Secure erase SSD - One pass enough?

All things storage here: hard drives, DVD RW drives, little wicker baskets.

Moderators: morphine, Steel

Secure erase SSD - One pass enough?

Postposted on Fri Sep 27, 2013 1:59 pm

Considering the reason why multiple erasing passes provide more security for conventional hard disk, single pass of erasing process appear sufficient for SSD. Am I correct?
churin
Gerbil XP
 
Posts: 410
Joined: Wed Nov 28, 2007 3:38 pm
Location: Atlanta/U.S.A.

Re: Secure erase SSD - One pass enough?

Postposted on Fri Sep 27, 2013 2:55 pm

Once the FTL is wiped out the data is pretty much non-recoverable to my knowledge.

EDIT: You could read the data from the individual flash dies but it'd be a jumbled mess...but technically the data is still there.
Z68XP-UD4 | 2700K @ 4.4 GHz | 16 GB | 770 | PCP&C Silencer 950 | XSPC RX360 | Heatkiller R3 | D5 + RP-452X2 | HAF 932 | 1 TB WD Black w/ SRT
Waco
Gerbil Elite
 
Posts: 735
Joined: Tue Jan 20, 2009 3:14 pm

Re: Secure erase SSD - One pass enough?

Postposted on Sat Sep 28, 2013 7:20 am

Waco wrote:Once the FTL is wiped out the data is pretty much non-recoverable to my knowledge.

EDIT: You could read the data from the individual flash dies but it'd be a jumbled mess...but technically the data is still there.

I understand utility for secure erase writes over the data to effectively make the original data unreadable. My question is if we still need to do this multiple of times as required for the conventional hard drive.
churin
Gerbil XP
 
Posts: 410
Joined: Wed Nov 28, 2007 3:38 pm
Location: Atlanta/U.S.A.

Re: Secure erase SSD - One pass enough?

Postposted on Sat Sep 28, 2013 7:42 am

Two passes won't do anything other than wipe the FTL for a second time, will it?

Because a mechanical drive is sequential, it's possible to rebuild the FAT (or equivalent) from the contents on the disk. The secure way to wipe a mechanical disk is to overwrite the sequential data with all 1's, all 0's or all-random.
In theory, a NAND controller scatters the data pseudo-randomly by default for wear-levelling and to endsure maximum performance.
<insert large, flashing, epileptic-fit-inducing signature (based on the latest internet-meme) here>
Chrispy_
Graphmaster Gerbil
Gold subscriber
 
 
Posts: 1479
Joined: Fri Apr 09, 2004 2:49 pm

Re: Secure erase SSD - One pass enough?

Postposted on Sat Sep 28, 2013 9:25 am

If the SSD vendor has implemented the Secure Erase command properly, it should securely erase all of the flash cells with just a single use. If they haven't implemented it properly (i.e. they're cheating and just resetting meta-data), then there's really nothing you can do to guarantee complete erasure of all contents in a way that isn't potentially recoverable with sophisticated hardware-level forensic techniques, unless you physically destroy the flash chips inside the drive.

Or, to put it more succinctly: If one pass isn't enough, two is unlikely to be any better.
(this space intentionally left blank)
just brew it!
Administrator
Gold subscriber
 
 
Posts: 36920
Joined: Tue Aug 20, 2002 9:51 pm
Location: Somewhere, having a beer

Re: Secure erase SSD - One pass enough?

Postposted on Sat Sep 28, 2013 10:08 am

For an SSD, would it be feasible to delete all data then fill the drive to capacity with nonsensical/non-text data and then delete that? So as to ensure that any metadata or undeleted clusters would not be your "real" metadata?

There was a time (before SSDs) I read an article that said that as a traditional hard drive wrote data, the magnetic head would write the 1's and 0's and also would leave a magnetic "wake" to one or both sides of the track being written, and that this "wake" could still be re-read at a later time, even after the track were erased. But I never found an explanation as to why the erasure process would not also leave a similar "erasure wake", thereby obscuring or destroying the original wake.
BIF
Gerbil Jedi
Gold subscriber
 
 
Posts: 1521
Joined: Tue May 25, 2004 6:41 pm

Re: Secure erase SSD - One pass enough?

Postposted on Sat Sep 28, 2013 10:23 am

BIF wrote:For an SSD, would it be feasible to delete all data then fill the drive to capacity with nonsensical/non-text data and then delete that? So as to ensure that any metadata or undeleted clusters would not be your "real" metadata?

Because of wear leveling and spare sectors, this does not guarantee that all of the data is truly gone. It should greatly reduce the odds that anything intelligible can be recovered, though.

The only way to guarantee complete erasure is to use the ATA Secure Erase command, on a drive that implements it properly by actually erasing all sectors of the flash.

