Is there good BleachBit analog for Mac OS X?

You could throw them in the Trash and Secure Erase the trash.

There is also a secure remove (srm) in the Terminal. You could wrap that in an Automator Service and right-click on the things you want to delete, choose the service from the contextual menu and let it erase the items.

It has options to do a single pass of random data, seven passes, or the default 35-pass Gutmann algorithm.

Some info here: http://srm.sourceforge.net

If you want to build the Automator Service, let me know. It isn’t really difficult.

Also, don’t forget your backups.

In terms of its disk functions, BleatchBit seeks to retrofit what's sometimes called erase-on-delete and highwater marking, and some other terms. The term disk scrubbing is sometimes used in this context, both to overwrite previously-written and now residual data in the sector, and also to locate disk errors in the background. These approaches are particularly intended as a way to avoid disk scavenging on hard disks. Of preventing folks from reading data from previously-written disk sectors.

Here's the wrinkle: SSDs don't work that way. SSDs do not work entirely the same as hard disks. Not in this particular aspect. You cannot overwrite a sector. You'll write — not overwrite — a different (previously) erased sector. With a hard disk, a write to a sector will always overwrite that same sector, barring a disk error and a sector revector (replacement) operation. This because an SSD seeks to perform what's called "wear leveling" across the entire disk, rather than allowing a user or an application to wear out specific sectors through repeated overwrites.

In short, any overwrite function is ineffective on wear-leveling SSDs.

SSDs use TRIM and a device secure erase, and it's the operating system and the file system that knows what is (or is not) allocated.

Which is also why encryption is recommended. Now the revectoring operation on hard disks is why you probably want to encrypt that data, too. Plus encryption works when the disk or the computer walks out the door unexpectedly, or when it gets swapped after some failure.

Now there can also be discussions of reading and transferring sensitive data puts you squarely into what's called mandatory access control security (confusingly, MAC) and related processing. That's a whole different can of worms, and has to do with the labels associated with the data, and with propagating those labels around as the data is cut-and-pasted or copied. This sort of mandatory security is generally not something most folks want to undertake, as it's complex to configure and to manage, and most definitely constrains the users and their normal activities of moving data around the system.

Apple posted a security whitepaper a while back, which might provide you with an overview of OS X security.

Okay forget about BleachBit, as it also has features that are not good for us. I'll try to explain it this way:

It would be nice to have something like an automator script repository offering scripts for example only to:

• reset default document templates from some 3rd party office suite,
• reset "recent documents" and "last video/audio file position" from some 3rd party media player,
• reset history from some 3rd party browser,
• reset picture preview cache of some 3rd party image processing software
• etc.

So you can select exactly the features you want and probably add your own scripts to the repository, so other users can benefit from it. Maybo optional for current user and all users, if admin rights are present.

Not necessarily "secure delete" simply remove those things. A little like logging in and out with the guest user, but with the opportunity to select persistent things.

BleachBit probably focuses on something else, from my point of view and how I understood the ops initial question this is what I'ld like to have.

All of this doesn't have much to do with SSD/HDD, secure deletion, so it also doesn't have much to do with FileVault or TimeMachine.

Sorry if I was missleading here, I tried to clear that before and only mentioned it again to explain my probably stupid suggestions.

Please also understand that I still found your answers very interesting and educating.

smWiMi wrote:

Okay forget about BleachBit, as it also has features that are not good for us. I'll try to explain it this way:

It would be nice to have something like an automator script repository offering scripts for example only to:

• reset default document templates from some 3rd party office suite,
• reset "recent documents" and "last video/audio file position" from some 3rd party media player,
• reset history from some 3rd party browser,
• reset picture preview cache of some 3rd party image processing software
• etc.

So you can select exactly the features you want and probably add your own scripts to the repository, so other users can benefit from it. Maybo optional for current user and all users, if admin rights are present.

Not necessarily "secure delete" simply remove those things. A little like logging in and out with the guest user, but with the opportunity to select persistent things.

