Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

madrich

macrumors 6502a
Original poster
Feb 19, 2012
620
116
I read the following, " an SSD cannot be securely erased. When Disk Utility tries to write data over the entire drive, the SSD’s firmware will write that data where it chooses, and that may mean that some portions of the SSD remain unerased, and thus may contain recoverable data. If you have sensitive information on an SSD, you should probably replace the SSD with a new one before selling, or simply not sell the computer."

Question, if this is true and I have a password protected folder, could the folder be recoverable and still read without a password?

Thank you.
 
I believe the answer (regarding a password-protected folder) is "no".
If I'm wrong, others will jump in with corrections.

I believe that if you want to protect the entire drive from data recovery, use Filevault to encrypt the entire drive, and then… use Disk Utility to re-initialize it.
 
  • Like
Reactions: vkd
It's true that the SSD controller remaps logical blocks so I suppose it's possible that an erase by writing zeros would not write all physical SSD pages. I'm curious though as to how you'd go about reading the unwritten pages, because they wouldn't be mapped to anything current by the controller. If we're talking about reading the SSD by physically tapping the flash memory traces and reading them directly, that's not something that you can do without suitable equipment and training. If you're worried about someone at that level getting at your data, then maybe you should simply put the SSD in a crusher rather than trying to sell it usable...
 
Hmmmm. I recall reading long ago that it was actually easier to make sure an SSD was not recoverable. Simply use a program to fill the entire drive with "data." Once the drive is full, over write the data again and that is all it takes. I welcome any comments that say otherwise as I don't want to give misinformation.
 
  • Like
Reactions: vkd
I recall reading long ago that it was actually easier to make sure an SSD was not recoverable. Simply use a program to fill the entire drive with "data." Once the drive is full, over write the data again and that is all it takes.

It is not that simple. As kschendel said, what gets written where is beyond your control. SSDs can have extra blocks that they aren't making available as free space, but use for wear levelling and performance optimisation. This over-provisioning can mean that data remains on the drive.

There are ultimately two options: (a) make sure that no sensitive data is written in plain text to the disk in the first place or (b) send a special secure-erase command to the SSD’s controller that directs it to wipe the data. Unfortunately, macOS does not seem to support this out of the box, you’d have to use the Linux tool hdparm or the Mac tool Paragon Disk Wiper. You can use both via a bootable thumb drive and send the command from there.

However, option (b) may not be supported by your SSD or support may be unreliable. The same is true for the trim command. Encryption from the start is the only truly reliable option.
 
  • Like
Reactions: vkd and phrehdd
KALLT thanks for the heads up. It has been a long while since I've seen this topic and your response was clear and precise.
 
KALLT thanks for the heads up. It has been a long while since I've seen this topic and your response was clear and precise.


Dear phrehdd: What is your avatar? ObjecT or Art? Just curious.


Never mind. I saw it on your profile page. It's a guy at a piano. The forum's avatar circle cuts part of it off.
 
Dear phrehdd: What is your avatar? ObjecT or Art? Just curious.


Never mind. I saw it on your profile page. It's a guy at a piano. The forum's avatar circle cuts part of it off.

Yes, it is a well known photograph. As for the circular cut off, it makes for what I believe is also a nice graphic.

It is Arnold Newman's portrait of Igor Stravinsky. A great use of positive and negative space in a black and white image.
 
Yes, it is a well known photograph. As for the circular cut off, it makes for what I believe is also a nice graphic.

It is Arnold Newman's portrait of Igor Stravinsky. A great use of positive and negative space in a black and white image.

Thank you for your response about the avatar. I am impressed! Your comment reminded me when I first listened to the recording of Igor Stravinsky's Firebird. I was impressed.
 
  • Like
Reactions: phrehdd
It is not that simple. As kschendel said, what gets written where is beyond your control. SSDs can have extra blocks that they aren't making available as free space, but use for wear levelling and performance optimisation. This over-provisioning can mean that data remains on the drive.

There are ultimately two options: (a) make sure that no sensitive data is written in plain text to the disk in the first place or (b) send a special secure-erase command to the SSD’s controller that directs it to wipe the data. Unfortunately, macOS does not seem to support this out of the box, you’d have to use the Linux tool hdparm or the Mac tool Paragon Disk Wiper. You can use both via a bootable thumb drive and send the command from there.

However, option (b) may not be supported by your SSD or support may be unreliable. The same is true for the trim command. Encryption from the start is the only truly reliable option.


you kind of contradicted yourself. You said SSd have extrs blocks that arent available as free space. So why does it matter if it doesnt get overwritten with data if user data is not getting written on it?
 
you kind of contradicted yourself. You said SSd have extrs blocks that arent available as free space. So why does it matter if it doesnt get overwritten with data if user data is not getting written on it?

Because the SSD’s controller may still use those blocks to write your data to it. SSDs keep an internal record for storing data that they aren’t disclosing to the system. When the system says: write this bit of data to location X1, the controller may write it to location Y2 instead. But when the system says: give me the data at location X1, the controller knows that it should return Y2. This happens internally and is done to maximise the lifespan of the storage cells.

Secure-erasing by overwriting is an approach not suited for SSDs. When the OS says: overwrite the data from A1 to to Z9, the controllers interprets this as writing new data to unused storage blocks. It does not distinguish between writing and overwriting. Over-provisioning gives the SSD some breathing room to cycle between cells more evenly and keep fresh storage blocks ready for future use. Accordingly, the SSD may leave behind stale data blocks until it gets around deleting them to make room for fresh blocks again.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.