About zeroing data
The information on your hard disk is written in just zeros and ones, known as binary. A special type of file on the disk, called a directory, indicates which groupings of binary digits constitute files. If you erase a disk by doing a quick initialization, the disk's directory is emptied. This is analogous to removing the table of contents from a book but leaving all the other pages intact. Since the system can no longer identify the files in the absence of this table of contents, it ignores them, overwriting them on an ongoing basis as if they were not there. This means that any file on that disk remains in a potentially recoverable state until you fill the disk with new data. You may notice that the Finder references "available" space, not "empty" space. This can help to remind you that a disk is only truly empty when you deliberately make it that way.
The "Zero all data" option is one way to do that. Zeroing data takes the erasure process to the next level by converting all binary in the empty portion of the disk to zeros, a state that might be described as digitally blank. This significantly decreases the chance that anyone who obtains your hard drive after it has been initialized will be able to recover your files. It is good to do this at least once before selling or disposing of a computer or hard drive. For greater security, zero all data two or more times. For high security applications, consider having the hard drive destroyed by a professional hard drive disposal service.
Zeroing all data takes longer than a normal disk initialization, up to several hours for a large hard drive, so you should plan accordingly.
Availability of zero all data feature
- For Mac OS X, zeroing is available in version 10.2.3 or later.
- The zero all data option should work with any hard drive originally shipped from Apple as part of a Mac OS X-compatible computer.
- Zero all data only works for whole disks. If you have partitioned, you cannot zero an individual partition.
- This option may or may not work with third-party hard drives.
Note: When zero all data is not available for your disk, the Options button referenced in the steps below will be dimmed.
When zero all data is not available
If for any reason you cannot zero all data, a method for achieving the same measure of security is to initialize the disk, fill it completely with non-sensitive information (to overwrite the files), then initialize the disk again. You may also locate third-party disk management software that performs a similar function.
Cannot zero the startup disk
You cannot erase the startup disk. To zero what is normally the startup disk, start up from a Mac OS X 10.2.3 or later CD, or from a second hard drive.
Note: This refers to a full Mac OS X 10.2.3 or later CD included with a computer, not to the update-only 10.2.3 CD.
If you do not have access to an appropriate CD or to another hard drive, there are other alternatives. If you have a Mac OS 9 CD with a System Folder and a computer that can start up from it, you may use Drive Setup on that CD. When in Drive Setup, choose Functions > Initialization Options to locate the zero all data option. If the computer to be erased can go into target disk mode, you may connect it in that state to another computer and zero it as a non-startup drive.
Steps for zeroing data
These steps assume you have a Mac OS X 10.2.3 or later CD:
- 1. Insert the Mac OS X CD.
2. Restart the computer.
3. Immediately after the startup sound, press and hold the "C" key to start up from CD.
4. When the Installer screen appears, do not click Continue. Instead, choose Installer > Open Disk Utilities.
5. Select the hard drive to erase.
6. Click the Erase tab.
7. Select the volume format from the Volume Format pop-up menu.
8. Click Options.
9. Select the checkbox for "Zero all data".
10. Click OK.
11. Click Erase.
If you have a general interest in securing erased files, you should also consider that files you delete when emptying the Trash persist in the same manner as those on an erased-but-not-zeroed disk, until they are overwritten. If you need a higher level of security for these erased files, look for third-party disk management software that overwrites or randomizes the "available" portion of your disk on an ongoing basis.
Another option is to store data on an encrypted disk image. To learn more, see technical document 107332, "Mac OS X: About Encrypted Disk Images".
Mac OS X 10.3 feature - Secure Empty Trash
You can securely empty the Trash in Mac OS X Panther. While in the Finder, from the File menu choose Secure Empty Trash.
Note: When you securely empty the Trash, the deleted data cannot be recovered by disk utilities. You should only do this if you have a backup or you are sure you will never need the data again.