BleachBit probably focuses on something else, from my point of view and how I understood the ops initial question this is what I'ld like to have.

All of this doesn't have much to do with SSD/HDD, secure deletion, so it also doesn't have much to do with FileVault or TimeMachine.

Sorry if I was missleading here, I tried to clear that before and only mentioned it again to explain my probably stupid suggestions.

Please also understand that I still found your answers very interesting and educating.

Maybe you should be starting a "New" thread describing your "Needs", so that all the security concerns in this thread are not confusing your scripting desires.

In the new thread, Describe what files/folders you need reset.

If they are in a specific location, please specify.

If they are for a specific application (or applications) please specify.

In the new thread, Describe your desired triggers.

Please try to be specific about your triggers, because if you do not know, someone else will not know for you.

aak77 wrote:

A separate question is whether those wiping methods (zeroing, random, DoD, Gutmann atc.) are (1) required and (2) effective when talking about sanitisation of SSD? I don't think it would be too far from the truth if I say that 90 to 100 percent of modern Apple notebooks are equipped with SSDs. And they are somewhat different from traditional HDDs, including ways of sanitisation.

I Don't know how to resolve the first part besides just encrypting the entire drive with FileVault.

I have seen reports that the only way to "sanitize" an SSD is to destroy it, into ver small pieces. If true, then encryption would be the only defense.

aak77 wrote:

Just migrating from PC world and looking for good analog for BleachBit (http://bleachbit.sourceforge.net/) application. The goal is to have an easy-to-use yet effective, scaling and adjustable tool to cleanup sensitive data spills - temporary files, web history, cookies, messaging history, logs etc. etc. Primary focus is on privacy guarding here, not on system speed improvement. Would be great if it's open-source, may be not free though.

I'd appreciate any advice. Cheers and thanks!

Enable Apple's FileVault 2. That is free, supported by Apple, and it prevents all of the sorts of sensitive data leakage that you've listed here, and more.

srm (which is part of OS X, BTW — launch Terminal.app and see man srm — be very careful where you aim that tool), won't particularly help with SSDs as you have to use the secure erase function with the SSD or somehow force the device to reuse and overwrite all of the storage irrespective of the wear leveling used in SSDs, nor is srm or similar sorts of block overwriting particularly effective against any data that's been stored in revectored blocks on hard disks; in blocks with errors. This probably isn't a huge issue.

Multi-pass overwrites like srm and diskutil secureErase are arguably a waste of time on recent disks, and overwriting once or maybe twice should do fine. (If you think you need more security than that, you're probably working with far more sensitive data than most users, and should seek specific technical and legal guidance, and not a reply some somebody in a user forum. You'll probably then be pointed at specific full-disk encryption and at physical device destruction, if what I've seen recommended in the past for secure sites is any guide, but do check with your site security contact or site security officer directly. Even Gutmann himself doesn't think folks need 35-pass on any even remotely-recent hardware. Bulk overwrite, or use the secure erase function, or physically destroy ("slag") the storage device.)

But rather than dealing with cleaning up after and thus better and easier, just encrypt the data on the disk with FileVault from the start, and that means that any bad blocks that might arise and any blocks that haven't been reused within an SSD are all encrypted.

Various add-on packages that claim to protect, secure, clean, prevent malware infestations or other such tasks are a longstanding cause of problems with OS X that get discussed around the forums. Anti-malware and anti-virus tools and cleaning tools are quite popular ways to destabilize OS X in recent months, too. (Some of those same sorts of tools are why various Windows systems were unstable, and OS X can also end up unstable due to some of the add-on packages that are around.)

I know this thread is dead for some time, but I think it's better to reply here than to open a new one, isn't it? The ops' question isn't answered yet and I am also curious about this.

How does disk encryption secure an online system from having sensitive data read? Afaik it only helps when the system is shut down. I know of all the crapware saying it would speed up your mac by deleting temp files and sensitive data, that's why this discussion is interesting and necessary.

