Does “Erase All Content and Settings” actually wipe user data on macOS?
ฝัง
- เผยแพร่เมื่อ 22 ส.ค. 2024
- In this episode, we explore if “Erase All Content and Settings” actually wipes user data on macOS.
==============================
LINKS
==============================
Apple Platform Security 👉 www.apple.com/...
Twitter (please follow @superbacked) 👉 / superbacked
Superbacked (join waiting list) 👉 superbacked.com/
==============================
SUPPORT
==============================
Support this channel 👉 sunknudsen.com...
![[TH] 2024 PMSL SEA W2D2 | Fall | เครื่องร้อน พร้อมลุย](http://i.ytimg.com/vi/JO2_bLow_1Y/mqdefault.jpg)
I'm glad you're back Sun!
Pumped to be back!
Such an insightful video! Thank you so much for the research you do and for the time you take for the illustrations! It really helps me to get a grasp of the subject! :)
Pleasure! Glad content is helpful.
It saddens me that you don't understand, or at least are not articulating, secure erase "in the olden days". The reason for multiple passes came down to the accuracy and strength of the bit placement on the magnetic surface of the disk. The original bit could hypothetically could be determined through the use of a magnetic force microscope.
Think of it like graph paper, where each square on the graph is a bit, also assume the erased area is "perfect" for this example. When you fill in or erase a square on the graph paper, you might over or under fill/erase the square leaving behind remnants (again assume the area that was filled in, or erased, was "perfect", but not the start and end positions). Multiple passes would attempt to "assure" that no remnants are left behind, because each pass the start position might be slightly different resulting in different areas of coverage. Since reality is never perfect, there is also the factor of the strength, which I left out in my example.
As disk drive write performance improved over the years, 1 pass is usually enough, 3 passes if you think you need it. 7 passes typically have been associated with government standards for handling secure data erasure. Of course the only true method for securely destroying the information is physically destroying the drive.
Because of wear leveling in SSD designs, data "evaporation" is a thing. Depending on the size of the SSD, a deleted file will eventually be overwritten anywhere from 10 minutes to a few hours. "Evaporation" has been mentioned and demonstrated at multiple defcon conferences over the years, which can be viewed on TH-cam. As disk encryption by default becomes the norm, the fastest way to delete data on the encrypted drive is just to delete it's header with the keys, as you mentioned in this video.
Welcome back mate
I don't know how easy it is be or if it fits onto your channel, but it would be really cool to have a video about the Secure Enclave which goes into technical depth but doesn't require one to study electrical engineering
I know how a TPM works and it would be nice to see where the Secure Enclave differs and who produces the chips
I've saw some details in the past. You can search for "macOS secure boot" and those talks usually mention the secure enclave a lot. There are talks from actual apple employees explaining the cat and mouse game to secure boot in a way that the OS cannot be tampered with, not even by devices with the more privileged of plug and play classes. The same engineers have talks on secure enclave, IIRC
that's exactly how I thought it would work, but I didn't know that for a fact, also an appimage release is really useful.
Thanks for sharing the supporting link!! This just saved me time at work for an audit lol
It would be nice to have an updated video on What The Best Browser
I agree! Still use Firefox btw, but use a programmatic way of configuring it for privacy and security.
@@sunknudsen The video you have available about Firefox is still valid or it needs a few minor changes??
@@baylander1945 good question! Waiting for the answer
Firefox episode is still valid but there are easier ways to configure things now using user.js. See github.com/arkenfox/user.js/ which inspired config I use now.
@@sunknudsen I would to see a review of Brave Browser, but only after you spend sometime using it
Hi Sun! Great content as always, any news about Brave Browser?
Hey Alessandro, have an episode on the backlog about browser fingerprinting that involves Brave. That said, still use Firefox.
@@sunknudsen Thanks so much for your answer, have a nice one!
awesome video. when are you doing an updated firefox settings video since we are in the 100's now? What do you think about Orion Browser? Is this the same for the iphone too with erase all content and settings?
Very Exciting!!!!! Thank You!!!
Hi Sun. One question I have is does the drive always have a single key (k) or can that key change (not just k*) AND if (k) can't change is it always the key provided by Apple?
My understanding is that “k” is set when encrypted APFS volume is created… and one cannot change key (which is essentially a 256-bit AES key wrapped by “k*”).
@@sunknudsen AFAIK "k" is a random generated value at first. Then "k" is stored encrypted by the hardware UUID. When you change your password and enable filevault it reads "k", and stores it encrypted by more keys (the old copy is destroyed, k is the same but it is now encrypted differently). Lastly, when you secure erase is when "k" is randomly generated again and no copies of the old one are left. In that sense you can change "k". I mean, Sun knows more than I do, but reading the reply I thought a more step by step explanation could help. In addition, I would expect "k" is never on RAM. It is probably only held in the secure enclave memory and on the dedicated encryption/decryption silicon on apples processors. On intel macs it used to be on the T1 or T2 chips. I didn't read all the documentation, I am quoting from podcasts and tech talks I watched, so take it with a grain of salt.
