SSDs are strange beasts.
There are a couple of weird things going on with an SSD that are completely non-intuitive and unlike any other form of storage, that really make things muddy when it comes to secure erasing and recovery of erased information.
First, SSDs are bizarre in that writing to them is a long, cumbersome process. You can only write information to an SSD if you first actually erase (set to zero) all the blocks you're writing. Unlike with a hard drive, writing to an SSD means locating the blocks where you want to write information, then writing zeros into all those blocks, then writing the information you intend to record.
And that's not the half of it.
You can only erase those blocks in large pages. If you want to write just one bit, you have to erase the entire page it's stored in, then rewrite the whole page--all the information that used to be in it, plus the one new bit you're storing.
So that means writing means: Locating the blocks where you want to do the write, reading the entire page (all the information stored anywhere near those blocks), erasing the entire page, then re-writing the entire page.
What TRIM does is it tells the drive "No need to read and save the stuff in this particular page." If you delete a file, the drive doesn't know it's deleted, so when it writes information, it reads the page that was already there (the file that has been deleted), then erases the page, then writes the file that was deleted along with the new information you're saving.
If you delete a file and then send a TRIM command, the drive knows the file is deleted. So when you write new information, it just erases the page and writes the new information. It doesn't read the page, then erase the page, then write the old stuff that was in the page plus the new information.
That matters because if you TRIM the whole drive, then write random information to it, the SSD erases the whole drive and writes the random information. That wipes out everything, no getting it back. There's no need to do multipass writes.
The other thing that makes is weird is that unlike hard drives, SSDs store information scattered all across the surface of the drive. All files are fragmented and may continue to be fragmented however they are written. The computer has no idea where, physically, the information is on the drive; only the drive knows that.
This is done deliberately. An SSD can only be written to a certain number of times. Each time you write a cell, you damage that cell. After a certain number of writes, that cell is destroyed.
So the SSD does "wear leveling." That is, it scatters information across the cells to prevent you from repeatedly writing the same cell again and again.
Say you have a 256-GB SSD that has 10 GB of data on it. If you keep rewriting that 10 GB over and over, the first 10 GB of cells will wear out, but the rest of the drive is untouched.
You don't want that. So as you write that same 10 GB over and over, the SSD keeps a map of how many times the cells have been written, and it moves information all over the surface of the drive. If you delete a file and re-save it and delete it and re-save it on a normal hard drive, it writes to the same spot on the drive again and again. On an SSD, it is constantly moved, so that all the cells wear evenly.
When you combine those two things--you have to erase a whole page at a time to write information, and the drive is constantly changing the cells the files are stored in--it makes recovering information from an SSD a nightmare.
Yes, it can (in theory) be done, as long as the pages haven't been erased (as far as I know, once a page is erased, that's it--there's nothing that can recover it, because unlike a magnetic drive, it doesn't leave behind a magnetic "trace"), but the fact that the SSD constantly scatters contents all over the cells in a way that looks random to anything but the SSD's controller really complicates things.
Of course, if it's a concern, OS X now includes built-in full drive encryption, and it's lightning fast. If you turn it on, it rewrites every file with an encrypted version. And TRIm means the pages that the old, plaintext files were stored on are wiped without being rewritten as the new encrypted files are written, so that makes life difficult even for a nation-state actor.
One of the things we learned from the big Wikileaks CIA dump is even nation-state actors like the CIA and FBI are stymied by Apple hardware if they can't plant malicious software on the computer while it's running.
