Securely Wiping a Drive in macOS

I remember when I worked for a Cisco reseller and we went to their offices for some training.  This was before cloud sharing.  The Cisco employee would copy his presentation to a USB and they would pass it around to the entire room.  I normally sit in the back of the rooms.  There is absolutely NO WAY I would put that into my computer. Maybe now with FortiEPP but not then.

I actually carry a box of 16GB USB thumb-drives.  When someone asks me to give them a file or something that requires that USB thumb-drive to come back to me, I just tell them, “Keep It”.

To wipe the USB stick from the macOS X CLI (Command Line Interface) you will first need to find out what drive macOS sees it as.  You do not want to wipe your Hard Disk Drive or another drive.

You can do this by issuing the following command:

diskutil list

In my instance, it is /dev/disk3

The command would be:

diskutil secureErase 2 /dev/disk3

diskutil is the utility, secureErase tells the utility, 2 is the option (see below), and finally the disk number.

0 – Single-pass zeros.
1 – Single-pass random numbers.
2 – US DoD 7-pass secure erase.
3 – Gutmann algorithm 35-pass secure erase.
4 – US DoE 3-pass secure erase.

NOTE: This kind of secure erase is no longer considered safe.  Modern devices have wear-leveling, block-sparing, and possibly-persistent cache hardware, which cannot be completely erased by these commands. The modern solution for quickly and securely erasing your data is encryption. Strongly-encrypted data can be instantly “erased” by destroying (or losing) the key (password), because this renders your data irretrievable
in practical terms. Consider using APFS encryption (File-Vault).

Here we see the first pass completed and pass 2 on its way.  Since I chose 2 as the options, it would finish the 2nd pass and do five more.

Hope this helps