How-to Secure Erase Files from Your Hard Drive in OSX

Having recently read the following blog entry “Halloween Special: Secure Erase” about how easy it is to secure erase files in Apple’s latest version of the Mac operating System, codenamed Leopard, I thought I would write a quick review of ways to secure erase, files and entire hard drives for those of us using not just Leopard but also using earlier versions of the Mac OS.

Securely Removing Your Data

In essence the process of securely deleting files or data on your HD is just about overwriting that file data with binary data that is useless to any user, including youself i might add! The benefit of this is clear, but in what instances might you want to do this and how can you go about it?

Well, when you have files which you are no longer using and would like to dispose of in such a way that no one else can retrieve them, via whatever means. You might also have sold your laptop or desktop computer and wish to remove all traces of data from the hard drive(s) contained within it, including files that contain credit card numbers, social security numbers and other forms of personal data.

“Why not just use FileVault in OSX?” you ask yourself.

FileVault in itself offers a whole slew of different options and although keeps all data in your home directory as an encrypted disk image, thus securely, it presents its own set of issues of usage that one may or may not wish to face, but that’s for another article.

Okay, so back to the article in hand.

Shredding Your Trash

As of 10.3, Apple made it easy to securely erase your data, and in 10.5 they made it even more easy. Basically, once you have moved whichever items you need to securely remove to your trash, via drag-and-drop or using the Finder “Move to Trash” keyboard shortcut: Apple Key + Delete, then select “Secure Empty Trash” from the File menu inthe Finder.

In 10.5, this can be done the same way, or by using the respective button in the windw tool bar having opened the Finder window for the trash by double-clicking the Trash icon in the Dock.

And so, once that button has been clicked, OSX will run a 35-pass overwrite of the file, essentially going well beyond the basic recommendations of any government security department. And once it is done, there will be no going back, even the most persistent Mac Digital Forensics expert or Data Rescue Professional will NOT be able to get that data back from that hard drive or memory store for you.

As a word of caution, more than a warning, I would be careful what you secure erase, not just because you will not be abl to get it back, but also becase if you intend to secure erase LARGE files, it could takea substantial amount of time in order to complete the secure erase process, given that a large file would have to be overwritten 35 times.

What To Do When You Sell Your Mac System?

Everyone’s biggest fear when selling or disposing of an old desktop mac or macbook or powerbook is that eseential and confidential data will be left on the hard drive when they hand over the old Mac to the new owner or just physically leave it in the trash. To this end, whenever I have sold one of my old Macs I have always secure erased the HD and then re-installed the Mac OS for the new owner. In addition, whenever dumping a Mac I have also taken out the hard drive and erased it, or kept it for further use. That being said, the best way to perform a complete erase of one’s hard drives or other storage devices is to use Apple’ own Disk Utility.

Secure Erase with Apple’s Disk Utility

Making the assumption that you do not have an external drive from which you can boot and run OSX, or that you do no have another mac system you can plug the old system into using FireWire Disk Mode, then the best way to securely erase the data on your hard drive is by using the original OSX install CDs (Mac OS 10.2 or later).

The process is pretty simple and runs as follows:

1. Insert the install CD and reboot the system.
2. Hold down the C key directly after you hear the startup sound.
3. Once the installer appears, select “Open Disk Utilities” from the Installer menu.
4. In the left device menu select the drive you wish to securely erase.
5. Click the “Erase” tab in the window that loads on the right.
6. Choose the HFS+ format from the volume format drop menu options.
7. Click the “Options” button and select the “Zero All Data” checkbox.
8. Click OK and then Erase.
9. Hey Presto!

Conclusion: No Going Back!

And so there you have it, a simple guide on how to erase files, data and hard drives on the Mac. As you can see there is no need to purchase or use any third-party apps, as the functionality is built right into the operating system, though that being said, the functionality does not preclude third-party software from providing the same kind of functionality to the end user.

Happy Deleting! Just don’t expect to come back and read the article on: “Recover Accidentally Deleted, Erased or Lost Data Files in Mac OSX” and retrieve your files!

This entry was posted on Wednesday, October 8th, 2008 at 4:02 am and is filed under Apple Mac & OSX, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.