neverpanic.de

Secure Erase on OS X El Capitan

| Comments

With the update to OS X El Capitan, Apple has rewritten Disk Utility. The pre-10.11 Disk Utility used to have an option to securely erase a disk – a feature I needed because I plan to throw a faulty disk away.

El Capitan Disk Utility erase dialog without security options button
Now, Apple still documents the option in KB article PH22241, but has implemented code that hides the “Security Options” button in certain situations. Unfortunately, they did not document which conditions need to be fulfilled for the button to be shown, which leads to the situation that I do not see it on any of my disks. My guess would be that the option is not available for encrypted disks, but since I do not have any unencrypted drives I cannot verify that assumption.

Why would you wipe an encrypted disk?

For an encrypted volume, wiping the header that contains the master encryption key should be enough to ensure that no data can be recovered. Conveniently, Apple does not provide an option to wipe the volume’s encryption header and documentation on Apple’s CoreStorage format it scarce, which means I don’t know where the header actually is. So a full wipe it is.

Luckily just because the GUI does not support the feature anymore does not mean that it cannot be done. The diskutil command line tool still has a secureErase option that supports overwriting entire volumes. Because I was doing this with CoreStorage volumes, I first had to delete that volume before secureErase would unmount the physical disk below:

:) clemens@cBookPro:~$ diskutil cs deleteVolume CD3D75E0-F317-42B6-B44F-FDCB1A9448CD
The Core Storage Logical Volume UUID is CD3D75E0-F317-42B6-B44F-FDCB1A9448CD
Started CoreStorage operation on disk7 cTM
Unmounting disk7
Removing Logical Volume from Logical Volume Group
Finished CoreStorage operation on disk7 cTM

Once the logical volume was gone, I was able to start the wipe with diskutil secureErase:

:) clemens@cBookPro:~$ diskutil secureErase
Usage:  diskutil secureErase [freespace] level MountPoint|DiskIdentifier|DeviceNode
Securely erases either a whole disk or a volume's freespace.
Level should be one of the following:
        0 - Single-pass zeros.
        1 - Single-pass random numbers.
        2 - US DoD 7-pass secure erase.
        3 - Gutmann algorithm 35-pass secure erase.
        4 - US DoE 3-pass secure erase.
Ownership of the affected disk is required.
Note: Level 2, 3, or 4 secure erases can take an extremely long time.
:( clemens@cBookPro:~$ diskutil secureErase 2 disk4
Started erase on disk4
Pass: 1
Pass: 2
Pass: 3
Pass: 4
[ - 0%..10%..20%..30%..40%..50%.......................... ] 52% 25:03:07

I did a little research that suggests that a single wipe is sufficient to prevent data recovery on modern disks, so the DoD 7-pass I used might seem like overdoing it, but since I’m throwing the disk out because it was causing write errors I am also using this as a last benchmark to see if it would trash the disk completely.

Comments

Please enable JavaScript to view comments. Note that comments are provided by a local instance of Isso. No data is sent to third party servers. For more information, see the privacy policy.