BIF wrote:There was a time (before SSDs) I read an article that said that as a traditional hard drive wrote data, the magnetic head would write the 1's and 0's and also would leave a magnetic "wake" to one or both sides of the track being written, and that this "wake" could still be re-read at a later time, even after the track were erased. But I never found an explanation as to why the erasure process would not also leave a similar "erasure wake", thereby obscuring or destroying the original wake.

I believe what was going on was that out at the fringes of the track the overwrite/erasure was incomplete, resulting in a strip where the signal was actually a jumble of what was written by the last two (or more) passes. Still pretty difficult to recover data from, but theoretically possible, since you know what was written in the last pass so you can subtract it out. I believe this is what gave rise to the DOD standard of doing a multi-pass wipe on magnetic media.

I suspect that with current track densities and the use of PRML and NPML techniques to push the limits of linear bit densities as well, that it is no longer possible (or at least, extremely difficult) to recover data from a HDD after even a single overwrite pass.
(this space intentionally left blank)
just brew it!
Administrator
Gold subscriber
 
 
Posts: 36920
Joined: Tue Aug 20, 2002 9:51 pm
Location: Somewhere, having a beer

Re: Secure erase SSD - One pass enough?

Postposted on Sat Sep 28, 2013 6:39 pm

Thanks JBI!
BIF
Gerbil Jedi
Gold subscriber
 
 
Posts: 1521
Joined: Tue May 25, 2004 6:41 pm

Re: Secure erase SSD - One pass enough?

Postposted on Sun Sep 29, 2013 3:27 pm

just brew it! wrote:If the SSD vendor has implemented the Secure Erase command properly, it should securely erase all of the flash cells with just a single use. If they haven't implemented it properly (i.e. they're cheating and just resetting meta-data), then there's really nothing you can do to guarantee complete erasure of all contents in a way that isn't potentially recoverable with sophisticated hardware-level forensic techniques, unless you physically destroy the flash chips inside the drive.

I was under the impression that many did cheat -- my older Indilinx drive "secure erases" in less than 5 seconds. I have trouble believing it's actually going through every cell and erasing it in that amount of time.

You could easily just write a pattern of all 1s to the entire drive (filling it) to erase all older data though.
Z68XP-UD4 | 2700K @ 4.4 GHz | 16 GB | 770 | PCP&C Silencer 950 | XSPC RX360 | Heatkiller R3 | D5 + RP-452X2 | HAF 932 | 1 TB WD Black w/ SRT
Waco
Gerbil Elite
 
Posts: 735
Joined: Tue Jan 20, 2009 3:14 pm

Re: Secure erase SSD - One pass enough?

Postposted on Sun Sep 29, 2013 3:46 pm

Waco wrote:I was under the impression that many did cheat -- my older Indilinx drive "secure erases" in less than 5 seconds. I have trouble believing it's actually going through every cell and erasing it in that amount of time.

Some flash chips have a "bulk erase" mode which can be used to quickly wipe the entire device in a few seconds. Not sure if yours was using these or not.

Waco wrote:You could easily just write a pattern of all 1s to the entire drive (filling it) to erase all older data though.

For reasons mentioned previously in this thread, on flash-based devices this does not guarantee erasure of all flash cells. Getting any useful data out after doing this would require sophisticated forensic techniques at the hardware level, but it is still theoretically possible to recover at least some of the previous contents.
(this space intentionally left blank)
just brew it!
Administrator
Gold subscriber
 
 
Posts: 36920
Joined: Tue Aug 20, 2002 9:51 pm
Location: Somewhere, having a beer

Re: Secure erase SSD - One pass enough?

Postposted on Sun Sep 29, 2013 3:50 pm

just brew it! wrote:For reasons mentioned previously in this thread, on flash-based devices this does not guarantee erasure of all flash cells. Getting any useful data out after doing this would require sophisticated forensic techniques at the hardware level, but it is still theoretically possible to recover at least some of the previous contents.

In these cases I recommend a Remington 870 (always take pump over semi-auto), #4 shot, and a range of 25 feet or so. At that range choke don't mean anything. Oh, and do this outdoors.

On a more serious side I would expect gov't-level SSD decom protocols to include pulling tbe board out of the housing and drilling every chip.
There are people that embrace the Oxford comma and people who don't. Never get between these people when drink has been taken. I use the Oxford comma and always will. The rest can sod off.
Captain Ned
Global Moderator
Gold subscriber
 
 
Posts: 19772
Joined: Wed Jan 16, 2002 6:00 pm
Location: Vermont, USA

Re: Secure erase SSD - One pass enough?

