Question Is secure erasure necessary on SSDs?

Toggle sidebar Toggle sidebar
digitalgriffin

digitalgriffin

Splendid
Jan 29, 2008
3,540
1,480
25,390
I have a serious question:

"Is secure erasure necessary on SSDs?"

Once a trim completes, aren't all the unused blocks in garbage collection re-zeroed any way? And if the NAND block is damaged, then that data wouldn't be reliable any way because the write failed. That's how you know it's damaged.

It might be possible the file tree may contain references to said erased data. But the data file would be empty.

So what am I missing?
 
  • Like
Reactions: TJ Hooker
Sort by date Sort by votes
USAFRet

USAFRet

Titan
Moderator
Mar 16, 2013
171,278
17,809
184,590
digitalgriffin said:
I have a serious question:

"Is secure erasure necessary on SSDs?"

Once a trim completes, aren't all the unused blocks in garbage collection re-zeroed any way? And if the NAND block is damaged, then that data wouldn't be reliable any way because the write failed. That's how you know it's damaged.

It might be possible the file tree may contain references to said erased data. But the data file would be empty.

So what am I missing?
Click to expand...
Depends on your threat level and future use for the drive.

If keeping it for your use, no secure erase needed.
If selling it, I'd do the secure erase anyway.
If you're a target of the NSA...into the shredder it goes.


Secure Erase can also be used to maybe bring a troubled drive back to original performance.

From Kingston: https://www.kingston.com/us/community/articledetail?ArticleId=10
"When an ATA Secure Erase (SE) command is issued against a SSD's built-in controller That properly supports it, the SSD controller resets all its storage cells as empty (releasing stored electrons) - just THUS restoring the SSD to factory default settings and write performance. "
 
Upvote 0 Downvote
digitalgriffin

digitalgriffin

Splendid
Jan 29, 2008
3,540
1,480
25,390
Lutfij said:
If you've got sensitive data that might be useful to individuals out there, then yes Secure Erase is a good thing to do before you part ways with the SSD. If you're the sole owner and user of the SSD until it's death, you're not needing to do anything other than format the SSD when you want to reinstall the OS.

Also, this might be worth a read.
Click to expand...

His article does not contradict a thing I said. TRIM will zero level your blocks automatically. It just may take 30 or so minutes to execute. (Even if said blocks are in the reserve buffer)
 
Upvote 0 Downvote
popatim

popatim

Titan
Moderator
Dec 2, 2009
38,884
974
135,890
Trim only zero's empty blocks.
Secure Erase Zero's the whole drive, including the Fat tables and the internal fat translation tables (which tells the SSD controller where in the drive the data really is) !! When an SSD moves data around internally, it does not update the Fat; it only updates it's internal translation tables. So 'Secure Erase' pretty much does what it's name implies.
 
Upvote 0 Downvote
digitalgriffin

digitalgriffin

Splendid
Jan 29, 2008
3,540
1,480
25,390
popatim said:
Trim only zero's empty blocks.
Secure Erase Zero's the whole drive, including the Fat tables and the internal fat translation tables (which tells the SSD controller where in the drive the data really is) !! When an SSD moves data around internally, it does not update the Fat; it only updates it's internal translation tables. So 'Secure Erase' pretty much does what it's name implies.
Click to expand...

Once the data has been zero'd it doesn't matter if the file table points to a block that had a filename that says, "EvenPoliticalSatireIsNotAllowedOnTheseForums.zip" That said a simple random data write to the file in question will reset the FAT/NTFS table. Then do a file rename. Then TRIM.

{edited by Mod for Grapes violation. Sorry}
 
Last edited by a moderator:
Upvote 0 Downvote
popatim

popatim

Titan
Moderator
Dec 2, 2009
38,884
974
135,890
Ummm... If FAT says there is a file there then TRIM ain't gonna do squat to the blocks it thinks are being used... You actually need to delete the file for Trim to do anything about zero'ing those cells.

Just to be clear,
TRIM Zero's Cells that the OS & FAT says have been deleted and is OK to zero. Ie- blocked marked as empty in the FAT.
Secure Erase Zero's the whole drive, as long as it's not in use as the boot drive. Many Bios's include a Secure Erase feature these days.
 
Upvote 0 Downvote
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom