Do data erase software damage external hard drives?

[on the rocks]

Hi everyone, some years ago I’ve read a post that data erase/overwrite software should not be used on an external SSD drive because it would decrease its lifetime. The post didn’t mention external HDD drives.

Recently I have tried Google to find more information about this but without success.

Therefore my question is do data erase apps such as permanent eraser decrease the lifetime of external HDD drives?

Edit:
Here is some more additional information concerning my question. It’s based on the following practical situation. Once in a while I delete some of the (sensitive) data on an external HDD drive while keeping the rest. So I don’t delete the entire drive and want to keep the remaining data on it and therefore would not reformat the entire drive.

So is it harmful for the HDD external harddrive lifetime health to use a data erase app such as permanent eraser?

 

[usagora]

It shouldn't matter whether the SSD is internal or external. From what I've read, there's no need to use conventional overwriting methods to securely erase those like you would on an HDD. What I normally do with an SSD (including USB sticks) that I want to securely erase is simply delete everything on them, empty the trash, then I format them with encryption (e.g. APFS encrypted), then I format them again in the actual format I want.

 

[KaliYoni]

my question is do data erase apps such as permanent eraser decrease the lifetime of external SSD drives? More importantly I’ve the same question for external HDD drives.

This article has a good overview of erasing HDDs and SSDs:

How to Securely Erase a Mac’s SSD or Hard Drive - TidBITS

If you need to get rid of a Mac or external drive, how do you ensure that no one can access the data on it? Adam Engst runs through the various methods you can employ, one or more of which should address your situation.

tidbits.com

Also, something to keep in mind with SSDs, memory cards, and USB memory sticks is that solid state storage only lasts for a finite number of write operations. Essentially, each "cell" of memory degrades a little every time something is written to it. Magnetic platter hard drives, on the other hand, do not face this limitation.

 

[NoBoMac]

Along the lines of the provided link, MacOS's man page for diskutil echoes what the article says re: SSDs:

NOTE: This kind of secure erase is no longer considered safe. Modern devices have wear- leveling, block-sparing, and possibly-persistent cache hardware, which cannot be completely erased by these commands. The modern solution for quickly and securely erasing your data is encryption. Strongly-encrypted data can be instantly "erased" by destroying (or losing) the key (password), because this renders your data irretrievable in practical terms. Consider using APFS encryption (FileVault).

Another problem, iirc, APFS encryption only encrypts on write. So reformatting a drive as APFS encrypted will not encrypt any blocks of data (ie. the remnants of files that might still be on an SSD) until a block is written. And this is why turning on encryption for a new/empty drive with APFS is instant.

What might work is to re-format the drive as MacOS Extended Encrypted (HFS+ encrypted) as that will create a CoreStorage blob that will write encrypted blocks. Then can do a simple reformat to whatever format one wants. Or can basically do what is suggested in the link, from Terminal: diskutil secureErase 1 [disknumber]
(basically same as creating an HFS+ encrypted). Depending on the size of the drive, might take a while.

Ideally, encryption should be turned on from the get go so that when it's time to erase the drive, just reformat the drive as that will erase the encryption keys and don't have to worry about doing a secure erase.

 

[kitKAC]

Another problem, iirc, APFS encryption only encrypts on write. So reformatting a drive as APFS encrypted will not encrypt any blocks of data (ie. the remnants of files that might still be on an SSD) until a block is written. And this is why turning on encryption for a new/empty drive with APFS is instant.

According to the Apple Platform Security Guide:

https://support.apple.com/en-gb/guide/security/sec4c6dc1b6e/1/web/1

On T2 Macs and upwards, APFS volumes are created with an encryption key even if FileVault isn't enabled. That's what makes FileVault quick to turn on.

If FileVault is turned on later — a process that is immediate because the data has already been encrypted — an anti-replay mechanism helps prevent the old key (based on hardware UID only) from being used to decrypt the volume. The volume is then protected by a combination of the user password with the hardware UID as previously described.

 

[on the rocks]

Thanks all of you for replying. Here is some more additional information concerning my question. It’s based on the following practical situation. Once in a while I delete some of the (sensitive) data on an external HDD drive while keeping the rest. So I don’t delete the entire drive and want to keep the remaining data on it and therefore would not reformat the entire drive.

So is it harmful for the HDD external harddrive health to use a data erase app such as permanent eraser?

 

[kitKAC]

If you've got sensitive data on the drive, it should be encrypted. Any deleted files will still be encrypted so you don't have to waste time using apps to permanently erase the files.

 

[NoBoMac]

On T2 Macs and upwards, APFS volumes are created with an encryption key even if FileVault isn't enabled. That's what makes FileVault quick to turn on.

Correct. However in OP’s case, the drives are external, so similar situation but not same. No automatic encryption via T2/M chips when external, but when encryption is turned on, still fast even without T/M.

You can test this by formatting an external drive as APFS unencrypted then add an encrypted partition to the container: will happen instantly no matter if T/M equipped or not. With APFS, the partitions are dynamic in size by default and grow/shrink as needed, hence, only encrypt what/when needed vs always or ahead of time when HFS+.

 

[Fishrrman]

I've "secure erase" or "shred data" operations on SSDs before.
They kept working.
Maybe it's not "recommended".
But again ... they kept working.

 

[NoBoMac]

Once in a while I delete some of the (sensitive) data on an external HDD drive while keeping the rest.

What you can do, in the future, partition the drive to have a secure partition and an unencrypted partition. Sensitive stuff saved to encrypted, everything else on the other partition. This is how I generally setup my externals. Financial and medical records, recovery keys and ilk go to encrypted. Music, pictures and general stuff on the other.

With APFS format, no need to worry about allocating adequate size to the respective partitions, so becomes a relatively no muss, no fuss option.

 

[on the rocks]

This article has a good overview of erasing HDDs and SSDs:

How to Securely Erase a Mac’s SSD or Hard Drive - TidBITS

If you need to get rid of a Mac or external drive, how do you ensure that no one can access the data on it? Adam Engst runs through the various methods you can employ, one or more of which should address your situation.

tidbits.com

Also, something to keep in mind with SSDs, memory cards, and USB memory sticks is that solid state storage only lasts for a finite number of write operations. Essentially, each "cell" of memory degrades a little every time something is written to it. Magnetic platter hard drives, on the other hand, do not face this limitation.

Does software such as 'permanent erase' degrade the cells of memory more (as it overwrites data multiple times) compared to deleting data by using the recycling bin?

 

[JustAnExpat]

Does software such as 'permanent erase' degrade the cells of memory more (as it overwrites data multiple times) compared to deleting data by using the recycling bin?

Just to make sure, are you using an SSD or an old fashion HDD with a spinning platter?

 

[on the rocks]

Just to make sure, are you using an SSD or an old fashion HDD with a spinning platter?

Actually both. At the moment an old fashion HDD for external storage and a SSD for internal storage. Was mainly wondering about the internal SSD.

 

[MacBH928]

What you can do, in the future, partition the drive to have a secure partition and an unencrypted partition. Sensitive stuff saved to encrypted, everything else on the other partition. This is how I generally setup my externals. Financial and medical records, recovery keys and ilk go to encrypted. Music, pictures and general stuff on the other.

With APFS format, no need to worry about allocating adequate size to the respective partitions, so becomes a relatively no muss, no fuss option.

How do you backup this? 1 APFS drive or 2 – 1 encrypted and 1 non-encrypted? U use Carbon Copy Cloner.

Actually both. At the moment an old fashion HDD for external storage and a SSD for internal storage. Was mainly wondering about the internal SSD.

I did a little research on this before and here is what I found so far.

1-Data on drives are not deleted, They are merely overwritten with gibberish data.

2-Yes writing more on any drive will "wear and tear" it but not necesarliy to unusable state.

3-Due to the nature of how SSDs work you can not "securely" delete data from it.

Here is what is best to do:

1-If its HDD I would secure erase it 3 times (out of paranoia) then encrypted it with a long gibberish password. The longer the better. Then if you want to reuse it just clear it out and set up as new drive.

2-If its SSD, secure erasing does not work. Skip to the encrypting step and set up as new drive for re-use.

If you want to get rid of the drive altogether, damage it physically by shredding it. If you have no access to a drive shredder , you can do drilling. The more holes the better, the more damage the better.

You can find more helpful information here