Is the Data on Your SSD Secure?

[Ethnod]

 

Wow, floored. I did not know this at all... is there a way around this? I am sure someone has come up with a program that deals with this issue, no?

 

Source:

http://gizmodo.com/how-secure-is-the-data-on-your-ssd-1339934694

[Butterfish]

Damn you are just pumping the forum with topics 

[WorldDominator]

Damn you are just pumping the forum with topics 

Someone wants the news reporter badge..

[Fetzie]

Deleting files may not mean they're gone

 

The same goes for HDDs. Deleting just means the OS knows it can write over the sector(s).

 

overwriting them isn't safe

 

You have to rewrite an HDD sector about 5 times before previous data is no longer readable.

 

a thorough scrub is at the whim of a micro controller, not the user

 

And the data in an HDD is dependent on a mechanical arm on a bearing not breaking, and the platters that move at about 40 km/h at the edge not wearing out the bearing or being even a fraction off balance after getting knocked about in transit.

[looney]

The same goes for HDDs. Deleting just means the OS knows it can write over the sector(s).

 

 

You have to rewrite an HDD sector about 5 times before previous data is no longer readable.

These points are covered in the video. The problem here is that the PC has no idea what the SSD controller does with its commands, so even if you tell it to rewrite 1000 times there is still a chance the controller will simply say "nope, ill just rewrite that bit instead"

[Fetzie]

These points are covered in the video. The problem here is that the PC has no idea what the SSD controller does with its commands, so even if you tell it to rewrite 1000 times there is still a chance the controller will simply say "nope, ill just rewrite that bit instead"

 

If a manufacturer had a firmware or controller that arbitrarily rewrites data which needs to be retained, then that manufacturer wouldn't last very long. OCZ's handling of the Sandforce controller debacle nearly put them out of business.

 

You should have a back-up of all your data run at least once a week on a separate drive anyway, so any lost data is restorable in a matter of minutes (even if it hits the OS)

[looney]

If a manufacturer had a firmware or controller that arbitrarily rewrites data which needs to be retained, then that manufacturer wouldn't last very long. OCZ's handling of the Sandforce controller debacle nearly put them out of business.

did you even fully watch the video?

there is a thing called wear leveling: http://en.wikipedia.org/wiki/Wear_leveling

 

which means the controller can simply move stuff around instead of overwriting, or overwrite the same bit over and over again if that part of the ssd is still the bit with the best quality.

 

so there is a large chance that when you tell the ssd to write data to a specific sector the chip will say "hmmm, that part is already worn a bit, lets write to that empty and healthy bit of the ssd instead" meaning sector you wanted to erase remains untouched.

[Fetzie]

did you even fully watch the video?

there is a thing called wear leveling: http://en.wikipedia.org/wiki/Wear_leveling

 

which means the controller can simply move stuff around instead of overwriting, or overwrite the same bit over and over again if that part of the ssd is still the bit with the best quality.

 

so there is a large chance that when you tell the ssd to write data to a specific sector the chip will say "hmmm, that part is already worn a bit, lets write to that empty and healthy bit of the ssd instead" meaning sector you wanted to erase remains untouched.

 

Why is that a bad thing? Or have I totally misunderstood what you mean?

[looney]

Why is that a bad thing?

It isn't, unless you want to erase your data, as in no data at all. but as you cant control which sectors are written to when erasing its very difficult to do this.

The problem here isn't retaining data but removing it completely. 

 

with a hdd you do a secure erase, writing bogus data to all sectors a couple times but because of wear leveling you cant be sure that it has write to all sectors with a SSD which means data will still be on parts of the ssd after a secure erase.

[Ethnod]

Why is that a bad thing? Or have I totally misunderstood what you mean?

 

Did you even watch the video man? Seriously? lol

 

It isn't, unless you want to erase your data, as in no data at all. but as you cant control which sectors are written to when erasing its very difficult to do this.

The problem here isn't retaining data but removing it completely. 

 

with a hdd you do a secure erase, writing bogus data to all sectors a couple times but because of wear leveling you cant be sure that it has write to all sectors with a SSD which means data will still be on parts of the ssd after a secure erase.

 

So Looney, has anyone come up with a program that gets around this issue yet? Is there any ways of temporarily overriding wear levelling?

