That being said, I would just install a new OS and then enable FileVault which will then encrypt each block on the drive with the new keys - a one time erase pass. For more security, consider turning on FileVault encryption when you start using your SSD drive.Īpple’s terse recommendation requires you to read between the lines or know about cryptographic sanitization of data and read up on FIPS / etc. Note: With a solid-state drive (SSD), secure erase options are not available in Disk Utility. When you shred the encryption keys - the data is cryptographically erased instantly. The proper / official / thorough way to sanitize an Apple SSD is to enable FileVault before you copy any data to it. I'm currently just doing it the old-school way with shred which writes random data to the drive but obviously this isn't ideal as it's slow and shortens the live of the drive, so I'd love to know the proper method to use in the future. I also bought Parted Magic which claims to be able to secure-erase NVME drives and unfortunately that fails as well. I've tried multiple permutations of the command and options, including targeting the raw NVME controller /dev/nvme0 or one of its namespaces instead /dev/nvme0n1, different parameters to the -s option, etc.
I found a Linux utility called nvme-cli but even with its format option it fails with an error INVALID_OPCODE(1) (looks like the NVME controller rejects the command). With the new NVME drive this does not work.
With a conventional SATA drive I'd use the "ATA Secure Erase" command which can be sent from a Linux environment using the hdparm utility. Deauthorize Your iTunes Account Log Out of iCloud and iMessage Reformat Your Hard Drive Disk (HDD) How to Secure Erase a Mac SSD Reinstall the Mac. Parted Magic is a bootable Linux environment, meaning you install it to a USB drive and boot from there.I just got one of the new 12-inch MacBooks and would like to wipe the storage drive. The tool does cost $11, but you have access to the suite forever, whenever you need it, and it's one of the best ways to securely erase an SSD. Parted Magic is a whole Linux distribution featuring all manner of disk erasing and partition managing tools. Indeed, Parted Magic features as an essential tool to keep in your PC repair USB toolkit. Secure Erase Your SSD Using Parted MagicĪlthough the SSD manufacturer tool may come with a secure erase tool, many experts advise using Parted Magic instead. If that is the case with your SSD, move to the next section. Furthermore, in some cases, your SSD model may not support the command. However, some manufacturers do not include the ATA Secure Erase command as an option. The SSD manufacturer's management app is the first place to check for a secure erase tool.
While it's impossible for MakeUseOf to check the software of every manufacturer, you can find a list of tools for the major SSD manufacturers below.
The software usually includes a firmware update tool, and secure erase tool, and perhaps a drive cloning option. Most manufacturers supply software to use with their SSD. Secure Erase Your SSD Using a Manufacturer Tool So yes, it does cause a small amount of wear, but it is negligible compared to a traditional secure wipe tool. Using the ATA Secure Erase command does use a whole program-erase cycle for your SSD. The process resets every available block of space in a single operation, and the SSD is "clean." Instead, the command causes the SSD to apply a voltage spike to all available flash memory blocks in unison. Importantly, the ATA Secure Erase command does not write anything to the SSD, unlike a traditional secure wipe tool. The command resets all available blocks to the "erase" state (which is also the state the TRIM command uses for file deletion and block recycling purposes). The "ATA Secure Erase" command instructs the drive to flush all stored electrons, a process that forces the drive to "forget" all stored data.