Wipe Free Disk Space free download - Disk Inventory X, Acronis Disk Director Home, ShowSize Disk Space Analyzer, and many more programs. From Start to Finish.it takes time.You can free up a lot of space on your Mac by deleting the Other Folder on your hard drive.Just Follow the Ste.
Click here to return to the 'Erase free disk space from the command line' hint |
Wouldn't you be much better off using /dev/random instead?
'Wouldn't you be much better off using /dev/random instead?'
No, that would actually be terrible. First of all, you shouldn't fill the boot disk of a running machine because it will cause problems, so the hint is a bad idea anyway. However, if you are anxious to do bad stuff like fill your root drive, then you definitely shouldn't do it from /dev/random, because /dev/random requires vastly more CPU power to generate data for than /dev/zero does. If would take few hours to fill a drive from /dev/zero, but it could take a few weeks to fill it from /dev/random.
Also, I don't know if Mac OS X does this, but Linux will sometimes block on reads from /dev/random while it waits for more genuinely random input from the outside world (say mouse movements, or network traffic rates or some such). (This used to cause 'depleted entropy pool' problems for ssl and ssh on linux. Sorry for the 'in my day' storry, but I remember when I used to use linux to generate SSH keys and I would have to wiggle my mouse around a lot in order to generate ssh keys in a reasonable amount of time. :-)
Yes, I remember when I setup a FreeBSD server ~5 years ago, I got the standard generating key message you would normally get, then something odd telling me to 'wiggle my mouse or hit keys on the keyboard'. You feel like an idiot standing at a console in the server room, 'wiggling the mouse', and banging on the keyboard, with other admins* walking around asking you if you have gone insane.
Its funny now, not so much back then.
* They were Windows admins, I was the *nix admin at that time.
Erase Free Space Mac High Sierra
Firstly one does not run this as root. run this as a normal user. The system reserves some space for the root user, and this way you will not run out of disk space for critical system. (At least I know this to be true for reiser, ext3 and ext2 filesystems on Linux.
Secondly, anyone paranoid enough to want to do it should never use /dev/zero (Not even when doing it multiple times) since you can still get the data using forensic techniques. Even if you do this multiple times... some drives with advances caching may not even do the successive writes on a very low level (even with only a small sized disk-cache).
Lastly, yes, /dev/random is more cpu intensive... as for a lot more? No it does not:
I did:
(cat /dev/zero > zero &) ; (cat /dev/random > random &) ; sleep 20 ; killall cat ; ls -l zero random
And it showed:
joseki:~ marius$ ls -la random zero
-rw-r--r-- 1 marius staff 222302208 Apr 24 12:27 random
-rw-r--r-- 1 marius staff 666898432 Apr 24 12:27 zero
So, yes, I would suggest using random... a good system-wide anti-entropic engine should be pretty efficient.
As UNIX SysAdmin, I don't think this makes any sense at all.
First, filling up your drive is a very bad idea, as Rob points out. Many services will stop functioning or exhibit odd behavior.
Secondly, I'm not quite sure what you're trying to do here? Make sure any unused sectors are zero'd out? I'm guessing you're using secure delete already anyways. This just doesn't make any sense. Do you work for the NSA? Didn't think so. You don't need to 'zero' your unused disk space.
P.S. - This '35 pass delete' stuff is B.S. The only way to recover data from a HD after 3 passes is with a team of people and highly specialized hardware. Sorry everybody, but my guess is that your data is not that important. Save your hard drive life and stop using 35-pass deletes. If you have sensitive data, encrypt it using a strong passphrase and you'll be much better off.
---
Nem W. Schlecht
http://geekmuse.net/
Not only is this not a good idea, it doesn't entirely work as advertised. Realize that changes to files are often not written to disk immediately. Instead, they are held in memory (cached) and queued for writing to disk. So, when your cat command dies due to insufficient space, it's likely that some of the writes have not completed. When the file is removed, those writes can be deleted from the queue of pending writes. Consequently, some of the disk blocks will never be overwritten.
Also, many filesystems limit the amount of disk that a regular user (i.e. not root) can write to. For instance, UFS reserves 10% of a filesystem (by default, can be set with tunefs minfree option) for root. This would mean that the above command would fail after writing to 90% of the disk, not 100% (leaving 10% unwritten). Unfortunately, I'm not familiar with the implementation of HFS+, so I can't comment on whether it has similar behavior.
'Do you work for the NSA? Didn't think so. You don't need to 'zero' your unused disk space.'
I'm guessing you know the things I'm about to say already and just didn't think about them when you wrote this, but using secure erase means that Finder is configured to do secure erase when it empties the trash. It has no impact on, say Quicken's temporary files in /tmp . File in /tmp are also outside of the user's FileVault (assuming this person is using FileVault). There have also been multiple cases where people have suffered identity theft after their financial information was lifted from old drives despite the fact that it had already been (insecurely) deleted on the old drive.
With that said, FileVault, secure erase, and encrypted VM will cover the vast majority of people's needs. In fact, simple lack of familiarity with HFS+ on the part of thieves will cover a lot. Nonetheless, there are legitimate cases for a non-FBI-employee to want to erase the blank space on a root drive.
some of us do. given, this isn't the best way to go about it, it would help prevent some data recovery.
if you want to use this method, i would recommend booting into single use mode first. (cmd-opt-s)
diskutil is the correct way to do this.