[Yoinkerman]

Have they tested this?

 

The easiest way is to write zeros, fill the drive with data, write zeros again, and see how many times they have to do this for it to matter.

[eshbop]

It isn't, unless you want to erase your data, as in no data at all. but as you cant control which sectors are written to when erasing its very difficult to do this.

The problem here isn't retaining data but removing it completely. 

 

with a hdd you do a secure erase, writing bogus data to all sectors a couple times but because of wear leveling you cant be sure that it has write to all sectors with a SSD which means data will still be on parts of the ssd after a secure erase.

But even if some sectors weren't erased wouldn't the those sectors only contain a small portion of any meaningful chunk of data, given how the controller writes randomly to the available NAND?

[looney]

Have they tested this?

 

The easiest way is to write zeros, fill the drive with data, write zeros again, and see how many times they have to do this for it to matter.

there is no set number as it depends on the controller and the state of the ssd what is done to the sectors, that is the main problem here.

 

But even if some sectors weren't erased wouldn't the those sectors only contain a small portion of any meaningful chunk of data, given how the controller writes randomly to the available NAND?

people who secure erase want their data GONE.

o0 its only a small piece of data that is left out...

What if that piece of data turned out to be the encryption key for your other storage.

chases of this happening are small but they should be nonexistent in this case.

[neon]

Yeah I've known about this since SSDs came out, the conclusion back then was the only way to be sure that your data is secure is to use full disc encryption right from the start (i.e. new SSD > install OS > encrypt entire disc) that way all the data written to the drive is in an encrypted form, then if it gets stolen/sold any recoverable data (even after a drive wipe) would be encrypted nonsense.

 

Also give this a read about using the ATA Secure Erase command to properly erase an SSD http://www.kingston.com/en/community/articledetail?ArticleId=10

[Ethnod]

Yeah I've known about this since SSDs came out, the conclusion back then was the only way to be sure that your data is secure is to use full disc encryption right from the start (i.e. new SSD > install OS > encrypt entire disc) that way all the data written to the drive is in an encrypted form, then if it gets stolen/sold any recoverable data (even after a drive wipe) would be encrypted nonsense.

 

Technically drive encryption can be broken given enough time.... not idea but its possible. I agree with looney though, regardless of the chance you dont want there to be any chance of any of your data getting out. I mean for me in 99.999999999999999999999999999999999% of my usage case I dont care but corporations are not like that and more out of morbid curiosity I would like to know.

[neon]

Technically drive encryption can be broken given enough time.... not idea but its possible. I agree with looney though, regardless of the chance you dont want there to be any chance of any of your data getting out. I mean for me in 99.999999999999999999999999999999999% of my usage case I dont care but corporations are not like that and more out of morbid curiosity I would like to know.

 

Encryption is better than nothing though, but check my edit though the ATA Secure Erase command is a specification that SSDs use to properly erase a drive just as long as the specification is properly implemented, people are still thinking in a HDD state of mind when it comes to drive erasure, now we have to think in SSD terms, you don't overwrite the data you just tell the SSD to erase the all the blocks.

[rashdanml]

The only way to really erase a drive is to use a sledgehammer.

[Lexlazootin]

What If I loaded Linux from a USB and reformatted the drive than used "that" command that creates a random bit file of the size to fill the drive? Wouldn't that just completely "remove" all of the files except the previous windows file locations?

Sent from my iPhone using Tapatalk - now Free

[threadysparrow]

I keep my SSD open to all intruders and I voluntarily give out my I.P. address, real address, bank account and routing numbers, credit card information and social security number.

 

I also keep pictures of the babies in the family on there and give those out as well so people can exploit those pictures...

 

because I am just so balla' that I don't need security. I trust my balla'ness to keep me secured

 

I am glad that in this very technical and mature conversation I was able to lend my balla' skills

[Yoinkerman]

This.  If you need data gone physically destroy the drive.  A disc with holes in it that's bent in 15 different ways isn't going to be recovered.

 

And if your drives get seized by the NSA they have the backdoor keys to unencrypt your full disc encryption anyway so that doesn't matter.

 

The only way to really erase a drive is to use a sledgehammer.