[SOLVED] Clean all for secure erase?

USAFRet

Titan
Moderator
Mar 16, 2013
111,968
1,635
154,440
18,459
Unless you're selling this to the NSA/GCHQ, clean /all is fine.
It is more indepth than clean, but not nearly as indepth as a Secure Erase from the manufacturer.

Clean removes the partition info.
Clean all, in theory, rewrites the data back to zero. But the way SSD's work is different than HDD's. Technically, the info is still there sort of, but can't be retrieved by normal consumer use.
 

popatim

Titan
Moderator
Dispart's "Clean All" erases the partition information. It does not reset all the cells to 0 so data is technically still there.

The drive manufacturers 'Toolbox' utility should have a secure erase function. Your motherboards bios may also have a secure erase function built in.
 

1405

Distinguished
Aug 26, 2012
421
5
18,795
2
Thanks QuerkyPengwin. Yes, I was referring to the Diskpart command clean all.
Popatim, if that's all the clean all command does, 1) what does the clean command do? and 2) Why does clean all take so much longer?
I tried Crucial's Storage Executive for my Crucial M500 SSD, but it said it couldn't find any disks it could sanitize. That is the 2nd Crucial M500 disk it would not sanitize, so I guess the M500s are the black sheep of the stable.
 

USAFRet

Titan
Moderator
Mar 16, 2013
111,968
1,635
154,440
18,459
Unless you're selling this to the NSA/GCHQ, clean /all is fine.
It is more indepth than clean, but not nearly as indepth as a Secure Erase from the manufacturer.

Clean removes the partition info.
Clean all, in theory, rewrites the data back to zero. But the way SSD's work is different than HDD's. Technically, the info is still there sort of, but can't be retrieved by normal consumer use.
 

1405

Distinguished
Aug 26, 2012
421
5
18,795
2
Unless you're selling this to the NSA/GCHQ, clean /all is fine.
It is more indepth than clean, but not nearly as indepth as a Secure Erase from the manufacturer.

Clean removes the partition info.
Clean all, in theory, rewrites the data back to zero. But the way SSD's work is different than HDD's. Technically, the info is still there sort of, but can't be retrieved by normal consumer use.
Unless you're selling this to the NSA/GCHQ, clean /all is fine.
It is more indepth than clean, but not nearly as indepth as a Secure Erase from the manufacturer.

Clean removes the partition info.
Clean all, in theory, rewrites the data back to zero. But the way SSD's work is different than HDD's. Technically, the info is still there sort of, but can't be retrieved by normal consumer use.
I see. Thank you. I don't see secure erase on the Crucial website. And I downloaded Parted Magic, but my M500 SSD didn't show up on the list of drives for running secure erase.
 
Many SSDs transparently encrypt your data. These can be cryptographically erased in a matter seconds by throwing away the encryption key.

The ATA Secure Erase command runs internally within the HDD, with no traffic over the SATA interface. It writes a predefined data pattern to all sectors in the user area. The Enhanced Secure Erase command also overwrites any bad sectors (in the grown defect list).

You can determine whether Secure Erase is supported by dumping the Identify Device data with a tool such as CrystalDiskInfo.

https://crystalmark.info/en/software/crystaldiskinfo/

If you can provide this info, I will be able to check this for you.
 

1405

Distinguished
Aug 26, 2012
421
5
18,795
2
Many SSDs transparently encrypt your data. These can be cryptographically erased in a matter seconds by throwing away the encryption key.

The ATA Secure Erase command runs internally within the HDD, with no traffic over the SATA interface. It writes a predefined data pattern to all sectors in the user area. The Enhanced Secure Erase command also overwrites any bad sectors (in the grown defect list).

You can determine whether Secure Erase is supported by dumping the Identify Device data with a tool such as CrystalDiskInfo.

https://crystalmark.info/en/software/crystaldiskinfo/

If you can provide this info, I will be able to check this for you.
Thank you for the reply. I downloaded/ran Crystal Disk Info, but can find nothing in the menus pertaing to dumping device data. But then, I'm kinda stupid.
 
Crucial's website seems pretty vague on the issue, as if all they recommend is deleting a partition, and that should solve it...

It's an odd recommendation for 'sanitizing a drive'...(granted, if the drive was encrypted, as mentioned above, key gone, data is gone!) ...

Given recovery tools available today, certainly merely deleting a partition is not sufficient, there have been cases of folks buying used systems with SSDs, and then browsing thru other's old personal data after using free recovery tools........
 
Last edited:
If your OS supports TRIM, then deleting a file on an SSD will most likely make it unrecoverable, even with professional tools. That's because the OS tells the SSD that the deleted data occupies sectors which can now be safely erased. That is different to the way in which a HDD works. In a HDD the deleted data can still be recovered with free tools because the corresponding sectors are only marked as free, ie they are not wiped.
 

1405

Distinguished
Aug 26, 2012
421
5
18,795
2
I appreciate everyone's interest in my question and the help you all are providing. But most of it is way over my head, I'm afraid. Looking back at my original question, I really just needed to know if the clean all command would do a sufficient job of making the drive secure enough to resell (in a complete system). USAFRet seems to be saying yes. I guess I'll go with that, since I'm not computer savvy when you get that deep into the weeds. :)
 

ASK THE COMMUNITY

TRENDING THREADS