Postposted on Sun Sep 29, 2013 4:00 pm

just brew it! wrote:For reasons mentioned previously in this thread, on flash-based devices this does not guarantee erasure of all flash cells. Getting any useful data out after doing this would require sophisticated forensic techniques at the hardware level, but it is still theoretically possible to recover at least some of the previous contents.


Bah, I guess that's especially true with drives that do compression and wear-leveling. There's no real way to be sure all of the flash has been written to without bypassing the FTL. :oops:

Captain Ned wrote:On a more serious side I would expect gov't-level SSD decom protocols to include pulling tbe board out of the housing and drilling every chip.

I would assume they'll just toss them in a shredder just like HDDs.
Z68XP-UD4 | 2700K @ 4.4 GHz | 16 GB | 770 | PCP&C Silencer 950 | XSPC RX360 | Heatkiller R3 | D5 + RP-452X2 | HAF 932 | 1 TB WD Black w/ SRT
Waco
Gerbil Elite
 
Posts: 735
Joined: Tue Jan 20, 2009 3:14 pm

Re: Secure erase SSD - One pass enough?

Postposted on Sun Sep 29, 2013 4:22 pm

Waco wrote:
just brew it! wrote:For reasons mentioned previously in this thread, on flash-based devices this does not guarantee erasure of all flash cells. Getting any useful data out after doing this would require sophisticated forensic techniques at the hardware level, but it is still theoretically possible to recover at least some of the previous contents.

Bah, I guess that's especially true with drives that do compression and wear-leveling. There's no real way to be sure all of the flash has been written to without bypassing the FTL. :oops:

AFAIK *all* SSDs do some sort of wear leveling out of necessity. Otherwise the drive would have a rather short useful lifetime, as certain frequently written sectors (file system meta-data, swap file, etc...) would wear out very quickly.

Waco wrote:
Captain Ned wrote:On a more serious side I would expect gov't-level SSD decom protocols to include pulling tbe board out of the housing and drilling every chip.

I would assume they'll just toss them in a shredder just like HDDs.

I'm not sure what the exact protocols are for hard drive shredders; but if they are merely designed to ensure the destruction of the HDD platters I could imagine individual flash dice occasionally slipping through intact.
(this space intentionally left blank)
just brew it!
Administrator
Gold subscriber
 
 
Posts: 36920
Joined: Tue Aug 20, 2002 9:51 pm
Location: Somewhere, having a beer

Re: Secure erase SSD - One pass enough?

Postposted on Sun Sep 29, 2013 4:29 pm

True, but if you filled a drive without any compression you could be reasonably sure it'd hit nearly everything with the exception of the spare area (which you could hit with multiple passes...but no guarantees).


I'd probably feel comfortable doing a secure erase if it was my personal data though. I don't think anyone would go through the trouble of anything more than the most basic of poking around to get my data.
Z68XP-UD4 | 2700K @ 4.4 GHz | 16 GB | 770 | PCP&C Silencer 950 | XSPC RX360 | Heatkiller R3 | D5 + RP-452X2 | HAF 932 | 1 TB WD Black w/ SRT
Waco
Gerbil Elite
 
Posts: 735
Joined: Tue Jan 20, 2009 3:14 pm

Re: Secure erase SSD - One pass enough?

Postposted on Sun Sep 29, 2013 4:38 pm

Waco wrote:I would assume they'll just toss them in a shredder just like HDDs.

Since we don't have the V8-powered shredders our office drills HDDs and I assume they'll drill SSDs once the reptilian brain of bureaucracy understands the entire concept of SSDs.
There are people that embrace the Oxford comma and people who don't. Never get between these people when drink has been taken. I use the Oxford comma and always will. The rest can sod off.
Captain Ned
Global Moderator
Gold subscriber
 
 
Posts: 19772
Joined: Wed Jan 16, 2002 6:00 pm
Location: Vermont, USA

Re: Secure erase SSD - One pass enough?

Postposted on Sun Sep 29, 2013 4:48 pm

Waco wrote:True, but if you filled a drive without any compression you could be reasonably sure it'd hit nearly everything with the exception of the spare area (which you could hit with multiple passes...but no guarantees).

I'd probably feel comfortable doing a secure erase if it was my personal data though. I don't think anyone would go through the trouble of anything more than the most basic of poking around to get my data.

Well, yeah... it all comes down to how sensitive the data is and how much you care about keeping it secret. The NSA and FBI (which I'm assuming are our benchmark for high-end forensic capabilities) don't care about stealing your credit card numbers, and wouldn't be picking through your discarded electronics unless you're already deemed a high-value target (in which case you've got much bigger things to worry about).

