Is encrypting then deleting the same as securely erasing?
https://apple.stackexchange.com/questions/317409
-
19-04-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
So, recent versions of macOS no longer offer the option to Empty Trash Securely. From what I am reading here and here it seems the general consensus is that it is now best to encrypt files and then delete them.
However, if I create an encrypted disk image and move the files in there, it is using different blocks on the drive... so it does not zero out the blocks on the drive where the data was stored, and we're back where we started.
I've read comments from people saying deleted data is difficult to recover from an SSD anyway, so don't worry about it. Well even if that is true, what if you have a Fusion Drive and you don't even know which part of the drive the data in question resides in?
I'm not finding a clear answer on what the best way is to securely delete at present, which is surprising since it's a pretty common measure when transferring ownership of a computer, etc. Can someone please enlighten me:
- Is encrypting then deleting effectively the same as securely erasing?
- How can existing data be encrypted (rather than copied into an encrypted .dmg)?
Solution
To answer your question 1: You often see encryption mentioned when you speak of securely deleting the contents of a computer.
The reasoning behind this is that if you for example fully encrypt the disk drive on your computer (i.e. use the built-in File Vault encryption as an example) - then no one can access the contents of the drive without the password.
If you then encrypt the drive with a long, random password and immediately forget that password - then you have effectively deleted the data. If you don't know the password, and it is not written down anywhere - noone can access the data.
The caveats are ofcourse if your password is so bad that it can be guessed, or there's a bug in the encryption routines that makes it possible to recover data without the password.
Remember that:
(a) You must not store or remember the password anywhere
(b) You must not add a password hint or anything that makes it possible to guess the password
(c) You should throw away any recovery keys or similar, and make sure you're not storing a copy of passwords/recovery key on iCloud
(d) The password should be sufficiently strong (i.e. long and random)
To answer your question 2: If you have already stored the data unencrypted, you're out of luck. Just copying them into an encrypted image or anything like that won't replace the data on disk. Instead you'll be making an encrypted copy of your data - there's no guarantee that the disk will really delete the non-encrypted data.
