Q: Where is SECURE ERASE FREE SPACE in El Capitan Disk Utility ?

Yes, but it's also about good housekeeping as well as security. Also, FileVault is not always convenient or practical.

MarcelloM1973 wrote:

 

This is different.. SECRUELY ERASE had different options including 7-pass erase. This means not only deleting but writen random data then 000 then random data etc.. many times up to government secure standards. DELETE IMMEDIATLY is something else.. it just jumps the EMPTY TRASH part.
There is a way... for the future... to securely delete and it's to have the drive encripted from the beginning. So everything you delete will stay encripeted. But if you have a drive already up and running and you want to securely erase empty space... at present it can't be done.. and I don't know why they took it away

Multi-pass overwrite is intended only for magnetic storage devices such as traditional rotating hard disks, and is intended as a defense against sophisticated attackers that might use advanced equipment to directly access the magnetic platters on your hard disk with slightly offset head tracking, in an attempt to recover some of the data at the extreme margins of the data tracks.   Hard disks have read-write heads, and these historically haven't been exactly aligned on track and can vary very slightly in their positioning.   This means that the hard disk read-write data is always what's last written, but that the extreme edges of the area effectively between the tracks might have some minor magnetic remnants of previous data from that part of the disk.   Older hard disks from the 1980s and 1990s had more slop and lower density than newer disks, too.  Newer disks are rather more densely encoded, and tracking is necessarily more accurate.

Normal reads and writes cannot recover single-pass overwritten data.  Again, without physically disassembling the disk and using some very expensive gear, overwritten data is not going to be recovered — outside of from bad blocks.

As for why Apple removed the option, it's because multiple-pass overwrites do not do what is expected on SSDs.   Due to wear leveling and due the caching of erased sectors due to the glacial speed of erasure on SSDs, SSDs work completely differently from hard disks.  SSDs aren't magnetic, and don't use heads that can be misaligned.

Volume encryption — FileVault 2 — avoids both the issue that multi-pass overwrites are intended to address, and avoids the problems with recovering data from bad blocks that overwrites can't address, and avoids the issues with how SSDs allocate storage.  Use an encryption key that's long enough and arcane enough to avoid brute-forcing, obviously.

Various SSDs do support the TRIM command, and SSDs can also support device-level secure erasure.   It'd be nice if some future version of OS X provided a path into the secure erasure for SSDs that implement it, but that's not currently available.   Not that I'd entirely trust the firmware within some SSDs to implement the erasure correctly, either — hence volume encryption.

If you're a target for advanced attacks or are subject to HIPAA or other regulations — and given the prices of hard disks these days — encrypt your data, get more formal help for your particular situation, and consider simply destroying the storage devices.   There are services that perform this sort of physical data destruction, and old disks just aren't worth much anyway.  But encrypt your disks.   For most folks and for most data, encrypted disks and a single-pass overwrite is sufficient.

Related threads — I've posted various links to additional supporting data here — from earlier discussions:

Re: I downloaded OS X El Capitan and lost my Secure Empty Trash, I just have Empty Trash. How can I get the Secure Empt…

Re: Erasing Hard Drive - No More "Secure" Options?

Just to ensure Apple's take on secure erase and SSDs is included here:

From: OS X: About Disk Utility's erase free space feature - Apple Support

Note: With an SSD drive, Secure Erase and Erasing Free Space are not available in Disk Utility. These options are not needed for an SSD drive because a standard erase makes it difficult to recover data from an SSD. For more security, consider turning on FileVault encryption when you start using your SSD drive.

But FileVault is far more reliable the Secure Delete.

Besides who ever said that security was going to be convenient?

iRaindrop wrote:

Yes, but it's also about good housekeeping as well as security.

Please explain what specifically a security erase has to do with "good housekeeping." Are you suggesting that a drive whose free space is filled with all zeros or some other data pattern used by secure erase algorithms is somehow more tidy or 'cleaner' than one with its free space still filled with fragments of trashed files?

Also, FileVault is not always convenient or practical.

When would this be true? Using Filevault 2 is for all practical purposes invisible to the user.

BobTheFisherman wrote:

 

Just to ensure Apple's take on secure erase and SSDs is included here:

 

From: OS X: About Disk Utility's erase free space feature - Apple Support

 

Note: With an SSD drive, Secure Erase and Erasing Free Space are not available in Disk Utility. These options are not needed for an SSD drive because a standard erase makes it difficult to recover data from an SSD. For more security, consider turning on FileVault encryption when you start using your SSD drive.

Note that this article was last updated in February 2015, & even that updated version was more than a little out of date at that time. Curiously, it says (of magnetic hard drives), "The 7-Pass Erase option conforms to the DoD 5220.22-M specification." However, the link given for more info about that takes you to the National Industrial Security Program (NISP) Wikipedia page, & its Data sanitization section explains that, "As of the June 2007 edition of the DSS C&SM, overwriting is no longer acceptable for sanitization of magnetic media; only degaussing or physical destruction is acceptable."

Moreover, the NIST link in that section references http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-88r1.pdf, which is mentioned in the DoD spec. That publication, revised in December of 2014, is worth a look by anyone concerned with "sanitizing" their data. In particular, the "Summary of Sanitization Methods" section on pages 24-25 discusses the various methods & their limitations, & the tables of Appendix A discuss the requirements by media type.

Table A-8 on pages 36-37 for Flash Memory-Based Storage Devices (including SSDs) is of particular interest. For the "Clear" method, it says in part:

Note: It is important to note that overwrite on flash-based media may significantly reduce the effective lifetime of the media and it may not sanitize the data in unmapped physical media (i.e., the old data may still remain on the media).

