Thursday, April 2, 2009

Use Command Line to Securely Erase Free Space from the Terminal

Source: Securely erase free space from Terminal | Mac OS X | Mac OS X Hints | Macworld

(Please note that there’s a chance of Extremely Unpleasant Things happening if you make a mistake with the following instructions. Proceed with caution, and make sure your backups are current before you try any of the following.)

If you’re selling an old Mac, a spare hard drive, or you’re just quite paranoid about your deleted data, you’re either familiar with—or should be familiar with—the Erase Free Space button on the Erase tab in Disk Utility (found in your Applications -> Utilities folder).

There are three options for securely erasing the free space on your hard drive:
  1. write over the free space with zeros (fast and relatively safe),
  2. write over the free space seven times (more secure, very slow),
  3. or write over the free space 35 times (extremely slow!).



I use this feature whenever I sell an old machine. First I format the drive and install a fresh copy of OS X, then I use Disk Utility to erase the free space (typically the one-time write-with-zeros option). This gives me a good sense of security, as it would take a team of dedicated professionals, and possibly special hardware, to have some chance of recovering any of my deleted data—though I really only care about a few financial files, and those are kept on an encrypted disk image, so they’re probably safe anyway.

But what if you need to do this from Terminal instead?
For instance, say you’ve only got remote login (ssh) access to another Mac, and you’d like to wipe its free space. Or you’re really paranoid, and would like to schedule a task (using cron or launchd) that regularly erases the free space on your drive.

It turns out OS X has an answer for that challenge, too.

In Terminal, a program named diskutil provides most of the features of OS X’s Disk Utility. To find out about it in detail, type man diskutil at the Terminal prompt. Within the man pages, you’ll find the explanation for how to securely erase a disk’s free space using diskutil:

(Please note that, as with many Terminal commands, there’s a chance of Really Bad Things happening if you make a mistake with the following instructions. Proceed with caution, and make sure your backups are current before you try any of the following.)


secureErase [freespace] level device
Securely erase a disk or freespace on a mounted volume.
Ownership of the affected disk is required.
Level should be one of the following:
o 1 - Single pass randomly erase the disk.
o 2 - US DoD 7 pass secure erase.
o 3 - Gutmann algorithm 35 pass secure erase.

No comments: