Secure erase USB – Stick or Hard Disk on Mac OS X

Mac OS X brings a build in solution for secure erasing hard disks or usb devices. The option you should choose depends on what data where stored on the device you want to delete.

For example if you want to sell your old private hard disc with all your private photos your tax information etc. on it, you should have some time to delete it secure. If it’s just a usb stick with some music on it you maybe can safe some time and choose a faster option. If the device is for business use and it has high secure information stored on the it you should think about selling this device. In some cases it’s better to erase the data and destroy the device to make it not useable for anybody.

I use the Disk Utility to do this job. There are some console methods as well but they do the same thing. The erase mechanism which is built in the Disk Utility is certified by government institutions (Department of Defens) of the US and should do its job. If you need higher or different security certification you maybe can check the German BSI homepage for information about alternative tools and methods.

Disk Utiltiy Screenshot

Select the Secure Erase Options which fits best to your needs.

Secure Erase Options Screenshot

Secure Erase USB Stick Disk Utility

3 thoughts on “Secure erase USB – Stick or Hard Disk on Mac OS X

  1. John

    I understand this works with standard hard drives, but I have read elsewhere that it is virtually impossible to securely erase a solid state drive, be it a USB stick or a built-in SSD. Is it really this easy?

    Reply
  2. Bernd

    It is not!
    The info is misleading.
    Try it yourself and you will see that recovery programs easily find all of your files.
    Even if you fill up the stick to the neck and format it a hundred times.
    SSDs can be erased with a factory command.

    Reply
    1. Dominik Zajac Post author

      Hi Bernd,

      so if you fill up the stick 100 time with different data, you will be possible to recover all this data? I agree that it is easily possible to restore data which is not overwritten properly. With the magic going on in SSD controlers and some internal RAID or other moves to speed up things it migth be possible to find some shadow copies of data. But to say that a multiple override of hard discs or usb sticks does not destroy the data stored on it seems not to be true to me. I am not aware of the implementation of this Apple, tool. But if it does what is says it should be hard and expensive for normal attackes to restore the data. But I would love to learn more about the tools you talked about, maybe you can share some links to test it?

      Here are some very well known papers on this topic:

      https://www.anti-forensics.com/disk-wiping-one-pass-is-enough/
      https://www.nber.org/sys-admin/overwritten-data-guttman.html
      https://www.anti-forensics.com/disk-wiping-one-pass-is-enough-part-2-this-time-with-screenshots/

      This papers are focused on discs, as I mentioned with chip based storage you need to know how the logic on internal raids and the controler is handling the override of data. But it should be possible to force the controler to override the existing data, or override it until the controler does it anyways.

      Regards,

      Dominik

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *