With macOS 10.11 El Capitan Apple removed the “Secure Erase” and “Erasing Free Space” features from Disk Utility, saying that they were not needed for a the solid-state drives that are standard in modern Macs because a standard erase makes it difficult to recover data from an SSD. Apple recommends using FileVault instead, which uses encryption to protect your data. And it’s true, you should definitely take care when securely deleting data from an SSD.
How Does Secure Delete Work?
If you want to delete a file forever, you will need to make sure it is overwritten immediately, since a simple “Empty Trash” command will only mark that part of the disk where the file was stored as available. To reduce the chances of deleted files being recoverable, Apple included a feature called Secure Erase in Disk Utility. The feature, present in macOS 10.4 to 10.10, offered two options: “Zero Out Data” and “7-Pass Erase”. The latter conforms to the DoD 5220.22-M specification.
However, these features were removed with macOS 10.11 El Capitan.
How Does an SSD Work?
Conventional file storage systems such as HFS, ext2, UFS and NTFS were originally designed for magnetic disks and so rewrite many of their data structures repeatedly to the same area. However, when these file systems are used on flash memory media, this becomes a problem.
SSDs are made of microchips storing data in blocks, which are individually able to tolerate a certain number of erase cycles before becoming unreliable. As an example: SLC NAND flash is typically rated at roughly 100,000 erase cycles.
Life Expectancy of SSDs
If we compare the SSD to a book, then the data you store on the media is like writing with a pencil on different pages of a book. Extending this analogy, you can erase the information you wrote on a page, but if you erase it too many times, the paper will become useless. This is exactly what happens with SSDs: if you erase and rewrite the same block too many times it can wear out.
To address this, flash controllers will try to make sure that the amount of times each block has been erased and rewritten is about the same, and as such expands the lifespan of the drive. This is called wear leveling.
The Dangers of Using Secure Delete on SSDs
In light of the above we should note that wear leveling interferes with secure erase apps, which deliberately try to protect your data by overwriting files with nonsense data to permanently remove them.
Recommended Data Protection Method: Encryption
With the introduction of macOS 10.11 El Capitan, Apple recommends turning on FileVault to protect data stored on the Mac. FileVault encodes the data on your startup disk so that other users, apps, or utilities can’t access your information. Only with knowledge of your iCloud account and password or the recovery key created at the moment of turning on FileVault will someone be able to access your data.
Only administrator accounts can set up FileVault, which remains the only option for Mac users looking for full disk encryption. But if you turn on encryption from Settings > Security & Privacy > FileVault, then FileVault cannot be turned off until the initial encryption is complete.
Best Mac Optimization Software of 2020
Get the Best Deals on Mac Optimization Software
Stay up to date on the latest tech news and discounts on Mac optimization software with our monthly newsletter.