------
Disk Utility Tool
Usage: diskutil secureErase [freespace] level
MountPoint|DiskIdentifier|DeviceNode
Securely erases a disk or its freespace.
Level should be one of the following:
1 - Single-pass randomly erase the disk.
2 - US DoD 7-pass secure erase.
3 - Gutmann algorithm 35-pass secure erase.
Ownership of the affected disk is required.
Example: diskutil secureErase 2 /dev/disk2
Note: Level 2 or level 3 secure erases can take an extremely long time.
er,
diskutil secureErase freespace 1 /dev/xxx
rm
call might not complete. In a ram-tight situation (if, say, the filesystem cache were to get rather large), then a fork might fail if there's no room on the swap device for more vm. JP---
Pell
As robdew pointed out, you can do this with diskutil. A good rule of thumb is that if Disk Utility can do it, diskutil can do it.
In fact, Apple is great at letting you do anything (and more!) from the command line - for example, the 'softwareupdate' command for auto-updates.
The right method to perform this very action is part of diskutil:
diskutil secureErase freespace 1|2|3 /dev/disk#s#
(See the man page on diskutil)
Band-aids never work right. They always peal off!
But that won't work unless you have root access, right?
This command does exactly what Disk Utility does. If your computer crashes during a wipe of the free space, you will find that your hard disk space is reduced. Removing the zeroed file from /tmp (if I remember correctly) will restore the disk space. Try doing it in Disk Utility and watch your disk space shrink.
As others have pointed out, some disk space is reserved for root, and therefore the chance of a crash is minute.
Thanks, robdew, for pointing out the secureErase option of diskutil. Some how I missed that. It does exactly the same thing.
...if you're concerned about running the aforementioned 'erase free space' operation on a 'live' filesystem, you may want to shut down your system and reboot with your OSX install disc and run Disk Utility from there instead.
Or, (in keeping with the spirit of the original hint of using the cmd-line) reboot with your OSX install disc into Single User mode (documented elsewhere) then use the diskutil tip mentioned earlier.
Get the name of your disk (probably /dev/disk0s2) and type the diskutil command to erase free space which is:
diskutil secureErase freespace 1 /dev/disk0s2
That will erase your free space with random numbers. See the list of options below:
Level should be one of the following: 0 - Single-pass zeros.
1 - Single-pass random numbers.
2 - US DoD 7-pass secure erase.
3 - Gutmann algorithm 35-pass secure erase.
4 - US DoE 3-pass secure erase.
If you’re selling an old Mac with a hard drive, a spare hard drive, or you’re just quite paranoid about your deleted data, you’re either familiar with—or should be familiar with—the Erase Free Space button on the Erase tab in Disk Utility (found in your Applications -> Utilities folder).
Editor’s note: This Terminal tip originally ran in March 2009 and is only useful for mechanical hard drives and not the SSDs found in newer Macs.
When you click this button, you’re presented with three options for securely erasing the free space on your hard drive: write over the free space with zeros (fast and relatively safe), write over the free space three times (more secure, very slow), or write over the free space seven times (extremely slow).
This feature cane used whenever selling an old machine with a hard drive. Format the drive and install a fresh copy of macOS, then use Disk Utility to erase the free space (typically the one-time write-with-zeros option). This gives me a good sense of security, as it would take a team of dedicated professionals, and possibly special hardware, to have some chance of recovering any of my deleted data.
Use Terminal to securely erase a drive
What if you want to do this from Terminal instead? In Terminal, a program named diskutil
provides most of the features of macOS’s Disk Utility.
(Please note that, as with many Terminal commands, there’s a chance of Really Bad Things happening if you make a mistake with the following instructions. Proceed with caution, and make sure your backups are current before you try any of the following.)
To find out about diskutil
in detail, type man diskutil
at the Terminal prompt. Within the man
pages, you’ll find the explanation for how to securely erase a disk’s free space using diskutil
:
Clean Free Space Mac
But how do you figure out what to list for device
, which is the disk (or partition) that has the free space you’re trying to securely erase? diskutil
can provide that information, too. Just use diskutil list
to see a list of all drives and partitions. On the far right, you’ll see an IDENTIFIER
column; that column contains the identifier that diskutil
needs. Here’s an example of the list
output on my machine:
Wipe Free Space Mac Ssd
IDG
There’s just one last bit of information you need to know to erase the free space on a hard drive from the command line. In Unix, all devices appear as part of the file system tree, and in macOS, they’re all listed in the /dev
directory. So if I want to use diskutil
to erase the free space on my Apple_HFS Untitled
volume on my external drive, using the single-pass method, the final command would look like this:
diskutil secureErase freespace 1 /dev/disk2s1
Warning! It’s critically important that you include the freespace
portion of that command. If you don’t, diskutil
will happily start securely erasing the entire disk, instead of just the free space! Yes, that’s a Really Bad Thing, especially because it will be securely erased, meaning there’s no chance you’ll be able to recover the data.