This guide will show you how to completely wipe a computer. The guide assumes that you are using SSD disks but can also be applied to old HDDs.
Did you know that when you delete a file, send it to the trash bin and empty it, you are not really removing the data from the disk? It’s true. When you hit delete and empty the trash bin, your data is actually left intact on the disk. This is because the only way to truly erase data is to physically break the disk or to overwrite it.
What does this mean?
Let’s begin with bringing clarity to some of the terms often used and misunderstood when it comes to erasing data and disk wiping.
Deleting a file is like telling the computer that it is no longer to be used and that it doesn’t need to reserve space for it anymore. The file is then made invisible to the operating system even though it’s still there, but you have given the computer permission to overwrite it incase that space is needed for something else.
When you empty the trash bin, the computer asks “This will permanently remove files, are you sure?”, it is only permanent in the sense that you can’t find it anywhere on the computer. It can still be restored using special software and is not that hard.
If you are selling your computer with sensitive information on your drive and want to completely make sure that it is never restorable, then deleting and emptying trash bin or formatting is, by far, not enough.
Formatting is a fancy way of deleting files and achieves the same result as doing it manually, only it’s much more efficient. Formatting your drive will completely and automatically delete everything on your drive, but remember that if the information you delete must disappear forever, this is not enough. Your data is easily retrieved by data recovery software often used by law enforcement and criminals.
The process of erasing is what you must do when you are looking to completely and forever, non retrievably, erase files. Since data can not actually be erased from an SSD, the best way is to overwrite data and randomly replacing it with 0’s and 1’s.
Erase utilities overwrites all data on the disk and tells the operating system that it’s ok to replace all present data, therefor the computer will think that the disk is empty even though it’s actually full of randomised 0s and 1s.
Wiping is what formatting is to deleting. It’s simply an automated process that erases everything. When you want to completely erase everything on your disk, you wipe it.
Before We Start Wiping
One great way of mitigating the risk of data being recovered is to not create any. That may sound silly but is actually very effective. It can be done by using virtual machines such as VMware and live operating systems such as Tails to create isolation between your host system (OSX & Windows) and the virtual machine and live operating system.
Lets get going.
Step 1 - Backup
Remember to backup all the important files that you may want to keep on an external drive because you will never be able to restore files after this process. Everything will be erased and non retrievable.
Step 2 - Encryption & Cryptographic Erase
This step will not actually erase anything but it’s one of the best ways of securely protecting data in case the wiping process is not 100% accurate. Basically, cryptographic erasing means encrypting the disk and then throwing away the encryption key.
This prevents anyone digging into your data using forensic tools from accessing it. By using FileVault or BitLocker, all the data on the drive will be encrypted with a 128-bit AES encryption algorithm, and a 256-bit encryption key will be created that can be used to encrypt and decrypt the drive.
-> System Preferences -> Security & Privacy -> FileVault
-> Click Turn on FileVault
This will initiate the encryption process which depending on the amount of data present on your disk, can take hours. Also, make sure to remember the password.
- When done, restart you Mac in Recovery mode. Hold ⌘+R while booting.
- Launch Disk Utility. Select the disk (Macintosh HD). Select Unlock “volume name” from the File menu. Enter the saved password.
- Click Erase.
- This deletes the FileVault key. The SSD now contains only unreadable, encrypted gibberish.
- Install a new version of macOS and activate FileVault again.
On Windows 10
Control panel -> System & Security -> BitLocker Drive Encryption
or search for Manage BitLocker in the Cortana search field
Activate it by clicking on Turn on BitLocker.
- When done
Settings -> Update & security -> Recovery
Under Reset this PC click Get Started and then choose Remove everything -> Remove files and clean the drive
- Install a fresh copy of Windows 10 and activate BitLocker again
What Have We Actually Accomplished So Far?
We have ensured that all data have been encrypted and thereby making it useless and we have thrown away the key. But, even though the data has been encrypted, it is still there.
At this stage, someone with a little bit of computer wits could restore your data using data restoring software. It’s a good thing that we applied the encryption and because of that, the data is still safe.
How to actually erase data?
Step 3 - Multiple pass overwrite
The following procedure may be harmful to your SSD due to the nature of solid state disks. Every pass that is performed will prematurely shorten the life of the disk.
Remember that on SSDs we can not simply erase data and make it disappear. Instead, the process of erasing means overwriting. To be completely sure that no data is left on the disk, the overwriting process is done in multiple passes.
There are several standards or methods of multiple pass disk erasing such as
DoD 5220.22-M (ECE)
This is how the standard called DoD 5220.22-M does it:
- Pass 1: Overwrites all addressable locations with binary zeroes.
- Pass 2: Overwrites all addressable locations with binary ones.
- Pass 3: Overwrites all addressable locations with a random bit pattern.
- Verifies the final overwrite pass.
Either Windows or macOS support this standard on SSDs due to the fact that it can be harmful to the disk. This is why third party software must be used.
Step 3 - Multiple pass overwrite
ASCOMP Secure Eraser
Remember that the multiple pass overwrite should only be applied if you are not planning on your SSD again. Doing a single pass won’t harm the disk so this might be the best option of you are selling the disk.