SecureErase (Category 4 - DoE 3 - Pass Secure Erase) Macintosh HD - in Terminal app

SteveHS wrote:

Thank you, John.

I tried your suggestion of adding the space after the number 4 : diskutil secureErase 4 /Volumes/Macintosh\ HD

That resulted in the following statement: "Could not find the disk hd".

I think you may have made a mistake typing the command by omitting the backslash after "Macintosh" in the path even though you are showing it in your post. The backslash is critical for the correct path in order to include the space in the path. Instead of using the backslash in the path to "escape" the space, you can include the path within double-quotes instead. Either of the two following commands are equivalent and should work:

diskutil  secureErase  4  /Volumes/Macintosh\ HD

diskutil  secureErase  4  "/Volumes/Macintosh HD"

(Please note - this procedure WAS NOT carried out in RECOVERY MODE)

Was it carried out while booted from a macOS USB installer? Or while the Mac was in Target Disk Mode connected to another Mac? Or an external full macOS boot drive? Otherwise, you cannot erase the drive you are booted from.

With solid state storage, a "secure erase" is a superfluous exercise that will accomplish exactly nothing other than to cause premature failure due to finite memory erase / write cycle limits inherent in nonvolatile memory. That is the reason Disk Utility only offers to write zeroes.

Excerpted from Erase and reformat a storage device in Disk Utility on Mac - Apple Support:

Note: With a solid-state drive (SSD), secure erase options are not available in Disk Utility. For more security, consider turning on FileVault encryption when you start using your SSD drive.

Why they are not available: Justification for "securely" erasing magnetic media is to accomplish a sufficient number of erase / write cycles as to diminish the likelihood of extracting data using magnetic force microscopy or whatever technology may supplant it. Such techniques are used by organizations with the motivation to spend essentially unlimited amounts of both time and money.

Solid state storage is not magnetic, so those techniques are not applicable to it. Just erase it and you're done.

It may interest you to know the US NSA does not even consider the traditional "secure erase" acceptable. Excerpted from their FAQ:

Do I have to destroy my storage device? Can't I reuse it?

Unfortunately, you do have to destroy your drives. CSDSR has not approved any software erasure methods. Physical destruction is the only secure way to ensure your data is gone.

... and,

I degaussed my hard drive, do I still need to destroy it? 

Yes, physically destroying a hard drive is an additional level of security and helps ensure that this drive is not accidentally mistaken for a working drive. Note: Destruction does not replace degassing. You MUST degauss your hard drive.  

So even I learned something. You have to degauss and destroy the drive 😆 Heaven forbid someone glues all the destroyed shrapnel together and subjects the wreckage to magnetic force microscopy. Your tax dollars at work!

SteveHS wrote:

Yes, that's exactly what I'm saying.

It's a Samsung 860 QVO Solid State Drive 2 TB - SATA 6 GB/s.

It was purchased and installed by a local authorized Apple technician in January of 2020.

Then all you need to do is just perform a simple erase using Disk Utility using the GUI app. When macOS "erases" an SSD, all the blocks get marked as unused during the process which makes the SSD erase them automatically. You can confirm the data on the SSD is gone by using the macOS command line utility "xxd" which can give a hexdump of the raw drive. Keep in mind there will be a small amount of data on the erased SSD at the very beginning of the drive since macOS always insists on having a partition table and file system on erased drives. But once you get past the very beginning of the drive, the data should appear as all zeroes (or whatever the default byte code is for Apple -- it will appear as a bunch of periods on the human readable text part of the hexdump screen). Replace the "X" in "diskX" with the correct drive identifier for the drive you are attempting to read. You may also need to first unmount the drive (not sure). And I mean "unmount" and not eject and may require of the command line.

xxd  /dev/diskX

The ATA Secure Erase link I provided earlier is another very easy method of quickly erasing the entire SSD using the SSD's built-in hardware secure erase feature, although it usually requires using a Linux boot disk and utility. Some SSD manufacturers provide a proprietary app to access the SSD's built-in hardware secure erase feature, but of course you cannot run it for the same drive you are booted from. Most of this proprietary software is made for Windows only, although I believe Samsung provides a Mac version of their Magician software. Once initiated, the process usually completes in less than a minute, but it does depend on the size of the SSD. This feature is an acceptable option for securely erasing a drive according to the NIST documentation.

https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-88r1.pdf

This is the best anyone can do to securely erase an SSD due to how SSDs work. The only other option is to destroy each of the NAND memory chips on the SSD. Seems like a waste to destroy a perfectly good SSD though when it would require expensive equipment and specialized knowledge to attempt to recover any data from an SSD just on the off chance an erased SSD could possibly contain any data.

