Sun Knudsen
In this episode, we explore if “Erase All Content and Settings” actually wipes user data on macOS.
==============================
LINKS
==============================
Apple Platform Security 👉
Twitter (please follow @superbacked) 👉 https://twitter.com/superbacked
Superbacked (join waiting list) 👉 https://superbacked.com/
==============================
SUPPORT
==============================
Support my research 👉 https://sunknudsen.com/donate
What if hard drive was encrypted by filevalut?
You are an inspiration
So Intel Macs do not work this way even though they have File Vault?
It saddens me that you don't understand, or at least are not articulating, secure erase "in the olden days". The reason for multiple passes came down to the accuracy and strength of the bit placement on the magnetic surface of the disk. The original bit could hypothetically could be determined through the use of a magnetic force microscope.
Think of it like graph paper, where each square on the graph is a bit, also assume the erased area is "perfect" for this example. When you fill in or erase a square on the graph paper, you might over or under fill/erase the square leaving behind remnants (again assume the area that was filled in, or erased, was "perfect", but not the start and end positions). Multiple passes would attempt to "assure" that no remnants are left behind, because each pass the start position might be slightly different resulting in different areas of coverage. Since reality is never perfect, there is also the factor of the strength, which I left out in my example.
As disk drive write performance improved over the years, 1 pass is usually enough, 3 passes if you think you need it. 7 passes typically have been associated with government standards for handling secure data erasure. Of course the only true method for securely destroying the information is physically destroying the drive.
Because of wear leveling in SSD designs, data "evaporation" is a thing. Depending on the size of the SSD, a deleted file will eventually be overwritten anywhere from 10 minutes to a few hours. "Evaporation" has been mentioned and demonstrated at multiple defcon conferences over the years, which can be viewed on YouTube. As disk encryption by default becomes the norm, the fastest way to delete data on the encrypted drive is just to delete it's header with the keys, as you mentioned in this video.
????????? What
ᑭяỖmo𝓼𝐦 😇
Instead of buying mac we can use on tails. My question is can we just spin up vm, do stuff ans destroy that vm?
that's exactly how I thought it would work, but I didn't know that for a fact, also an appimage release is really useful.
Erasing data securely on different operating systems is an important and interesting topic and one i feel like isnt talked about enough.
I was reading the Hitchhikers Guide to Anonymity and they went over the limitations on MacOS in great detail. I would recommend folks take a look.
Also, semi-related. I have two apple devices that are M1 and now M2. I recently found out tails doesnt run on Silicon Macs and am looking for an alternative if anyone has one.
Thanks for sharing the supporting link!! This just saved me time at work for an audit lol
On Linux you can create a Luks encrypted volume on a ssd and store the detached header on a HDD, then to securely erase the data simply use the shred command to destroy the header
awesome video. when are you doing an updated firefox settings video since we are in the 100's now? What do you think about Orion Browser? Is this the same for the iphone too with erase all content and settings?
Sun, I have feedback on how you handle your generally useful content to your new business. My suggestion is to do as many content creators do: Use 5 seconds at the start to say the video is sponsored by your business, make the content 100% unrelated to your business and in the end, you explain why this content is also useful to your costumers. It would look a lot better, as the channel keeps true to its values and people not interested in being your customer have the choice to stop watching at the very end without missing useful content. Also youtube algorithm knows ads are in the end and count a "view" when people stop to skip the "ad".
I don't know how easy it is be or if it fits onto your channel, but it would be really cool to have a video about the Secure Enclave which goes into technical depth but doesn't require one to study electrical engineering
I know how a TPM works and it would be nice to see where the Secure Enclave differs and who produces the chips
Hm… Maybe, just maybe, you actually need to stop guessing and actually learn UNIX and filesystems. From someone who been building macs and spent 20 years building enterprise storage servers
Hey Sun so I got a new mac, set it up etc, than decided to buy a VPN router and make sure the mac never touches my real IP, then I erased everything, and in the setup process when they give you a list of countries to pick, they suggested my real location at the top, does this mean, apple has stored my first IP and it knows its connected to this hardware, should I be concerned?
Very Exciting!!!!! Thank You!!!
Welcome back mate
Hi Sun. One question I have is does the drive always have a single key (k) or can that key change (not just k*) AND if (k) can't change is it always the key provided by Apple?
Such an insightful video! Thank you so much for the research you do and for the time you take for the illustrations! It really helps me to get a grasp of the subject! 🙂
Oh no your glasses 🙁 BTW, love the thumbnail!
It would be nice to have an updated video on What The Best Browser
Hi Sun! Great content as always, any news about Brave Browser?
I'm glad you're back Sun!