2

I'm about to sell an old 128GB external SSD, and I've read various guides saying it's difficult to be sure that data is erased when using traditional zero-fills etc.

I'm on Mac OSx, and I got the idea to use Final Cut Pro X to generate very large uncompressed video files of junk (just a plant in my window), and export them straight to the external SSD. A 2 min video clip resulted in a 35GB 1080p, uncompressed, video file! So 8 minutes should be enough to fill the drive, without using any duplicate data.

This sounds like it should be bullet proof, but there always seem to be unexpected "gotchas" when it comes to erasing data, especially on SSD's... Is this method enough to remove any previous data from the drive?

Magnus
  • 213
  • 1
  • 5
  • Your junk video will probably not be random enough. Why not just run `shred` on it? – André Borie Jul 13 '17 at 11:36
  • @AndréBorie Unless things have changed recently, tools like shred were written for HDDs; they don't work well-enough with SSDs due to wear-leveling algorithms that don't guarantee overwrites to the same space. Theoretically, if you write a lot more than required (10x SSD size?), you would eventually wipe everything - but there are neither assurances of this; nor a uniform estimate of 10x/100x/... that will work for all SSDs. – Sas3 Jul 13 '17 at 11:55
  • 1
    @Sas3 however the video method wouldn't work either. – André Borie Jul 13 '17 at 12:51
  • @AndréBorie Can you briefly explain to me why it won't work? If I write 128GB video to the disk, won't 128GB of physical storage actually be altered? – Magnus Jul 13 '17 at 13:08
  • There are a few reasons. But wear levelling is the biggest. An SSD is usually bigger than its sold size. As cells are deemed to have worn out they are moved out of the used pool and new cells are used instead. The device will also prioritise writing to less worn cells. So if your confidential data was stored on cells viewed as heavily worn they are unlikely to get overwritten unless you completely fill the disk to the last byte - and even then it may not happen. – Hector Oct 11 '17 at 13:08

2 Answers2

2

Generally, it is suggested to investigate if the SSD vendor advises a method for secure erasure of their product.

Often a security feature (like ATA SECURE ERASE) is present that will help you achieve secure erasure. The remaining risks here are:

  • The vendor built in method could have bugs and be subject to vulnerabilities and attacks
  • As this often involves discarding cryptographic keys from the SSD but leaves the cipher text untouched the standard of encryption we use at the present moment will eventually become subject to attacks in the future when computational resources are available to brute-force keys

While your method seems generally feasible I think we cannot answer whether this will fully wipe all data as it largely depends on the vendor implementation.

I think one known risk is that there is old data remaining on the media in unaddressable areas which would not be touched by you writing a video file.

However, maybe the more relevant question is for you to judge how sensitive the data is that was stored on the SSD? This should help to evaluate how thorough your erasure needs to be to arrive at the level of sanatization of the media you are looking for.

bfloriang
  • 205
  • 1
  • 6
  • The disk is an original Macbook Air SSD (Toshiba) mounted in an external "generic" casing I bought on Aliexpress. Disk Utility just reports it as "Generic External Media", so not sure if Toshibas or any others disk utilities will be able to securely reset it? I'd rather not go through the trouble of opening up my MBA and swapping disks, there's always the potential risk of damaging something in the process... Also, the disk previously contained a full OSx installation, and was encrypted. I've since formatted it (OSx journaled encrypted) and filled it with video files... – Magnus Jul 13 '17 at 12:53
  • If it was encrypted and is now encrypted with a different key the main concern should be making sure the original key is unrecoverable. – Hector Oct 11 '17 at 13:01
  • In Regard To Secure Erase: Often times motherboard manufacturers will disable the Secure Erase function as it is ripe for abuse. Sometimes, you can boot into various live CD like software (such as Blancco) and get Secure Erase to fire successfully but it's a pain. If you can get SE to work I'd recommend that, though. – Monica Apologists Get Out Nov 10 '17 at 13:21
  • https://security.stackexchange.com/a/12506/8072 has some good stuff and could be linked in this answer. I would do the secure erase and THEN the pot plant video just so the new owner has something to find on it. – daniel Nov 10 '17 at 13:27
0

Interesting solution to a problem, I wouldn't count on it though. If you do not care about SIGNIFICANTLY shortening SSD's lifespan, I would recommend simply nuking it. Darik's Boot and Nuke has a wide variety of erasing options. You can do multiple runs of the same 0 fill to ensure that everything is completely removed. However, that is not a very smart solution.

A smart solution would be to use manufacturers tools for secure SSD wipe, it is more of a reset, as it essentially as electron flushing. The tools for the major manufacturers are as following: Intel Solid-State Toolbox, OCZ Toolbox, Corsair SSD Toolbox, Samsung Magician, SanDisk SSD Toolkit. As mentioned, they should do a secure erase without issues.

Josh Ross
  • 663
  • 3
  • 10
  • The less smart solution was placed for people who think DBan is not harmful to SSDs. – Josh Ross Jul 13 '17 at 11:52
  • 1
    DBAN in fact isn't harmful to an SSD. An SSD can take hundreds of terrabytes of writes before showing any signs of failures. http://techreport.com/review/27909/the-ssd-endurance-experiment-theyre-all-dead Also, there's no need to re-write multiple times to an SSD, and certainly no reason to do this to a spinning disk. – Steve Sether Jul 13 '17 at 13:38
  • Interesting, on the research that I did, I assumed it was quite significant. By couple of runs, I meant that DBAN has an option to do the run itself a couple of times. I did not mention it as a requirement. Thank you for information! – Josh Ross Jul 14 '17 at 07:38