Regarding the ATA Secure Erase:

• Make sure to use a simple easily remembered password with no spaces or special characters. If the erase fails, then you will need to attempt another erase, or you will need to unlock the SSD with that password to be able to use the SSD normally. If you forget the password, then the SSD becomes a brick (after all the password is technically a security feature).
• Do not use the "Enhanced Erase" on an Apple SSD. There is a chance it could brick the SSD (personal experience -- may have been a bad SSD, or perhaps a bug in the particular SSD). I've never had a problem using the basic/normal secure erase on any SSD which supports a built-in hardware secure erase, even Apple SSDs.

Also, I'm a bit curious about why you did not have Filevault enabled on this system if data security is so important now when preparing the computer for sale? If the computer was stolen, then the data would have been easily accessed by the thief or later owner. FYI, a user account password does not prevent someone with physical access to the computer or the drive from accessing data anywhere on the drive (at least for an unencrypted computer without a T2 security chip). Same goes for any backups of that computer. Filevault does not really significantly impact performance even when using a slow spinning hard drive at least once the initial encryption process has finished.

SteveHS wrote:

Yes, that's exactly what I'm saying.

It's a Samsung 860 QVO Solid State Drive 2 TB - SATA 6 GB/s.

It was purchased and installed by a local authorized Apple technician in January of 2020.

Okay, the pattern overwrite arose in the era before embedded servo tracking in hard disks (~1990), with floppy disks, and way, way, way before SSDs became endemic. Old HDDs were, well, sloppy about tracking. That’s no longer the case. And SSDs have no means of overwrite, as they continuously re-vector storage on each write for performance and wear leveling reasons. Each write to the same sector goes to different storage. SSDs also necessarily erase sectors before any re-use. Further, the default on macOS is to use disk encryption, which means the keys are needed to access any data that isn’t otherwise clobbered.

Which in aggregate means an overwrite clears all data, and means the data is already unreadable.

If the SSD itself supports ATA SECURITY ERASE UNIT command, things get easier.

Based in the specs, it appears this SSD device does support the ATA SECURITY ERASE UNIT command, and there is Windows software available to trigger it.

Bootable Linux is another path to trigger: https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase

Here’s a write-up in using a rescue CD and ATA SECURITY ERASE UNIT that I’d try: https://www.uvm.edu/it/kb/article/secure-erase/

Starting on Monterey with a T2 Mac, use the Secure Erase mechanism: Erase all content and settings on Mac - Apple Support

Per US NIST SP 800-88 (and which is new enough to cover SSDs), ATA SECURITY ERASE UNIT is sufficient: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-88r1.pdf#page55

It appears you are trying to erase the same disk you are currently booted from (your startup disk). You can't do that.

Boot into Recovery Mode and run Disk Utility from there.

I will move forward with finding someone who can guide me through a level 4 Secure Erase procedure.

Did you try booting the Internet version of macOS Recovery as I explained?

John Galt wrote:

The Shift-Option-Command-R startup key chord will allow you to use the version of Terminal that came with that Mac back in 2012, considering subsequent versions of diskutil have eliminated certain options.

That version of diskutil might permit the secureErase 4 option you seek to accomplish.

The obvious error in your initial attempt to use that command is that a space character is required after the option 4. That is at least one reason Terminal objected to the command as entered.

In other words,

diskutil secureErase 4 /Volumes/Macintosh\ HD

There may be other reasons for its objection but see if the above gets you any closer to what you want.

I no longer use any Macs that incorporate internal hard disk drives. That limits my ability to help but I might be able to cobble something together if need be.

When I attempted to duplicate what you're doing I ran into the same problem. The solution was to use eraseVolume as that description indicated:

diskutil eraseVolume APFS test /Volumes/Macintosh\ HD

... in which test is the name of the newly erased volume. That worked.

• Edit to add: zeroDisk or randomDisk will probably work too, followed by eraseVolume. I didn't try either one. I don't want to prematurely wear out my Mac's expensive storage.

As you are now aware merely erasing flash memory is sufficient. I suspect your attempts to use secureErase are failing due to the fact it should not be used with SSDs.

May I assume you are frustrated at the inability to do something on macOS that you were easily able to accomplish with Microsoft Windows? If so bear in mind Windows has to be written for generic hardware over which Microsoft has no control. A "secure erase" is exactly as worthless and potentially damaging for Windows PCs that use flash memory, but Microsoft has no way to anticipate what hardware will be used for Windows. If a user wants to "secure erase" a PC so equipped, Windows indulges the hapless user. Microsoft won't care if you ruin a PC by doing that, and all the PC manufacturer will say is that the user did something dumb and they're not responsible either.

