How to "securely" erase my MacBook's SSD

macos disk-format

Solution 1:

You don't need to.

Once you erase an SSD on a Mac, it's unrecoverable even from a forensics standpoint. This is because of the type of TRIM command that the hardware (SATA controller on the logic board and the SSD) issues. Basically, if you were to stop an erase mid-process you theoretically could take it to a lab or the manufacturer to recover data. So, it's not impossible but highly, highly improbable recovery is possible. I've previously written about this topic:

  • Can the data on an MacBook Pro SSD be recovered after formatting using Disk Utility
  • How to get the "securely erase" function of Disk Utility on El Capitan & Sierra
  • https://apple.stackexchange.com/a/288756/119271
  • Recovering files from SSD and SSD life?

If you want to be even more certain, turn on File Vault (Apple recommends this) when you reset it. Then disable it (for the next user).

Solution 2:

Because you have a SSD installed in your MBP, you cannot use the 'secure erase', nor the 'erase free space' options in Disk Utility. It is better to boot your MBP into macOS Recovery while your SSD is protected with FileVault, then wipe the drive and reinstall macOS.

From this post at Backblaze are instructions on how you can also use Terminal commands whilst in macOS Recovery to do the secure erase you're looking for:

Securely Erasing Free Space on Your SSD

If you don’t want to take Apple’s word for it, if you’re not using FileVault, or if you just want to, there is a way to securely erase free space on your SSD. It’s a little more involved but it works.

Before we get into the nitty-gritty, let me state for the record that this really isn’t necessary to do, which is why Apple’s made it so hard to do. But if you’re set on it, you’ll need to use Apple’s Terminal app. Terminal provides you with command line interface access to the OS X operating system. Terminal lives in the Utilities folder, but you can access Terminal from the Mac’s Recovery System, as well. Once your Mac has booted into the Recovery partition, click the Utilities menu and select Terminal to launch it.

From a Terminal command line, type:

diskutil secureErase freespace VALUE /Volumes/DRIVE

That tells your Mac to securely erase the free space on your SSD. You’ll need to change VALUE to a number between 0 and 4. 0 is a single-pass run of zeroes; 1 is a single-pass run of random numbers; 2 is a 7-pass erase; 3 is a 35-pass erase; and 4 is a 3-pass erase. DRIVE should be changed to the name of your hard drive. To run a 7-pass erase of your SSD drive in “JohnB-Macbook”, you would enter the following:

diskutil secureErase freespace 2 /Volumes/JohnB-Macbook

And remember, if you used a space in the name of your Mac’s hard drive, you need to insert a leading backslash before the space. For example, to run a 35-pass erase on a hard drive called “Macintosh HD” you enter the following:

diskutil secureErase freespace 3 /Volumes/Macintosh\ HD

Something to remember is that the more extensive the erase procedure, the longer it will take.

Related

Share Mac Files (Yosemite) with Windows
How can I disable "Top Sites" in Safari/Webkit completely?
OS X: CM Storm Devastator keyboard doesn't light up
Disable screen blur on fast user switching in Yosemite
Fixing /etc/sudoers file
Can Finder and the "open" command treat files with .sh or other typical extensions just like .command files?
Is it possible to STOP the 'Upgrade to macOS High Sierra' message that keeps stalking me?
Unchecking "Restore windows when quitting and re-opening apps" doesn't work
How can I use an Xbox 360 controller to play Steam games?
What is Dwarf Fortress?
Is there any use to poisonous potatoes in Minecraft?
What game is this knight-like character from?