brian_c

Q: securely erasing an internal SSD

A friend (really, it WAS a friend!) recently fell for a scam wherein a popup appeared on their screen claiming to be from Apple and advised them call a phone number for assistance with an urgent issue with their Mac   They did, and granted remote access to their system to whatever shady scammer was on the other end of the line.  Eventually they figured out something was up and disconnected from the internet.

 

So now, I'm tasked with fixing this mess.  If it was a spinning HD, I'd be fine... but they have an SSD as their boot drive, and I'm less familiar with security on SSDs.  What's the best approach to securely zeroing everything when an SSD is involved (and how long might it take to perform the operation on a 256GB volume?

MacBook Pro, OS X Yosemite (10.10), Mid-2010 15", i5, 2.4GHz, 8GB RAM

Posted on Aug 14, 2015 5:16 AM

Close

Q: securely erasing an internal SSD

  • All replies
  • Helpful answers

Previous Page 2
  • by iW00,

    iW00 iW00 Aug 14, 2015 10:05 AM in response to Mini-Mac
    Level 4 (1,349 points)
    Aug 14, 2015 10:05 AM in response to Mini-Mac

    Mini-Mac wrote:

     

    Using a Thunderbolt cable and another Apple computer is BY FAR the fastest and easiest.....if you want to or need to secure erase

    Maybe. But first you need to have an access to another Mac and Thunderbolt cable. And if you don't, then this might be a quiet expensive solution compering to buying USB Memory Stick or booting your Mac into Internet Recovery...

  • by Csound1,

    Csound1 Csound1 Aug 14, 2015 10:08 AM in response to Mini-Mac
    Level 9 (50,412 points)
    Desktops
    Aug 14, 2015 10:08 AM in response to Mini-Mac

    Mini-Mac wrote:

     

    Linc Davis wrote:

     

    "Securely erasing" the SSD, even if you could do it (which you can't), would be pointless. What you actually need to do is restore the system from a backup taken just before the attack, if there is one.

    .....of course you CAN secure erase a SSD

    You're really stuck on this aren't you.

  • by Kurt Lang,

    Kurt Lang Kurt Lang Aug 14, 2015 10:17 AM in response to iW00
    Level 8 (37,815 points)
    Mac OS X
    Aug 14, 2015 10:17 AM in response to iW00

    Secure erasing an SSD damages the unit. Don't do it. Secure erase was designed for magnetic drives.

     

    Here's part of an article explaining the process for attempting to retrieve overwritten data from a few years back. Apologies to the author, I didn't save his name so as to give proper credit here.

     

    Once the disk clusters that were occupied by a deleted file have been overwritten with new data, the file is gone forever. Or is it? In fact, the old data may still be present on the magnetic media, as a kind of wiggle in the waveforms that represent the data. Using intricate, high-tech equipment, technicians first copy the exact waveform recorded on an area of the disk, without translating the signal into bits and bytes. They then generate a perfect waveform representing the corresponding data bits, subtract the perfect waveform from the actual waveform, and amplify the differences. When successful, this process recovers the data previously stored in the specified area of the disk. Theoretically, you can even repeat the process, obtaining yet an earlier chunk of data. Physical limitations preclude more than seven repetitions of the recovery process. That doesn't mean you can recover seven layers of data, only that you can't recover more than seven. This level of recovery must be performed by experts, and is painstaking and expensive. In most cases, recreating the lost data from scratch is more cost-effective.

     

    Note that doing this takes specialized equipment which costs thousands of dollars. There is no consumer level software you can buy that has even a slim chance of recovering data which has been written over even only once. So unless you have access to expensive hardware which can maybe, but successfully dig lower than seven passes of other data, your data is for all intents and purposes, gone. Seven passes is considered secure by the U.S. government for all but the most sensitive data. For that, they literally take a hatchet to the drive platters and break them apart. A 35 pass erase is extreme overkill that accomplishes literally only one thing - prematurely wearing out the drive.

     

    None of this applies to SSDs. This procedure works with magnetic coated media disks because the data is NOT written in digital form. It's analog waveform data.

  • by iW00,

    iW00 iW00 Aug 14, 2015 12:02 PM in response to Kurt Lang
    Level 4 (1,349 points)
    Aug 14, 2015 12:02 PM in response to Kurt Lang

    Thanks Kurt but it isn't me who you should try to convinced that there is no need to perform Secure Erase on SSD. Two times in this thread I have mentioned already, that simple erase on SSD would do the job.

     

    I'm aware why Disk Utility do not offer Secure Erase for SSD drive.

  • by Kurt Lang,

    Kurt Lang Kurt Lang Aug 14, 2015 12:06 PM in response to iW00
    Level 8 (37,815 points)
    Mac OS X
    Aug 14, 2015 12:06 PM in response to iW00

    Ah. Sorry. You mentioned connecting with a Thunderbolt cable and another Mac above. It reads as if you're suggesting a method to do so. Should have looked back a little further.

Previous Page 2