![r/applehelp icon](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="256" height="256"><rect fill-opacity="0"/></svg>){kind=small}
[deleted]
How secure is “erase all content and settings” on MaC OS?
Unsolved
I love they added this feature to Mac OS!
My question is, how secure is this erase? Could anyone recover sensitive data from the hard drive after taking this step?
I’m looking to sell my Mac soon and want to ensure this will be a secure erase.
Sort by:
Best
Open comment sort options
Comments Section
macOS 12 Monterey SSDs are encrypted from the factory and remain so forever, regardless of whether you turn on FileVault. So all "erase all content and settings" even does is wipe out the encryption keys, which renders the entire drive completely unreadable, unrecoverable gibberish. The drive is actually separated into a System volume and a Data volume and then they use something freaky called firmlinks, which are sort of like symlinks except they are specifically the invention of Apple and used on an APFS drive, and what they do is create two-directional links between, say, the folder at /Applications and the one at /System/Applications, with all of Apple apps in /System/Applications and anything you installed yourself in /Applications, and thanks to all these firmlinks, everything appears to be a single disk, and the two folders contents are seamlessly combined. So when you “erase all content and settings” everything becomes unreadable 1s and 0s, EXCEPT for the system volume, which has a separate key and is not affected at all.
In the end, you simply end up with a machine identical in every meaningful sense to a brand new one.
This is the exact same scheme that has been in use on iOS devices for a long time now, and I have never seen anything anywhere even remotely suggesting anyone has found any way to get back any of that data after the key is cleared. It could possibly be cracked with brute force password guessing done by some supercomputer, assuming that the Apple ID used was also known, but iOS is designed to not alow more t han a certain number of wrong guesses in a timespan before it forces you to wait before trying again, and each delay gets longer and longer, so there really just is no practical way to try that many passwords without requiring centuries or however long that sort of thing would take at that reduced pace.
I havent come across any place in macOS with a way to limit the number of failed login attempts like that, so it might be easier to brute force a Mac than an iOS device, but regardless it would be beyond the reach of anyone to do that without massive FBI/NSA type resources.
So I really do not think you have anything to worry about.
Then again, you could always just boot into Recovery, go to Disk Utility, and erase it there and specifically choose secure erase, which should let you pick how many passes it should go back over each sector writing random 1s and 0s so that there cant possibly by any recoverable data to be examined at all. But given how encryption works, that would just be a waste of time. Merely getting rid of the key renders everything completely worthless
--Pete
Wonderful, thank you so much. You’re incredibly knowledgeable!
You mentioned all Mac OS 12 Monterey SSDs. Is there a way to confirm this is what I have in the computer? I’m wondering when Apple began using these in particular.
Hi. Sorry to revive an old thread, but you seem to know a lot about this stuff. I wanted to know about security but in the opposite direction. If I purchase a used Mac and perform this erase all thing, should I be at all worried about malware of any kind?
Thanks a lot, I've been searching for this kind of detailed answer!