Does secure erase through Terminal affect old user accounts?
I had some problems with an old user account on a Macbook Pro with SSD, and I wanted to start fresh. I am not sure if I deleted the account, but I think I did reinstall the OS through I think internet recovery mode. The old account is not present in Users & Groups.
I did
My-MacBook-Pro-2:Desktop accoutname$ sudo diskutil secureErase
freespace 0 /Volumes/Macintosh\ HD
and the following is the response I got from Terminal:
Started erase on disk1 Macintosh HD
Creating a temporary file
Securely erasing a file
Creating a secondary temporary file
Mounting disk
Finished erase on disk1 Macintosh HD
In Disk Utility there are two Macintosh HD's shown, the top one with '0 Bytes Available' and the bottom indented one with 180 GB available. Did both of these HD's with the same name get erased by my Terminal command?
FileVault is enabled on the current account but not sure if it was on the old account. Either way I know FileVault isn't totally foolproof (https://www.blackbagtech.com/blog/2017/07/13/macquisition-best-just-got-better/), and since I'm not 100% sure how the old account was deleted, I just wanted to ask if my current method through Terminal makes the data on the old account non recoverable? Any other steps I should take?
Everything you describe seems to be just fine. To be totally sure I would re-enable FileVault and then cycle the keys (boot to recovery HD and erase the FV volume.) That ensures that each "block" is cryptographically scrubbed before you then re-introduce a new OS and then turn on FileVault2.
The main lesson to keep in mind is with SSD - be sure to enable FileVault before you put anything secure on the drive. That way when SSD swaps in new "excess capacity" blocks to replace others - you don't get old plain text data restored or have plain text data taken "offline" only to be possibly be put into service after you do the "wipe".
https://support.apple.com/kb/PH22241
The key phrase is:
Note: With a solid-state drive (SSD), secure erase options are not available in Disk Utility. For more security, consider turning on FileVault encryption when you start using your SSD drive.