The "Purge" method is far more effective, but as noted that requires that the device itself must support either the ATA sanitize command or an effective cryptographic erase. That is difficult to determine without consulting the manufacture of the device, & is further complicated by differences that may be present even in different revisions of a device with the same model name.

That is probably why just below the section with the note Bob quoted from the Apple Support article is the typical disclaimer (annoyingly in small grey type so it is easy to overlook) about Apple assuming no responsibility for third party products, contacting their vendor for more info, etc.

No (that was funny) I meant good housekeeping in the sense of just deleting sensitive files that are not in File Vault, and that you don't need to keep so you just want to erase.

File Vault 2? I have 1.18 which is the latest version in the App Store.

iRaindrop wrote:

 

No (that was funny) I meant good housekeeping in the sense of just deleting sensitive files that are not in File Vault, and that you don't need to keep so you just want to erase.

 

File Vault 2? I have 1.18 which is the latest version in the App Store.

I have no idea what you mean about the latest version from the App Store. FileVault has been a built in feature of every version of OS X since OS X 10.3 (Panther). The original version (now called "legacy FileVault') could only encrypt a user's home directory. Filevault 2, introduced with OS X 10.7 (Lion), encrypts the entire startup drive. See Use FileVault to encrypt the startup disk on your Mac - Apple Support for the details.

securely erase free space el capitan

hello,

if I want to erase free space as I used to do in disk utility, what would the command for terminal look like please.

my diskutil list looks like this:

/dev/disk0 (internal, physical):

   #:                       TYPE NAME                    SIZE       IDENTIFIER

   0:      GUID_partition_scheme                        *750.2 GB   disk0

   1:                        EFI EFI                     209.7 MB   disk0s1

   2:          Apple_CoreStorage Macintosh HD            749.3 GB   disk0s2

   3:                 Apple_Boot Recovery HD             650.0 MB   disk0s3

/dev/disk1 (internal, virtual):

   #:                       TYPE NAME                    SIZE       IDENTIFIER

   0:                  Apple_HFS Macintosh HD           +748.9 GB   disk1

                                 Logical Volume on disk0s2

                                 Unencrypted

[Process completed]

MacBook Pro (15-inch, Late 2011)

El Capitan 10.11.1

I would use:  1 - Single pass randomly erase the disk.

thanks

can-do    

iRaindrop wrote:

 

No (that was funny) I meant good housekeeping in the sense of just deleting sensitive files that are not in File Vault, and that you don't need to keep so you just want to erase.

 

File Vault 2? I have 1.18 which is the latest version in the App Store.

As the entire hard drive is encrypted, how would you have a files "that are not in FileVault?"

Oh - now I see the confusion. "FileVault" vs. "File Vault".

Apple's "FileVault" (no space):

And the 3rd party app "File Vault" (with space):

Yes the whole disk is encrypted with FileVault, but so what? What if somehow someone else gets your password? What if you're sharing the computer with others? What if you're preparing it to give to someone? One can easily enumerate the possibilities. Customers want to simply delete files so that data recovery applications can't surface them. And Wondershare's data recovery program recovered files that I "deleted immediately" in El Capitan.

But given the SSD impact of "shredding", yes I can see now why Apple disabled the erase feature in Disk Utility. But if that wasn't a problem it would still be a good feature in the GUI to have.

The "File Vault" app is cool. And I use it for some data. But it's not always convenient or practical. Programmatically creating sensitive data that you must later destroy is one example . There are other 3rd party "vault" apps that you associate particular folders that maybe I should try.

Security should be convenient. Convenient security is better security.

can-do wrote:

securely erase free space el capitan

...

if I want to erase free space as I used to do in disk utility, what would the command for terminal look like please.

http://www.theinstructional.com/guides/disk-management-from-the-command-line-par t-1

MrHoffman wrote:

can-do wrote:

securely erase free space el capitan

...

if I want to erase free space as I used to do in disk utility, what would the command for terminal look like please.

 

http://www.theinstructional.com/guides/disk-management-from-the-command-line-par t-1

Maybe I missed something but from what I can tell none of the three parts of that guide mention a command for securely erasing free space, or for that matter any other secure erase command.

can-do, what I believe should work for you is the following:

diskutil secureErase freespace 1 disk1

BUT this is definitely an un-guarenteed "try at your own risk" thing, & there are several things to be aware of to minimize that risk:

1. First & foremost, since there is some risk of data loss, it is very important to have a tested backup strategy in place so that if anything goes wrong you can recover from that.

2. This command can cause excessive wear on SSD or fusion drives (& may not actually make the erased data completely unrecoverable). If you have one of these drives & feel you must use the commend, try to limit the number of times you use it.

3. Because your drive uses CoreStorage (it has a virtual volume as well as physical ones) I believe the appropriate disk identifier is disk1 (as shown above), rather than say /dev/disk0s3, but the man page for diskutil does not offer any guidance about that. To the best of my knowledge, this should be the safest choice, but please understand I have not tested it.

iRaindrop wrote:

 

I'm not one for conspiracy theories,

Really?

R C-R wrote:

 

MrHoffman wrote:

http://www.theinstructional.com/guides/disk-management-from-the-command-line-par t-1

Maybe I missed something but from what I can tell none of the three parts of that guide mention a command for securely erasing free space, or for that matter any other secure erase command.

 

It's a pointer to a good, concise and general overview of the OS X command-line command that's used for these and related tasks.