In Windows and Linux worlds bleachbit is a trustworthy piece of software being highly configuratable and transparent. Something like that would be interesting for many OS X users. And as the op said, it should be open source for obvious reasons, while it would be absolutely okay if it wasn't free.

How does disk encryption secure an online system from having sensitive data read?

It doesn't. Short of access restrictions, there isn't a way to do that. If you restrict read, you might as well not store the data in the first place as nobody would be able to use it.

.In Windows and Linux worlds bleachbit is a trustworthy piece of software being highly configuratable and transparent.

It still does not alter the shortcomings of trying to delete what was once written. The reasons Apple dropped secure erase are not a software limitation, but a physical limitation of the storage medium. No software can write over damage bits that can still be read. As Mr Hoffman stated, this may be limited use data, but that alone makes the tool unreliable. I'm pretty sure Apple isn't going to guarantee "secure erase" when it may not be possible. BleachBits may not care, and that would open up a nitch market for them. They wouldn't have to do much more that write a wrapper around srm and sell it to the unsuspecting. However, you can do the same thing in Automator.

ps: to attempt a complete overwrite of an SSD — outside of any permanently bad sectors, which may not be or are not accessible — any overwrite tool must write the entire SSD contents of data plus perform enough additional writes to the SSD to force the "hidden" spare sectors present to all be erased and reused.

Hard disks also have spare sectors, though those are used for replacements for disk sector errors.

But the most secure and most appropriate way is to request the SSD device itself trigger a secure erase. To tell the disk "erase yourself", just as TRIM tells the disk "these sectors are now free, please add them to the queue of sectors to prepare for reuse". Without TRIM, it's the overwrite that tells the SSD the sector is now free. But since the erase is both necessary and very slow, the SSD maintains a pool of already-initialized sectors for faster writes. TRIM helps with that.

Encrypting your data with a secure key and a secure cipher avoids the particular issues discussed here.

Multiple overwrites are an old hard disk requirement, around the head servo placement. There used to be some slight slop in that — particularly with floppy disks — and it was possible to detect data by deliberately mis-positioning the read heads. This approach has become rather less consequential on hard disks with the current track densities, but sure, overwrite some number of times. Alas, there are no servos in SSDs, and no read heads to position, much less mis-position.

Physically destroying the disk is a common approach for particularly sensitive data, whether for hard disks or SSDs.

Thanks for all your effort and sharing your expertise. I am not enitrely sure if the op and me have the same goal. I am aware of how ssds work and how "secure deletion" known from hdds doesn't make sense here, as it would only be possible through special hardware support provided by the manufacturer of the ssd or its controller.

I am not trying to find a software that "securly deletes" files. I also know that apple always thinks of certain usual scenarios where it's devices work perfectly, unfortunately at my job we need to use them differently.

For example we need to share user accounts among employees. Here it would be nice to have a one click solution cleaning all the "recently..." lists and temporary document files of certain applications. (There might be a best practise for OS X software for all of that which is used in most cases, but at least all the ported stuff written in qt, java, or for Xserver usually have there own ways and places.)

Most of us don't really care but I am always concerned as it's my responsibily to keep our devices according to privacy laws of our state, and obviously some employees don't strictly seperate personal and business related use of our devices all the time. All of this can be achieved through automator if you know how and where all the different applications save those things.

Something like bleach bit would be nice though, as everyone who finds out about the behaviour of some software shares it among all the other users, so all the most common software is already in there with different options. (Recenty used documents, recently downloaded files, recently used login user names etc., depending on the software and all with description what it really does and what effects it might have.) As you already said, it's maybe a nieche and the original question "is there such a software" can be answered with "not that we know of".

Just in case someone stumbles over this thread with a similar question:

Onyx and Maintenence from http://www.titanium.free.fr/ seem to have some clean up functions more transparent and reasonable than all the "Speed Up/CleanUp"-crapware you can find. Still users should read the documentation carefully and know what they do. Secure Erase on SSDs is questionable (read MrHoffmanns post about this), something like BleachBit or a port of it is not known to anyone who answered here yet.

Regards and thanks for your time and input Barney and MrHoffman!

smWiMi

smWiMi: If your question is not concerned with secure deletion, then please start your own thread.

Secure deletion is no different than deletion on SSDs. Same underlying issues. SSDs work very differently than hard disks, here.

Add-ons that attempt to optimize, clean, protect, secure, scrub or otherwise attempt to extend or enhance OS X are a very common cause of problems with OS X and applications, too. Encrypt your disk data with FileVault 2. Use TRIM. Use secure passwords. OS X will do the work for you, and will protect your data.

None of what's been linked seems likely to be particularly useful with SSD storage, either. (See previous replies for why.)

Some of many vendors of OS X addons have suffered customer data breaches, and some of the add-on products have had security security vulnerabilities. If you're concerned about security, the less you add onto OS X, the less there is for somebody to attack.

MrHoffmann: I found this thread and answered to it because it is exactly about what I am looking for and not about secure deletion. The op added secure deletion on ssds as a seperate question in his second reply, still as far as I understand this thread is about what I was writing about: A BleachBit equivalent for OS X, or to quote:

aak77 wrote:

The goal is to have an easy-to-use yet effective, scaling and adjustable tool to cleanup sensitive data spills - temporary files, web history, cookies, messaging history, logs etc. etc. Primary focus is on privacy guarding here, not on system speed improvement. Would be great if it's open-source, may be not free though.

...

Knowing the things which should be wiped is the issue. BleachBit AFAIK is actually a kind of what you suggest. It has srm-like thing built in and a bunch of OS and application-specific rules attached telling BleachBit what to look for and wipe. These rules are expandable- some come preset, some you can download and add (for example, what to clean if MS Office is installed, or Firefox or iTunes etc). You also can write those rules and add them yourself. And publish for others. All in one, it makes quite effective and user-friendly set.

Still thanks for the additional information.

Bleachbit is a product which is not intended for, not designed for and does not work as intended with SSDs. The underlying issue here is exactly the same with simple delete, scrubbing and free-space erasure, as with secure delete, too. Again, Bleachbit is not intended for SSDs.

As for the cache cleaners and Windows-style system housecleaning and maintenance tools? OS X includes those. The add-on packages that purport to perform those tasks have a long and problematic history on OS X, too. The folks that install those have ended up having stability and run-time problems, application hangs and crashes, and other untoward behavior in more than a few cases. Various of these tools have introduced security vulnerabilities, too — various of the well-known anti-virus tools have had egregious weaknesses, for instance. The caches and temporary files will be cleaned up automatically by OS X. In combination with full disk encryption and a robust password, the system data is secure. (Get a password manager or just use Keychain, too. But I digress.)

Even the folks selling the security add-ons are publicly indicating the products are far less effective than most realize, and are getting less effective.

I very do not and cannot recommend filling your Mac with these tools. I've seen too many of these configurations go wrong. Badly wrong.

Using the features of OS X — good passwords, secure settings, full disk encryption, getting Time Machine and/or other backups going, learning to mistrust all arriving attachments and all marketing popups and recognizing social engineering — is the preferred alternative. Because the add-ons won't help here.

Me and as far as I understood him the op did not look for secure deletion software in the first place. Also we did not look for a software that cleans caches and so on. Okay, the software products I suggested are also not what we search and come with risks if they're used without thinking.

The information you provided is great and I would tell every common OS X user the same. Also I thank you for being so helpfull. The only reason I use those cleaners now and then are to create low profile disk images for purposes time machine doesn't support.

I think I won't manage to explain what I search and why there is a reasonable purpose for what I mean as I tried without success. As this thread is so old I doubt that the op still follows it. So please don't mind, there's no need to repeat things that have already been written.

So thanks for your time, I can only continue trying to convince my superior that we shouldn't do things as we do, knowing that we won't change it because it would take too much work hours.