Many Mac users running a modern version of OS X El Capitan have
noticed the Secure Erase Free Space feature has gone missing from Disk
Utility. What the “
Erase Free Space”
feature did (and still does in prior versions of Mac OS X) was
overwrite the free space on a drive to prevent file recovery, adding a
layer of security and privacy to file removal, much in the way that
Secure Empty Trash performed a similar function of overwriting data after removal.
For those wondering, these features were removed from the modern
version of Disk Utility in Mac OS X because they do not work on SSD
volumes, which are becoming more commonplace and nearly all Mac laptops
ship with them by default now. But not everyone has an SSD drive, and
thus some users may still wish to perform a secure erase of free space
on their Mac hard disk. To achieve the same secure erase in modern
versions of Mac OS X you’ll need to turn to the command line. And yes,
this works to erase free space on older versions of Mac OS X too, but
since they can do
the same task with Disk Utility it’s perhaps a bit less relevant to the prior releases.
This is for advanced Mac users only who are comfortable with backing up
their Mac, using the command line with exact syntax, and the concepts
behind permanently removing data. To be perfectly clear, this secure
erases only the free space on a drive, aimed at preventing file recovery
efforts, it does not perform a
secure erase of the entire hard drive as described here.
How to Secure Erase Free Space on Mac OS X El Capitan Drives via Command Line, Without Disk Utility
Back up your Mac before attempting to use these commands. The command
line requires precise syntax and is unforgiving, improper commands
could lead to the unintended removal of data you do not want to delete,
permanently, as this is a secure erase function. You have been warned,
so backup your Mac data first, then proceed at your own risk.
To get started, launch the Terminal (found in
/Applications/Utilities/) and use the following general syntax,
replacing level and drive name as appropriate:
diskutil secureErase freespace (level 0-4) /Volumes/(Drive Name)
(level 0-4) is a number indicating the number of passes to write to
the free space, ‘freespace’ indicates you are erasing only the free
space and not the
entire drive
itself – a critically important difference – and (Drive Name) is self
explanatory. Users can also choose the disk identifier if desired. If
you aren’t sure of the name of the drive, using
diskutil list
will show you all mounted drives and partitions. If the drive in
question has a space in the name, you should place it in quotes or
escape it with backslashes.
For example, to perform a secure erase with 35 passes on free space
on a drive named “Macintosh HD” you could use the following command
string:
diskutil secureErase freespace 3 "/Volumes/Macintosh HD"
Hitting return will instantly begin the secure erase of any free
space. This is irreversible, so as we’ve mentioned a dozen times
already, be sure the syntax is exact.

The manual page entry on diskutil offers the following details on the
secure erase feature, detailing the level of writing over free space.
secureErase [freespace] level device
Erase, using a secure method, either a whole-disk (including
any and all partitions), or, only the free space (not in use
for files) on a currently-mounted volume. Erasing a whole-
disk will leave it useless until it is partitioned again.
Erasing freespace on a volume will leave it exactly as it was
from an end-user perspective, with the exception that it will
not be possible to recover deleted files or data using utility
software. If you need to erase all contents of a partition
but not its hosting whole-disk, use the zeroDisk or randomDisk
verbs. Ownership of the affected disk is required.
Level should be one of the following:
o 0 – Single-pass zero-fill erase.
o 1 – Single-pass random-fill erase.
o 2 – US DoD 7-pass secure erase.
o 3 – Gutmann algorithm 35-pass secure erase.
o 4 – US DoE algorithm 3-pass secure erase.
That’s all there is to it, and this is how you can continue to erase
free disk space on a Mac running OS X El Capitan or later with the newly
limited Disk Utility. Another option is to use an old version of Disk
Utility in modern versions of Mac OS X,
either from a boot drive or recovery mode, of an older Mac OS release, or with the application itself, but that is generally not recommended.
And yes, this works on both standard hard disk drives with spinning
platters, and modern SSD disks, though with an SSD drive the feature is
less relevant as TRIM / garbage collection should handle the file
removal on it’s own. For SSD volumes, a better option is to
enable and use FileVault disk encryption on the Mac,
which encrypts data on the drive making it unrecoverable without the
FileVault key, thus obviating the need to securely erase free space on
the volume.
Know of any other helpful secure data removal tips or tricks, or
another way to securely erase your free disk space in modern versions of
Mac OS X? Let us know in the comments.
Source Url and Image:
How to Secure Erase Free Space on Mac Drives with OS X El Capitan