Erasing Hard Drive - No More "Secure" Options?

There are quite a few posts here regarding that - you might want to do a search; here is one of them:

Secure Empty Trash missing on El Capitan

Personally, I've only used a 3 pass erase/write if I was going to sell the machine; since no one has access to it, I've never seen the necessity. When my MBP's SSD goes, I will be taking a hammer to it and reinstall the original hard drive.

Disk Utility in El Capitan has the same security options as it did in Yosemite for erasing volumes.

From step 4 of the Disk Utility help topic Disk Utility (El Capitan): Erase a volume:

To prevent the erased files from being recovered, click Security Options, use the slider to choose how many times to write over the erased data, then click OK.

Writing over the data three times meets the U.S. Department of Energy standard for securely erasing magnetic media. Writing over the data seven times meets the U.S. Department of Defense 5220-22-M standard.

If you do not see the Security Options button in the drop down window after clicking Disk Utility's erase button, it means you selected the "parent" disk, not a "child" volume indented underneath it in the list of disks on the left.

When you format using Disk Utility it only erases the disk index, it's a very quick operation. The files are still "on the disk" but are not visible or readily available to you without tools specific for "undeleting" them, and it's no gauretee you will be able to restore then in the event you use those applications.

the files will become written over as if they were never there in the first place as you use the drive for your needs.

M5Marco wrote:

I want to erase my entire hard drive and start fresh as I mentioned in the OP above. I click Macintosh HD, choose erase, and it erases the entire thing in a matter of seconds. I don't see any security options. Am I missing something?

Like I said, in the El Capitan version of Disk Utility you have security options only for erasing volumes, so if you select the hard drive itself you won't see the Security Options button. There is generally no reason to securely erase the entire HD since nothing not contained in its volumes contains any sensitive data -- it is just the same stuff that anyone can download from Apple.

But if for some reason you want to securely delete what is currently on your Macintosh HD volume, you can do that by selecting it so that the Security Options button will appear. Of course, you can't do this while booted up from that volume (because the OS would be erasing itself) so you will need to start up from something else, typically the Recovery System, which is one reason why you can't erase the entire drive (because that would wipe out the Recovery HD partition along with everything else).

Once the Macintosh HD volume has been securely erased by Disk Utility running from the Recovery HD partition (& the single pass option is generally adequate for making anything in it unrecoverable) you can then quit DU & choose the install option.

M5Marco wrote:

http://www.macissues.com/2015/10/03/how-to-securely-delete-files-in-os-x-10-11-e l-capitan/

Seems to say the secure erase function no longer works because Apple said it wasn't gaurentee to work in the past. So the function is no longer available. ****

Unfortunately, that article does not make very clear the distinction between securely erasing an entire volume & securely emptying files in the trash or just the free space on a volume. That has caused a lot of confusion among users.

While it is true that there is no way to guarantee that any secure erase of a SSD will actually erase all vestiges of the data previously on it, securely erasing an entire volume will overwrite every part of it accessible to the OS, which includes file system locations that would not be touched by securely emptying the trash, or are being used for caches & the like that could contain all or part of a file's data which are not marked as free space.

IOW, securely erasing the entire volume ignores where in its file system data might be stored & overwrites all of it, including the part used to store the info about the file system itself. This isn't perfect but it is as good as it gets, short of physically destroying the drive.

When you select the volume and press the erase, in the popup window in

the lower left corner should be a button "Security Options...". Pressing

that should bring up the dialog with a slider for different levels of erase.

M5Marco wrote:

popup comes on screen with my only choices being name, format, and then the erase button. I do not see anywhere any options for secure erase. Is there something I am missing here?

I don't know what to tell you other than it works for me. Below is a photo I took of the screen of my iMac booted into the Recovery HD partition with Disk Utility running, the Macintosh HD selected, & the Erase button clicked:

Yes, my Macintosh HD volume contains OS X version 10.11.1 & is my normal startup disk. The other volume you see listed there I named "Mountain Lion HD" has OS X 10.8.5 on it but that should not make any difference.

The important things to note are in the information below the popup. The Mount Point should be "/Volumes/Macintosh HD" which indicates it is not the current startup disk, & the Type should be either "Logical Volume" or "Physical Volume," indicating it is a volume & not a drive.

It just occurred to me that the reason you are not seeing the Security Options button is because your internal drive is a SSD. As I mentioned earlier, there is no way to guarantee the secure erase of anything on an SSD (it is a consequence of the way data is stored in their memory cells that cannot be worked around by software), so my guess is Apple has designed Disk Utility not to offer a security erase for SSDs, since that would just wear them out slightly faster without really securely erasing what is on them.

If I'm right about this, you could test with an external mechanical drive if you have one. Just connect it, start up Disk Utility, select one of its volumes, & click the erase button. (You don't have to erase anything, just note if the Security Options button shows up or not.)