Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
The_Geek

Secure Wipe SSD/NVMe Drives?

Recommended Posts

Posted · Original PosterOP

So, Need to know what is the best procedure to Secure wipe SSD/NVMe Drives so that the data is not recoverable, other then the "Take a Hammer" to the drive method. The wipe needs to be fast, secure and easily doable on a personal machine and at work. HD secure wiping is assumed NOT to be the same for SSD/NVMe drives.

Link to post
Share on other sites

You can securely delete data by deleting it and then randomly writing over it. This is done many times in "passes". The more passes you do, the more secure. I will try to find you the software. Try reading this PDF https://www.trendmicro.co.uk/media/resource_lib/general/how-to-erase-data-securely-en.pdf


If you want me to see your reply, please tag me @Faisal A

Link to post
Share on other sites
17 minutes ago, Mira Yurizaki said:

See if the manufacturer has a tool first. Otherwise you can use a tool like PartedMagic.

 

Note that secure erase to the point of "unrecoverable" and "fast" tends to be mutually exclusive.

well most ssds can do a secure wipe very fast as they encrypt everything and just delete the old key and make a new one. Thats what the secure earse command does on most drive

16 minutes ago, Faisal A said:

You can securely delete data by deleting it and then randomly writing over it. This is done many times in "passes". The more passes you do, the more secure. I will try to find you the software. Try reading this PDF https://www.trendmicro.co.uk/media/resource_lib/general/how-to-erase-data-securely-en.pdf

the whole write over a drive has an issue with ssds where there is still some data left due to how data is moved around to make the drives last longer by spreading out writes. This isn't huge issue for most people as that extra data isn't readable by a computer normally.

 

Multple passes aren't recommended anymore per nist 800-88, either do a single pass for when data isn't that important, secure easre for a bit better, and destroy the drive. The hole read a drive after one pass hasn't be done on any recent hardware.

Link to post
Share on other sites

The problem with tools that overwrite drives is that they were designed for HDDs and don't account for wear leveling on SSDs moving things around.  The best way to securely erase an SSD (apart from physically destroying the chips) is to fill it completely with files that contain random data.  And even then you won't have access to the NAND that's reserved for over-provisioning (replacing damaged/worn cells).

 

I used a small tool called Dummy to create several files in various sizes (from 100MB to 50GB) that I store on my NAS. 

Whenever I need to securely erase an SSD or flash drive, I copy those files over to fill the drives as much as possible.  Then I check the drive's properties to see how many bytes are still free and use Dummy to create a file that's exactly that size.  It's quite labor-intensive, but I haven't come across a method that's actually better.

 

No idea if Dummy works on Win10, I only used it on older versions. 

Link to post
Share on other sites
Posted · Original PosterOP

That's too much work to erase a SSD. I would rather just take a hammer and finish the job that way. What I am trying to find out is that if there is a Logical Industry approved way to dispose off SSD's. The Platter HD's have many applications that would guaranty a secure wipe, but in my research I have not found an Industry standard for this kind of storage. With SSD's becoming cheaper and Enterprise moving to SSD's there has to be a way to make sure the drives can be wiped clean....

 

Link to post
Share on other sites
Just now, The_Geek said:

That's too much work to erase a SSD. I would rather just take a hammer and finish the job that way. What I am trying to find out is that if there is a Logical Industry approved way to dispose off SSD's. The Platter HD's have many applications that would guaranty a secure wipe, but in my research I have not found an Industry standard for this kind of storage. With SSD's becoming cheaper and Enterprise moving to SSD's there has to be a way to make sure the drives can be wiped clean....

 

thats what the ata secure erase command is for. most drives are encrypted, they just delete the key and almost instantly all the data is gone.

 

Or just encrypt all the data you store on the drive, then you don't even have to erase it.

 

 

But no erase is perfect, so destroy the drive if the data is extremely important.

Link to post
Share on other sites

The best way is to use software-based encryption (something like Veracrypt) before you start putting data on the drives.  Then afterwards you just format the drive and it's all random noise.

 

EDIT : The wizard beat me to it.  

Link to post
Share on other sites

We have a tool for the Seagate drives called Seatools, which offers a feature to complete the secure erase, below a little more information if you want to read more about it:

 
And yes! As the wizard said, if data is too important you either pay a Data Destruction lab to destroy the unit or you destroy it yourself... 
 

Seagate Technology | Official Forums Team

IronWolf Drives for NAS Applications - SkyHawk Drives for Surveillance Applications - BarraCuda Drives for PC & Gaming

Link to post
Share on other sites

Don't try overwriting the drive, it's terrible for the drive's health and won't even delete all the data from someone with the tools to recover it since some 'overwritten' data will inevitably be brushed under the rug in the overprovisioned area and missed.

 

Either go to the manufacturer's website and download their secure erase tool (which will activate a TRIM like command to perform the clear operation on every single cell ensuring the drive is nothing but zeros) or physically destroy the NAND chips on the drive.

Link to post
Share on other sites
Posted · Original PosterOP

The issue I am having is finding such Manufacturer utility for the drives that I bought. I bought Inland Premium NVMe drives. $95/1TB NVMe, They are fast, almost same or better speeds than Samsung, 3100/1900 MB R/W speeds, but I cant seem to find their site or utilities. I even wrote to their tech support but no reply.

Link to post
Share on other sites
12 minutes ago, The_Geek said:

The issue I am having is finding such Manufacturer utility for the drives that I bought. I bought Inland Premium NVMe drives. $95/1TB NVMe, They are fast, almost same or better speeds than Samsung, 3100/1900 MB R/W speeds, but I cant seem to find their site or utilities. I even wrote to their tech support but no reply.

Try a generic program then. Give hdparm a shot https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase

 

Or since you bought them, just encrypt everything you store on it and you don't have to wipe at all.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Buy VPN

×