Crucial Storage Executive: Sanitize Drive... use for secure erase?


I want to secure erase a Crucial 250GB SSD (SATA) for resale, but don't want to use the Windows erase all command that may shorten the life of the drive. I found the above app on the Crucial website that has an option called Sanitize Drive. It is suppose to be used for wiping one's SSD for resale or donation. I gave it a try.

But it completed the "secure erase" in just a few seconds! I was expecting a much longer time. Now, I'm wondering if it did indeed secure wipe the drive or not. Has anybody used this app that can verify it did indeed do its job?

Btw, it did request I first un-mount the drive and take it offline, which I did.
A true erase of a SSD should take a long time. Erasing NAND is slow, like HDD-slow, which is why SSDs are designed to do it in the background during idle time (which is why TRIM was important - that's how the OS tells the SSD which cells are safe to erase).

If this Sanitize Drive option only took a few seconds, it's probably just wiping the virtual sector table. The sectors your computer sees on a SSD do not correspond to an exact physical location like on a HDD. There's a separate table which maps from the virtual sectors to the physical sectors on the SSD. Its purpose is to allow the wear leveling algorithm to function. If the SSD detects that sector #12345 is getting unusually high number of writes, it will swap it with a sector that isn't being used much (e.g. it's holding a movie file which you never erase). What it does is copy sector #24680 holding the stagnant data to the overused sector #12345. Then it swaps the entries for the two in the virtual file table. So now every time your computer tries to access sector #12345, it gets sent to the physical sector which used to be #24680 instead of the physical sector which used to be #12345. In that way, the SSD can make sure all NAND cells get roughly the same amount of writes (their wear is leveled).

Resetting the virtual sector table has the effect of completely scrambling all data on the SSD. You could in theory recover data from it. But putting the hundreds of millions of sectors back in the proper order would be like trying to solve a jigsaw puzzle with hundreds of millions of identically-shaped pieces (only difference is the image on each piece). It probably also set all the sectors as safe to erase, so the SSD will gradually erase them during idle time (destroying any data they contained). So any data that still remains will disappear over time (probably within a few hours of the SSD sitting idle).



Unless you're selling it to the NSA or GCHQ, you're fine.
For those that actually want to read up on the functionality of Secure Erase/Sanitize Data command functionality...(it is *not* simply a quick delete or quick format equivalent where the data is left intact for recovery....)

Micron's PDF on the issue...

Blurb extract:
'What Data Is Not Erased?
The entire user space and over-provision space are
completely and irretrievably erased. Every block in the user
space is ready to accept new host-written data, moving
the drive to its highest performance state, FOB (fresh-outof-box). '




Actually, that link doesn't really say much, except for being an ad for the AOMEI partition tool.

This pdf from Micron goes into specific detail:

How Secure Is SANITIZE?
Some engineers and scientists have detected stray
electrons in NAND cells after an erase, and Micron
acknowledges this possibility. However, because a block
erase operation raises every NAND cell to an identical
erase voltage regardless of the cell’s previous state,
Micron contends that it is impossible to determine the
previous state of the cell based on leftover, stray signals.
When the sanitize operation is initiated by the host
computer, the SSD controller simultaneously erases the
maximum number of NAND FLASH elements allowed
under the SSD’s maximum-rated power consumption
specifcation. Because of this parallelism, the SANITIZE
command can be completed within one minute on the
majority of Micron’s SSDs; this is a quantum leap beyond
a similar operation in HDDs, which can take hours to
securely and completely eliminate user data.

The sentence I thought was most pertinent , specificallypertaining to sanitize/secure erase...

As the article also specifically showed/addressed Crucial's Storage Executive, and it's inclusion of Sanitize, I thought most would be able to find the relevant points of interest, but..perhaps not.

"SSD secure erase has something different from normally quick format. In a nutshell, secure erase clear data with the help of ATA erase command lines to write 0 to every block on the SSD. It clears all data to reduce the time of reading and writing. "

Those paranoid over 'stray electron patterns' should perhaps keep their SSDs.. :)