Study: Nearly Impossible to Delete Data on SSDs

[JamesSneed]

The company I work for uses a hard drive shredder for old drives. Never seen an SSD go through one but it should make quick work of it. Pretty cool seeing a drive shredded like a piece of papper.

 

[megamanx00]

Considering the nature of SSDs I've suspected this. Even so, if you're worried about security you should encrypt the drive, and with your done with it use a hammer

 

[antlee]

Just blend the whole SSD(or just the PCB) to become sand...

 

[nebun]

who cares...have nothing to worry about

 

[face-plants]

Hammers, microwaves, and fireplaces are all well and good if you want to totally destroy your own hardware out of paranoia or boredom. What about regular home or business users that simply want to delete sensitive information and make sure it's gone for good? The fact that you can't even erase single files with any level of confidence is quite alarming. The fact that USB flash drives and I'm assuming many many SD Cards have this same problem make it even worse.

The argument that we could catch kiddie porn offenders by making every consumer SSD purposely keep deleted data is INSANE! Seriously think about that suggestion. Make it easy to recover anyone's personal info so you can catch a few bad guys?

I have done data recovery for a number of customers who have deleted photos from the SD card in their camera or cell phone and can confirm that sometimes 2 or 3 generations of prior files can be recovered...if not completely than at least partially. I never considered SSD's having this same inherent problem but it does make since.

Luckily it seems that a few added instructions to the FTL firmware can make this problem null and void. I'd like this implemented immediately on any NAND based devices I would ever use for personal info...flash drives especially. Recovering accidentally deleted photos from a camera is all well and good but with more and more people using an SSD for their Windows boot drive, the security risks with being unable to securely erase files is bonkers IMO.

 

[andrern2000]

I remembered of Recycle Bin, reminded how fast it is to send 10 GB of files top recycle bin without emptying it.

 

[silverblue]

Is the image of a Samsung product just representative of an SSD in general or are Samsung SSDs one of the products in question?

(sorry, posted this before but realised my mistake when it was on the UK portal.)

 

[liveonc]

Too much e-waste, recycling, & laptops getting blown up on youtube. Want the data gone? Hammer time, blow it up & post it on youtube.

 

[tavix]

Big companies don't keep essential daat on SSDs anyways, realax. SSDs are good for OS and some apps, not for backup.

 

[Wish I Was Wealthy]

I agree with bobusboy & the rest about being able to control your own data...

 

[Travis Beane]

A healthy dose of home made thermite should do.
Remember kiddies: Fe2O3 + 2Al → 2Fe + Al2O3 + Heat
Iron Oxide and aluminum dust should be easy enough for you to acquire from a local chemical supply shop.
But don't forget to microwave it first. I suggest going to a convenience store and look for a 2000 watt model, for double the wattage of a normal home microwave, and to prevent your own house from smelling foul.
If you really want to, hit it repeatably with a hammer too. You can do it before, after, or at every step if you so desire.

So, who's worried? They're only $1-3/GB to replace.

 

[randomizer]

probably due to limited rewrite capabilities.

Secure Erase whould only add a single erase cycle to each block, since it should just set every cell to 0 (which is later reset to 1). That's far less damaging than something like DBAN.

 

[Guest]

I went through utube (SSD + Microwave) but I could find any posts...any volunteers?

 

[back_by_demand]

At least if you delete something by accident you can almost guarantee it will be recoverable.

People are only stressing because you can never really hide your porn surfing habits.

 

[caeden]

I work for a computer refurbishing company where we take donated computers from various companies and individuals, and either recycle them, or fix them up for low income families and students, and we have already run into this problem. We received a very nice computer (not sure why they were getting rid of it), and our techs were aware of the problem because of our flash drive policy. So we had to throw it in the drive crusher... which was very sad. It will be several years before we run into the problem of needing SSDs for our builds, as most of our current ones get little 80Gigers, but we need a proper solution in place before this becomes a problem.

 

[eyemaster]

The problem is not that you need to use a hammer. The problem lies when you want to delete a file and STILL USE the drive. If those blocks are still intact after you have deleted the content, it can be retrieved because you're still using the drive 3 years afterwards, then go through TSA in teh US and get nailed for something that should not have been there in the first place.

It's not about final termination of the whole drive, but deleted files and still using the drive afterwards.

 

[Camikazi]

[citation][nom]supertrek32[/nom]While I agree it's useful in this case, being able to wipe drive is extremely important in corporate/government settings.What if the government were developing a super-secret new weapon, and needed to upgrade the computers. If someone picked this drive up out of the trash, managed to recover 75% of the data, that means they have 75% of the plans to the death-star or whatever.Now, the government usually is pretty rigorous about destroying stuff like this, but what about microsoft? What if a somewhat tech-minded janitor at MS HQ was royally screwed at some point and out for revenge? He'd pick up old drives as they were discarded. Eventually he'd find something useful and bam. MS's new code just got leaked to the puclic or sold to the highest bidder.[/citation]
If the government just throws out HDDs or SDDs with information that sensitive then they deserve to get their secrets stolen. You DESTROY drives that had info like that, smash, crush or nuke it you don't just throw them out, it's not exactly rocket science to figure this out.

 

[atikkur]

SSD's are still far from perfect. in price, capacity, efeciency, and now security. it is like experimental technology.

 

[unempit]

I wonder if this will impact hybrid disk drive efficieny.

 

[RandalFord]

I wrote the code for a consumer device that stores files in flash memory. I looked into my code to see what I did and this is what I found..

"Erase Unit" really deletes everything! Even the cache sector (or block as the article calls it). Deleting one file is more complicated. It copies the entire sector to the cache, erases that file's sector then copies the cache sector back skipping the unwanted file. The result is that you not only leave a copy of the deleted file but also make a copy of all the other files in its sector.

I could have written the code to erase the cache after every operation but flash memory is slow and since this is not a secure device I went for speed over security. It seems from the article that all the other programmers have pretty much done the same.

While I don't keep illegal files on my SSD, I do have source code, passwords and other personal and proprietary data that I would rather not distribute. If given the choice, would you prefer an SSD that was more secure but noticeably slower? I think most people would say no.

 

[Guest]

The only thing that matters to me is performance. As long as this won't have any significant impact, this is simply useless information =D

 

[cookoy]

i wish they'd be more specific as to which ssd brand and software are better at erasing data. if all else fail, infect your ssd with all the viruses and they will do the job for you.

 

[jisamaniac]

Ty Kevin. Informative detailed information like this is what I look for.

 

[EnderWiggin]

So the next Trojan or rootkit should be a mix of undelete/recovery, search, and data sending to China... yay.

 

[ProDigit10]

jut bypass the trim or garbage collection program and you're set!