If all you care about is casual snooping and amateur identity thieves, a secure erase (regardless of how well implemented) or single overwrite pass should be sufficient.
(this space intentionally left blank)
just brew it!
Administrator
Gold subscriber
 
 
Posts: 36920
Joined: Tue Aug 20, 2002 9:51 pm
Location: Somewhere, having a beer

Re: Secure erase SSD - One pass enough?

Postposted on Sun Sep 29, 2013 4:58 pm

just brew it! wrote:The NSA and FBI (which I'm assuming are our benchmark for high-end forensic capabilities)

Last winter I had cause to be with the FBI in the closure of a financial institution. The hardware their tech guys carry is scary. I only saw the bit-to-bit copying device and that thing looked like nothing I'd ever seen before. It was also pretty damn speedy and my guess is that it saturated whatever bus it might have been on.
There are people that embrace the Oxford comma and people who don't. Never get between these people when drink has been taken. I use the Oxford comma and always will. The rest can sod off.
Captain Ned
Global Moderator
Gold subscriber
 
 
Posts: 19772
Joined: Wed Jan 16, 2002 6:00 pm
Location: Vermont, USA

Re: Secure erase SSD - One pass enough?

Postposted on Sun Sep 29, 2013 6:27 pm

Captain Ned-"In these cases I recommend a Remington 870 (always take pump over semi-auto), #4 shot, and a range of 25 feet or so. At that range choke don't mean anything. Oh, and do this outdoors."

Shotgun is decent, I used to work a metallurgical site before, the copper smelter would also render drives completely unreadable, along with anything else that ended up in there.

Like other have said, depends on the level of security required. The DoD must have a standard for SSD deletion? If it's on a personal level, I would guess 1 secure erase would be sufficient?
Life doesn't change after marriage, it changes after children!
anotherengineer
Gerbil Elite
 
Posts: 504
Joined: Fri Sep 25, 2009 12:53 pm
Location: Timmins, ON Canada, Yes I know, Up in the sticks

Re: Secure erase SSD - One pass enough?

Postposted on Sun Sep 29, 2013 7:41 pm

For a one-off deal like gifting or returning I see no reason not to fill it with garbage data. For ongoing use secure erase or regular delete should be enough. If it's important enough that feebs and spooks are a concern you should physically destroy the drive, only way to be absolutely sure.
NovusBogus
Gerbil XP
 
Posts: 415
Joined: Sat Jan 05, 2013 11:37 pm

Re: Secure erase SSD - One pass enough?

Postposted on Mon Sep 30, 2013 6:58 am

just brew it! wrote:If all you care about is casual snooping and amateur identity thieves, a secure erase (regardless of how well implemented) or single overwrite pass should be sufficient.

Yes, that's me. I am going to try one of those utility to recover deleted files to see how effective one pass secure erasure is.
churin
Gerbil XP
 
Posts: 410
Joined: Wed Nov 28, 2007 3:38 pm
Location: Atlanta/U.S.A.

Re: Secure erase SSD - One pass enough?

Postposted on Mon Sep 30, 2013 2:53 pm

I hear the best way to wipe a SSD clean is put your resume' on it the evening before a very important interview and before you print it. Then the disk will go completely unrecoverable except by God himself. If it isn't a resume', then it is the contact information of a very attractive girl just before your date.
liquidsquid
Minister of Gerbil Affairs
 
Posts: 2438
Joined: Wed May 29, 2002 9:49 am
Location: New York

Re: Secure erase SSD - One pass enough?

Postposted on Mon Sep 30, 2013 3:06 pm

We don't need to go into all the details of this BUT ...

We follow this: http://www.nsa.gov/ia/_files/government ... Manual.pdf except there's a more updated version of this document that we use. Basically you write a pattern onto SSDs. We are not allowed to ever reuse regular hard drives as they are degaussed after the shields and whatnot are removed and then they are physicalled destroyed. SSDs we actually get to reuse.
keltor
Gerbil First Class
 
Posts: 175
Joined: Thu May 10, 2012 3:29 pm

Re: Secure erase SSD - One pass enough?

Postposted on Mon Sep 30, 2013 3:33 pm

churin wrote:Considering the reason why multiple erasing passes provide more security for conventional hard disk, single pass of erasing process appear sufficient for SSD. Am I correct?


Correct. It may be theoretically possible to recover the information, but it's going to be far too impractical for anyone to actually do it.

So basically, if all you're worried about is someone seeing your pr0n collection, a single pass is more than adequate. If you're holding corporate secrets worth billions or ultra-secret government stuff, you probably want to to do single pass AND apply a sledge hammer.
cphite
Gerbil Elite
 
Posts: 520
Joined: Thu Apr 29, 2010 8:28 am


Return to Storage

Who is online

Users browsing this forum: No registered users and 1 guest