@@sunknudsen Thanks Sun. I really appreciate that you take the time to engage with us when we have extra questions. Keep up the great work.
Sun, I have feedback on how you handle your generally useful content to your new business. My suggestion is to do as many content creators do: Use 5 seconds at the start to say the video is sponsored by your business, make the content 100% unrelated to your business and in the end, you explain why this content is also useful to your costumers. It would look a lot better, as the channel keeps true to its values and people not interested in being your customer have the choice to stop watching at the very end without missing useful content. Also youtube algorithm knows ads are in the end and count a "view" when people stop to skip the "ad".
Hey Irae, thanks for the feedback. Curious, are others unhappy with how these new episodes are structured?
@@sunknudsen Love your content. I think the current implementation of the your business mentions is too seamless, it catches the viewer off guard and is confusing. I'd play with a clearer partition between the two using a transitional statement and a title frame. Ex. "Now I'd like to tell you how SuperBacked can help make your iPad even more secure, etc...
On Linux you can create a Luks encrypted volume on a ssd and store the detached header on a HDD, then to securely erase the data simply use the shred command to destroy the header
Thanks for sharing Oliver! I was actually thinking about publishing episode on the topic. That said, niche use case isn’t it? Man I love Linux.
On Windows the drive is encrypted using the TPM so if you clear the TPM then the data is cleared and only recoverable if you created a backup key.
@@sunknudsen please cover Linux.
Oh no your glasses :( BTW, love the thumbnail!
So Intel Macs do not work this way even though they have File Vault?
Perhaps Intel Macs with T2 chips have effaceable storage… see support.apple.com/en-ca/guide/security/sece8608431d/web. That is what one needs to crypto-shred encrypted drive… File Vault on its own does not solve that problem.
Erasing data securely on different operating systems is an important and interesting topic and one i feel like isnt talked about enough.
I was reading the Hitchhikers Guide to Anonymity and they went over the limitations on MacOS in great detail. I would recommend folks take a look.
Also, semi-related. I have two apple devices that are M1 and now M2. I recently found out tails doesnt run on Silicon Macs and am looking for an alternative if anyone has one.
Does that mean an SSD is not suitable for use with Time Machine? Would an HDD be a better option because SSDs have a limited rewrite memory lifespan?
You are an inspiration
Hey Sun so I got a new mac, set it up etc, than decided to buy a VPN router and make sure the mac never touches my real IP, then I erased everything, and in the setup process when they give you a list of countries to pick, they suggested my real location at the top, does this mean, apple has stored my first IP and it knows its connected to this hardware, should I be concerned?
to be clear I first set it up with local internet, than erased everything and the second time set it up with VPN. But also whats interesting is that when I erased it it did not ask me to redownload the mac software, I actually wiped it two times, the first time it had to download a huge file, second time, nothing, just erased it and it was ready to be used again
My guesses here: There are many ways to know your location and it does not mean your privacy was breached necessarily. I would assume you bought the computer in the same country you are using it on. So the serial number can be used by apple to suggest your location if you are over VPN. Also, they can triangulate wifi signals by UUID, this was done as a pseudo GPS on iPads in the past. This would mean your location was inferred by Apple's servers, and could potentially be stored and associated with your hardware IDs. Lastly, it can be that the recovery partition had the original location stored somehow. There are many other methods and if you are on the US it might just be their software default after all, even with zero location information. [edit] forgot to mention, your VPN outlet can be on the same country for performance reasons. It is the default, unless you configured otherwise.
@@IraeCarvalho Thanks for the reply. So actually the laptop was imported from a different country, by an individual who sold it to me, the keyboard is even of that country. When it comes to wifi, that makes sense, but I also changed all my wifi names in the house before setting it up, but yea even tho neighbors are far a way they might’ve caught some of their signals and associated them. Also the vpn was set to a different country.
Not sure what to think of it? How big of a security concern do you think it is? My main worry would be that they could associate lets say an online account with the hardware that’s associated with me.
@@IraeCarvalho I think I know what happened they changed it a little so that when you click erase it doesn’t fully erase the os, it just erases the user data and you have to go and click additional things in order to fully erase, doing that now and will update in the comment if they still know my location.
What if hard drive was encrypted by filevalut?
Instead of buying mac we can use on tails. My question is can we just spin up vm, do stuff ans destroy that vm?
Hm... Maybe, just maybe, you actually need to stop guessing and actually learn UNIX and filesystems. From someone who been building macs and spent 20 years building enterprise storage servers
Can you please expand on your feedback?
????????? What
ᑭяỖmo𝓼𝐦 😇