Secure-erasing your Mac disk is no longer secure, Apple says | Cult of Mac

Secure-erasing your Mac’s disks is no longer secure, Apple says


secure erase
Encrypting your disk is way safer than trying to 'secure' erase it.
Photo: Charlie Sorrel/Cult of Mac

In the olden days, when you wanted to replace your hard drive with a bigger one, you’d run a “secure erase” on it to completely remove any personal data. This would write zeros to the entire disk, overwriting anything already there.

But now, thanks to advances in storage tech, this no longer does the trick. (Not that you can change your own Mac SSDs now anyway.) The new secure-erase, says Apple, is to just encrypt your disk.

What’s wrong with just putting everything in the trash?

Computers don’t actually delete much when you move your files to the trash. They just pretend that those files are no longer there, marking the space they occupy as free. Then, at some time in the future, those bits may be overwritten with new bits, from a new file. This is how recovery software works. It lets you find your deleted photos, as long as nothing has been written over them since you “deleted” them.

Secure erase writes data over those orphaned files (from once to 35 times on the Mac) until they can no longer be recovered. But in the manual for Apple’s Disk Utility (available to read in the Mac’s Terminal app by typing man diskutil), you can read why Apple no longer considers this approach secure:

NOTE: This kind of secure erase is no longer considered safe because modern devices have wear-leveling, block-sparing, and possibly-persistent cache hardware.

The modern solution for quickly and securely erasing your data is strong encryption, with which mere destruction of the key more or less instantly renders your data irretrievable in practical terms.

Hard drive security: Encryption vs. secure erase

An encrypted disk can’t be read at all without the key to unlock it. And if you delete that key, all that remains is the encrypted data, which is just unintelligible gibberish.

The storage of your iPhone and iPad is encrypted by default, which is why you can use the Erase All Content and Settings (under General > Reset in the Settings app) to wipe your iOS device instantly. This comes in very handy when taking the iPhone in for repair, for example. It means you can keep using your iPhone until the moment you hand it over, and then erase it in a few moments. (Just make sure you have a current backup to restore from.)

On the Mac, you must enable FileVault to get full-disk encryption. However, if you set up a new Mac since OS X Yosemite, you probably already did that. In Yosemite, Apple checks the box to enable FileVault during the setup process. In order to not use FileVault, you must explicitly opt out. This is good for almost everyone, in most cases. In fact, between that and the T2 security chip, the Mac is almost as impervious to a hands-on attack as the iPhone and iPad.

So, to sum up: Don’t bother with secure-erasing your Mac disk. Instead, make sure to encrypt it from the very beginning.


Daily round-ups or a weekly refresher, straight from Cult of Mac to your inbox.

  • The Weekender

    The week's best Apple news, reviews and how-tos from Cult of Mac, every Saturday morning. Our readers say: "Thank you guys for always posting cool stuff" -- Vaughn Nevins. "Very informative" -- Kenly Xavier.