I just noticed that today's
Dilbert is quasi on point:
"When you delete software, where do all the zeroes and ones go?"
The
bit bucket of course
— at least that was what we used to say back in the 60s and 70s.
Nothing tricky. Checking through the possible subroutines for Disk (or Drive) Setup (on the Mac OS 9 Install CD) I found the option to initialize the entire drive; so I choose it and actually ran it twice.
Back in the
pre-IDE (Integrated Drive Electronics) / ATA (Advanced Technology Attachment) days
Initializing a drive included low level disk formatting such as writing sector boundaries on the drive media as well as creating an empty directory structure on the drive.
With the advent of IDE/ATA that low level formatting became the responsibility of the IDE and Initializing a drive was reduced to creating a partition table/map and an empty volume file directory the assumption being the low level formatting has already been taken care of by the IDE.
Today
erasing a
drive implies rewriting the drive partition table and creating an empty file directory for the
volume on the drive.
Erasing a
volume creates an empty file directory for that
volume.
In none of these cases is the data actually erased or overwritten, the only thing changed is the Directory or the Directory and partition table. Therefore it is possible, with some effort, to recover files from a drive or volume that has been initialized or erased. In fact that is how the various file recovery apps that were so popular some years ago were able to recover any files.
The
Secure Erase option for a drive/volume/file works by overwriting the physical storage location with all zeros or all ones or a combination of those one or more times. With a good enough lab, sensitive equipment, time, skill, and money it is possible to read
ghost images of previous magnetic impressions on rotating media. Generally a 7x overwrite is considered secure enough erasure for all but the most critical security data. For the most sensitive material the requirements call for
mechanically reducing the media to the consistency of course sand.
Solid State media is another bag of worms and when you add to that APFS formatting, reconstructing the data becomes far more complex. If on top of that the volume was encrypted it is arguably as secure as magnetic media that has been securely erased, even at the maximum number of overwrites.
The level of security you are comfortable with is entirely a personal decision — unless the data belongs to another person/company/institution/government entity. As for me, I have no paranoid tendencies and probably what I do is overkill, but my drives are formatted APFS (Encrypted) or MacOS Extended (Journaled, Encrypted) and as much as possible/practicable my internet communications are end to end encrypted, I regularly use a VPN and sometimes even TOR browser and routing. Frankly I am surprised to find myself at this level of security, but it has evolved over time and one at a time, and so far any performance impact has been unnoticeable, even on my five year old Mac mini.
