably head on over to Parted Magic's site and purchase a dongle from them.

    Once you have it, just boot up holding "opt" and then select Parted Magic. You have a choice of boot methods. The 1st one seems to work the best for me, but you may go with a different one.

    Once inside the Linux environment, select the "hard drive tools" or whatever it's called. From there you can select your SSD and perform the secure ATA erase. Be aware that if your drive is "frozen", it won't allow you to proceed. You'll need to sleep and then wake your computer to "unfreeze" the drive. This can be a pain in the ass on a Mac Pro - I had to use the terminal on another Mac and remotely sleep and wake the tower in order to get it unfrozen.

    Viola!

    Wish I could be of more help, but the process is pretty simple once you get a working thumb drive.
     
  15. MarcusCarpenter macrumors 6502a

    MarcusCarpenter

    Joined:
    Feb 18, 2013
    Location:
    London
    #15
    Thank you for that, I think I tried this before on an older retina MacBook and ended up killing the SSD, but you say you've had a good experience doing this many times?

    Thanks man
     
  16. Harry322 macrumors member

    Joined:
    Oct 11, 2005
    Location:
    Los Angeles
    #16
    I've done it dozens of times - about to perform a round of Secure ATA erases on 4 of my machines. Never had it kill one of my drives. My condolences. Can you provide any more details about how it happened? I'm sure some of the more knowledgeable users on the forum can figure out what went wrong.
     
  17. MarcusCarpenter macrumors 6502a

    MarcusCarpenter

    Joined:
    Feb 18, 2013
    Location:
    London
    #17
    I have no idea, it just came back as failed, it was replaced for free by apple though.

    I have just done a secure ATA wipe on a 2015 MacBook Pro 15 500gb and it went perfectly. The drive is even faster than it was before
     
  18. jswifty234 macrumors newbie

    Joined:
    Aug 18, 2017
    #18
    Did you have any issues with the 2015 computers not going to sleep? Im having an issue using parted on a mid 2015 Mac book pro. Every time I go to do a ata secure erase the drive is frozen. When I choose the sleep option the computer screen go blank and becomes unresponsive except for the keyboard backlit which stays lit. The only thing that can be done once this happens is to hold down the power button and restart the computer.
     
  19. english_mac_in_ny macrumors newbie

    Joined:
    Aug 10, 2017
    #19
    Just use a different linux distribution, for example an Ubuntu live dvd, or a Debian linux one. I am sure there will be one out there that supports sleep and wakes up from it, and they all run the hdparm package needed.
     
  20. MarcusCarpenter macrumors 6502a

    MarcusCarpenter

    Joined:
    Feb 18, 2013
    Location:
    London
    #20
    you need a updated version of the live CD, search parted magic 2017. there is a button to force the computer to sleep then you just close and open the lid if I remember correctly
     

Share This Page