Erase/wipe free space using Mac OS X

When deleting a file, most operating systems just delete the reference to this file, not its actual content. For illustration, that’s like removing a chapter from a book’s table of contents without actually removing (and shredding) the according pages in the book.

So, in order to really (securely) delete a file on a hard disk, there are basically two methods (simplified; from a technical point of view it’s both the same):

  • Overwrite the file content (i.e. its clusters) with random data
  • Delete the file as usual, empty the trash and overwrite the whole free space on the according hard disk with random data

For the second method, here’s how to do it using Mac OS X:

  1. Delete the file(s) and empty the trash
  2. Find out the device name of the according hard disk by opening a new ‘Terminal’ window and executing the “df” command. For example, for a RAID 1 disk, the path of the disk might be something like “/dev/disk2″
  3. In the opened ‘Terminal’ window, execute:
    diskutil secureErase freespace 1 /dev/disk2
    where “1″ stands for “single-pass random-fill erase” and “/dev/disk2″ is the disk device  (adjust this to match your disk). When prompted, enter the admin’s credentials.

Note that overwriting free space like this takes quite some time depending on the amount of free space there is and how many passes you need (e.g. use “2″ for a US DoD 7-pass secure erase or “3″ for a Gutmann 35-pass secure erase). For more information about diskutil and its options, see “man diskutils”.

3 thoughts on “Erase/wipe free space using Mac OS X

  1. Okay, I know this was a while ago, but I’m hoping I might get some help anyway. I’ve looked all over the place, but I think it’s too simple of a problem to just find the solution easily. I understand the concept of erasing/wiping/shredding/etc. I’ve also read through “man df” and “man diskutil” to make sure I understand that much better. But how do I know which device to run the command line on? There’s “/dev/disk1″ and “/dev/disk2″, but I wasn’t absolutely certain on which one to use for all the stuff that’s normally just been sent to the trash then emptied… Any advice would be much appreciated, thanks.

    • You can also do this in disk utility (10.6 onward and maybe previous versions also). Select the drive, choose ‘erase’tab, choose ‘erase free space’.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>