Ever since Apple started implementing solid state drives (SSDs) in its line of notebook computers, the process for formatting the drive has evolved from the method previously used for a SATA magnetic disk drive. The tried-and-true method of writing 35-plus series of zeros over the entire disk for maximum data obscurity is no longer a recommendable option because filling an SSD that many times can negatively impact the life expectancy and efficiency of the drive.
In this tutorial, I'll be explaining what you should you do if you find yourself needing to permanently destroy files on an SSD.
How SSDs Work
A solid state drive is based on flash memory, the same lightning quick stuff that is soldered onto the motherboard of your smartphone and residing inside the plastic SD card in your camera. An SSD is just a bigger, more reliable type. Each data cell in an SSD operates as a tiny storage unit that is either storing something or not.
Clearing a cell that is storing information is like flipping a switch, turning the cell off, but because information is randomly stored throughout the drive, pieces of that data are still there until another piece takes its place. As each cell is used repeatedly, some degradation in speed occurs, making the drive bit-by-bit slower; therefore, writing an SSD 35 times with a series of zeroes is detrimental to the drive.
Wisely, most solid state drives have two built-in features for securely erasing a drive.
One is TRIM, a hardware command that collects leftover pieces of files and whisks them away to a single cell that can then be turned off and cleared. TRIM is a passive operation, however, so it requires a period of normal computer usage before the old data is scrubbed. That time period differs for each drive, though, and there's no easy way to determine when it's happened.
TRIM support was added as a feature with OS X Lion, but since TRIM doesn't offer immediate results, wiping a drive right before donating it or selling it to another person doesn't really give you piece of mind that your information is securely erased, permanently.
Another feature of many solid state drives is Secure Erase, a hardware command that tells the SSD controller wipe the drive completely and thoroughly. The problem is that Apple SSDs are not compatible with the Secure Erase feature because they are proprietary in nature.
Apple uses a "blade-style" SSD (similar to mSATA) in the 2010-2012 Macbook Air and retina Macbook Pro. And with the newest version of the Macbook Air, Apple has changed formats again to SSD chips controlled by PCI-e. All that to say that Secure Erase is not a viable option.
Encryption to the Rescue
If you attempt to boot into Disk Utility on an SSD-equipped Mac to secure erase the drive using the typical zero-pass method, expect to see that option grayed out (unavailable). Either Apple has full faith in TRIM or doesn't believe you store any secrets. It has, however, provided a built-in encryption tool for OS X, called FileVault 2. Introduced in OS X Lion, FileVault 2 offers an XTS-AES 128 level of encryption for your drive.
When you're ready, grab a snack and let's start shredding some files. As a side note, if you are interested in encryption but unsure if it's right for you, it can be turned off later, thereby decrypting your drive as long as you have the encryption key.
Tip: Warning: Back up any important documents or data before attempting either method below to format your drive.
Step 1: Enable FileVault 2 Encryption
The best recommendation is to encrypt your SSD from the start, but it also can be done right before formatting and should only add 15 minutes to your formatting process. Open System Preference > Security & Privacy and select the FileVault tab.
Next, click the Turn On FileVault button. If it is unavailable, you need to click the lock icon in the bottom left of the dialog box to make it selectable.
You will be provided with a 16-digit alphanumeric failsafe code for use in the event you forget your password. Press Continue to move on.
Tip: You can copy/paste the 16-digit failsafe code so I recommend emailing it to yourself or saving it as a plain-text file on a flash drive. Don't save it to your computer because if you lose your personal password, you won't be able to open your saved files.
On the next screen, you can choose whether or not you'd like to backup your encryption key with Apple. If you choose to do so, you will be prompted to provide answers to three security questions. Storing your key with Apple is probably a wise decision for most users. The only caveat is that it makes your encryption susceptible to "social hacking" by way of Apple's support services, so it's your call.
You will need to reboot your computer in order for the encryption process to begin. After your computer boots up again, you can check the status of the encryption by returning to the Security and Privacy pane of System Preferences. It should take fewer than 15 minutes because, well, solid state drives are quick!
Step 2: Format the Drive
Shutdown your Mac and then power it back on while holding the Option key to call up the boot menu.
Choose the OS X recovery partition--Lion or Mountain Lion--to boot into system backup. If your disk has no recovery option, reboot while holding Command+R to begin Internet Recovery.
Choose the Disk Utility and select your main drive on the left side column. If the name of your drive is grayed-out (unavailable), you will need to unlock it with your account password. To unlock it, right-click the name and then choose Unlock (your drive's name) and type your password. The drive will then be unlocked for formatting.
At this point, you can erase the drive as usual. Click the Erase tab at the top and then choose the format type from the drop-down and give it a new name. Select Erase and let Disk Utility run its course. Voila! You have a fresh, securely formatted drive ready for a new install of OS X. You can now return to the main recovery pane to re-install the OS.
Tip: If you don't intend to keep the drive encrypted, be sure to pick the default Mac OS Extended, Journaled
Once your encrypted drive has been reformatted, it should only be a matter of time before TRIM works its magic and vaporizes the now-empty data cells. Regardless, since they were encrypted before you wiped the drive, they would be very difficult to retrieve.
If you're interested in securing only some of the files on your Mac but don't want to encrypt the whole drive, you can use Disk Utility to create a smaller volume, called a Disk Image, and encrypt that. To read more about using Disk Images, check out Mac.Appstorm's Creating Disk Images with Disk Utility article. If you're interested in heavier security for your files, you might consider TrueCrypt, a free, open-source application with seven types of encryption.
In Need of Clarity
If you want foolproof security, visit a lab and dip your drive in some thermite to have a little pyrotechnic fun. If you want to keep the drive in working order, familiarize yourself with the fairly intuitive FileVault 2 so you can encrypt your drive and sleep a little more soundly. It's a fairly painless process--assuming you don't lose your encryption key!--and works with any type of Apple SSD introduced thus far. Whichever you choose, you'll undoubtedly still wish Apple provided a quick-encryption formatting option into Disk Utility to make it even easier.
Envato Tuts+ tutorials are translated into other languages by our community members—you can be involved too!Translate this post