OS X Disk Utility missing options to erase free disk space

Erasing free disk space is an easy (albeit not quick) way to help prevent the recovery of files you have erased from your system. Conventionally when files are deleted from storage device, the system only removes their entries from the file system's directory, thereby flagging blocks containing the data as being free to use. While this offers a quick way to delete files from the drive, the data is technically still intact on disk and thereby leaves open the possibility for recovery using special software.

To prevent this from happening, one option that Apple has offered in OS X is to erase the free disk space using Disk Utility. This option writes zeros to the unused portions of the drive and overwrites any previously deleted files.

This option makes it nearly impossible for the drive's heads to be used for reading any residual magnetism patterns and recover files. Instead, any remote possibility of data recovery would require dissection of the drive and the use of specialized equipment that can detect residual magnetism.

Even with using specialized equipment, such a procedure would only increase the slim possibility of data recovery, so using Disk Utility to erase free space does have its security benefits; however, if you have purchased a new Mac system or upgraded your hard drive, then you may find Disk Utility no longer offers this as an option.

If you find this is the case with your system, and Disk Utility only shows the Erase Free Space option as being grayed out, then it is likely the reason is because your Mac is using an SSD as its primary storage device.

Solid-state technology has the benefit of being exceptionally fast; however, the storage blocks in the NAND memory chips have a finite number of write operations that can be performed before they will no longer hold data reliably. To combat this problem, SSD manufacturers implement techniques called "wear leveling," which distribute write operations through the available memory chips and extend the life of the drive by ensuring they all get used evenly.

If you were to erase the free disk space on an SSD, you would force the system to unnecessarily write not only to locations where data previously was stored, but also to fresh locations on the drive that have not yet been used. Overall this would just wear out the SSD faster and result in a premature degradation of the drive's performance.

In addition, such an operation might cause your system to no longer work properly. On some SSD drives, once data is written the system will need to perform operations to free it. These procedure can take a little longer than both the read and the write operations themselves, and in the mean time the drive might report to the system that it no longer has any space available to store data, which can result in your system booting slowly or not being able to boot at all.

To avoid these problems and to keep your SSD as fresh as possible for the long term, Apple has disabled Disk Utility's secure erase option for some SSD devices.

Keep in mind that this only affects internal SSDs, and may only be the case for certain SSD devices (particularly those made by Apple). Therefore, if you have a special SSD setup on your system, then the option to erase free space might still be available. However, you would benefit from avoiding it.

Furthermore, even if the system prevents you from using the erase free disk space feature, the Finder's Secure Erase option that overwrites deleted files with random data may still be available. However, as with the option to erase free space, it may be best to avoid this feature because the multiple writes it performs will reduce your SSD's lifetime.

If you wish to keep files secure on your SSD device, then the best option to use is encryption. With encryption, the system keeps the data scrambled unless a proper password or decryption key is provided, so to securely delete files you just need to delete the decryption keys or password to access them, and for all intents and purposes the files will be irrecoverably deleted.

Apple provides two options for encrypting files in OS X. The first is to use the whole-disk FileVault technology, and the second is to use disk images as encrypted wrappers to house subsets of files instead of encrypting everything.

Questions? Comments? Have a fix? Post them below or e-mail us!
Be sure to check us out on Twitter and the CNET Mac forums.