Reliably Erasing Data from Flash-Based Solid State Drives

Liam Proven lproven at gmail.com
Wed Mar 2 02:36:03 UTC 2011


On Wed, Mar 2, 2011 at 2:10 AM, NoOp <glgxg at sbcglobal.net> wrote:
> On 03/01/2011 06:49 AM, Liam Proven wrote:
>> On Tue, Mar 1, 2011 at 3:13 AM, NoOp <glgxg at sbcglobal.net> wrote:
>>> On 02/28/2011 04:43 PM, Liam Proven wrote:
>>>> On Sun, Feb 27, 2011 at 5:25 AM, Juan R. de Silva
>>> ...
>>>>> I've recently discarded an old HDD containing some data on it. Here what
>>>>> I usually do. I disassemble the device, remove its plate/s and smash them
>>>>> in pieces physically. Pliers and a hummer are very helpful. After this I
>>>>> sleep well. :-)
>>>>>
>>>>> I think this "technology" though not being very High would resolve the
>>>>> problem with any SSD or USB flash drive too. :-)
>>>>
>>>> DBAN is easier, quicker, less work and /more/ secure. Physical
>>>> destruction merely makes the data harder to recover, not impossible.
>>>>
>>>> http://www.dban.org/
>>>
>>> You might want to research that a little more. Erase an SSD with private
>>> data on it & then send it to me, or sell it on eBay. I prefer Jaun's
>>> method instead.
>>
>> Au contraire. I suggest that you do.
>>
>> SSDs can be more easily and effectively erased than magnetic media,
>> and are currently a lot more expensive and thus foolish to destroy in
>> the hopes of erasing the information.
>>
>
> So you'd rate
> http://www.usenix.org/events/fast11/tech/full_papers/Wei.pdf
> as bunk?
>
>
>> Magnetic tracks have overspill, which a skilled data-recovery lab can
>> use to reconstruct the information even after a single overwrite.
>
> I wonder if you bothered to read the article. If you did, can you please
> elaborate your trust in dban? dban states:
> "Darik's Boot and Nuke ("DBAN") is a self-contained boot disk that
> securely wipes the hard disks of most computers."
>
> The site gives no mention of resolving the issues mentioned in Wei's paper.
>
>>
>> Multiple overwrites - which is the /raison d'etre/ of DBAN - are much harder.
>
> Perhaps you missed the session/paper?
>
> But, then again, you may have also missed the multiple threads/posts on
> the Ubuntu user list regarding this and similar subjects for wiping hard
> drives.
>
> http://linux.derkeiler.com/Mailing-Lists/Ubuntu/2009-07/msg01406.html
> http://www.linux-archive.org/ubuntu-user/298469-data-shredder-4.html
> etc.
>
>>
>> TTBOMK a Flash memory cell, like any other memory, holds binary data.
>> If that data is replaced, the original is gone. No multiple passes
>> needed.
>
> And if that is the case, then why promote dban?
>
>> The only issue is any reserved capacity, so for a whole SSD,
>> you would need to fill it with random numbers in random order a few
>> times, running TRIM on it between times, then zero it.
>
> Read the pdf.
>
>>
>> I would not be surprised if Darik of DBAN fame was on the case.
>
> I would. But send him an email and ask & then report back eh?
>

I'll read that paper and get back to you. Not at 2:31AM, though.

I would point out that this conversation does not solely relate to
SSDs, though; we are also discussing conventional HDs. I submit that
disposal of SSDs is not yet really an issue, and when it is, given the
way that they reserve "invisible" space for rearranging their contents
for wear-levelling and cell-reformatting, that the only way to ensure
that stuff on SSDs is irretrievable by 3rd parties for the foreseeable
future is to encrypt it.

However, at some point, I expect that good SSD-optimised filesystems
will come along, negating the need for invisible reserved space and
block-reallocation, which would simplify the devices and their
circuitry, but more to the point, enable manufacturers to advertise
them at their "full" capacity, *including* any formerly-reserved
space. The market will very likely then mean that these "dumb" SSDs,
which need a Flash-aware FS to be used, will take over, probably quite
quickly.


-- 
Liam Proven • Info & profile: http://www.google.com/profiles/lproven
Email: lproven at cix.co.uk • GMail/GoogleTalk/Orkut: lproven at gmail.com
Tel: +44 20-8685-0498 • Cell: +44 7939-087884 • Fax: + 44 870-9151419
AIM/Yahoo/Skype: liamproven • MSN: lproven at hotmail.com • ICQ: 73187508



More information about the sounder mailing list