On the other hand Apple bears sole responsibility for the whole product — hardware and software — and goes through Herculean efforts to protect users from themselves.

... The end goal is to sell my computer

Since I didn't mention it yet, refer to What to do before you sell, give away, or trade in your Mac - Apple Support.

Step 7 redirects to Use Disk Utility to erase an Intel-based Mac - Apple Support.

If that version of Disk Utility does not offer the "secure erase" option you seek, How to reinstall macOS - Apple Support contains these additional instructions under Other macOS installation options:

• On an Intel-based Mac, you can use Shift-Option-Command-R during startup to be offered the macOS that came with your Mac, or the closest version still available.

That version of Disk Utility may contain the "secure erase" option. Which, as I wrote, is not required if you encrypted the startup disk.

If you boot that Mac's Internet version of Recovery using the appropriate key chord, you will be able to use its version of Disk Utility to perform "secure erase" you desire:

It performs the exact same action as diskutil secureErase 4

The "Most Secure" option:

... could take a month to finish, so you may want to use an uninterruptible power supply and a gas / diesel generator. If the iMac's power were to be suddenly interrupted during that period of time I don't know what would happen. The drive could be rendered permanently inoperable. Perhaps that would be "mission accomplished" 😆

If you encrypted that disk with FileVault, then there is no need to do anything except erase it in the usual manner.

Encrypt Mac data with FileVault - Apple Support

Files on a FileVault encrypted disk are inaccessible without its encryption key, which is created with the FV password. Erasing the disk erases that key.

SteveHS wrote:

These are the results from the (2) recently suggested parameters spacing (in recovery mode)::

[-bash-3.2# diskutil secureErase 4 /Volumes/Macintosh\HD

Could not find the disk /Volumes/MacintoshHD

You missed the space between the backslash and the "HD". Normally a space is a special separator character so the backslash basically tells bash that the space following the backslash is meant to be part of the same option/entity which in this case is a path. Without the backslash, the space indicates to bash that another option for the command is present.

https://linuxhint.com/deal-spaces-file-path-linux/

[-bash-3.2# diskutil secureErase 4 "/Volumes/Macintosh HD"

A whole disk must be specified when doing secureErase without the

"freespace" option; if you need to wipe a single partition, you must

use diskutil zeroDisk or diskutil randomDisk but you will subsequently

need to reformat (newfs) the partition with "diskutil eraseVolume"

[-bash-3.2#

I was wondering about this command requiring the whole drive. Seems the whole drive must be erased when performing the secure erase unless choosing the erase free space option. Like I mentioned earlier, very few people on these forums tend to use some of these less used and more obscure options and the Apple documentation is not always clear.

Remove the drive, secure erase on a system that is not going to fight you about using a level 4 erase, then put the drive back.

Then use Internet Recovery mode to install a clean macOS version.

I won't dissuade you from using Terminal if you wish. Considering your goal is assured data destruction, you won't be risking anything.

The Shift-Option-Command-R startup key chord will allow you to use the version of Terminal that came with that Mac back in 2012, considering subsequent versions of diskutil have eliminated certain options.

man diskutil and scroll to the end for its (recent) history.

I would be remiss if I did not point out the NOTE in its description of secureErase — not that it applies in your case, since your concern is magnetic media. I point it out only for readers who may run across this Discussion years from now, when hard disk drives are relegated to the ash heap of computing history... where they belong.

And, yes, I could just remove the hard drive and hammer it into oblivion, but that's not what I wish to do.

I prefer a similar technique, performed at a safe distance.

Is simply re-installing MacOS Catalina (over-writing the current MacOS operating system) sufficient considering the fact this system is operating off of an SSD?

Follow What to do before you sell, give away, or trade in your Mac - Apple Support.

We have come full circle.

It is also possible the hard drive for a 2012 computer is worn out and failing which is why it may be taking longer to complete each pass.

If you just want to perform a secure erase and don't require multiple passes, then how about booting from a Knoppix LInux USB stick and utilizing the hard drive's built-in hardware secure erase feature? For a hard drive, this built-in hardware secure erase feature does nothing more than write zeroes to the entire drive, but it may perform a bit faster than manually writing zeroes to the drive through software. This is also the best way to securely erase an SSD without causing undue wear to the SSD, plus it may fix some SSD issues since an SSD's built-in hardware secure erase feature also resets an SSD to factory defaults.

https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase

Of course @John Galt's suggestion for encrypting the drive first followed by a simple erase is problem the best & easiest option for most people. Keep in mind that Apple is removing features from macOS with the secure erase feature being one of them which was removed from the Disk Utility GUI since it would wear out SSDs, but the feature still remains within the command line version of "diskutil" although I have never used it.