2

I have two SSDs in my laptop. one is SATA 500GB and the other is M.2 SATA 250 GB. I used the following steps for both to securly erase them so that I can sell the laptop:

  1. unfreeze the drives: sudo systemctl suspend
  2. Set a User Password: hdparm --user-master u --security-set-pass mypass /dev/sdx
  3. Issue the ATA Secure Erase command: time hdparm --user-master u --security-erase mypass /dev/sdx

I have 3 questions

  1. It is completed too fast in less than 3 seconds. Is it normal?
  2. Does the length of mypass matters?
  3. Whats is the advantage of using --security-erase-enhanced instead of --security-erase
j doe
  • 21
  • 2

2 Answers2

4

This is most likely entirely normal, because of how modern SSDs are designed.

When you use ATA secure erase it is not wiping the whole disk. It is removing the encryption keys on the drive controller, which are used to transparently encrypt data before it is written to the memory chips. Removing this key is virtually instantaneous as you have discovered.

The alternative would be to erase each memory segment individually. This would be slow and, on an SSD, would shorten lifespan as the memory technology has a fixed amount of erase cycles.

The same technique is used for “factory reset” or “secure erase” features found on modern smart phones and tablets.

David
  • 714
  • 3
  • 11
  • OP's step 2 was "set a password". By that I assume that *before* that point the data he was concerned about, was plain text on disk. So, unless the "set a password" step did something that takes more than a few seconds, I suspect the plain text is still there. (I.e., you would have been absolutely right if the data he was concerned about was *already* encrypted, but I did not get the impression that was the case here). –  Nov 29 '20 at 07:15
  • @sitaram The password used in step 2 is just a mechanism for locking the command access to the disk and has absolutely nothing to do with how data is potentially encrypted on the disk. David's answer is perfectly correct as most modern SSD perform self encryption of the data on disk for various reasons. These self encryptions use very long randomly generated keys that are stored on the HD controller itself (the circuit board physically within or attached to the disk). Self encrypted disks can be effectively wiped in a fraction of a second by just changing the encryption key. All is well! – krisku Feb 18 '21 at 06:53
  • @krisku wow... did not know "most modern SSD perform self encryption of the data on disk for various reasons". Not to sound lazy (I will certainly search during the weekend) but do you have any links you think are particularly useful in researching this? –  Feb 18 '21 at 11:32
1

David's answer is perfectly correct in all aspects but perhaps does not specifically answer all questions.

  1. Internally self-encrypted drives can be very quickly wiped by essentially just destroying the internal encryption key used, just as David explains. After that none of the data on the disk makes any sense anymore.
  2. The user password has nothing to do with the data stored on the disk or how it is encrypted for self-encrypting drives. The user password is just a command access mechanism with which you can prevent someone from performing dangerous commands on the disk, such as running the internal erase functions. Computer BIOSes typically set their own password on the disk during boot in an attempt to protect your disks from unauthorized access (e.g. by malware). So no, the length of the password does not matter at all, as it is just a part of the protocol you use to give advanced commands to the disk.
  3. For older disks without self-encryption, the difference between erase mechanisms are as follows:
  • secure erase - defined as writing zeroes over the whole visible disk (does not include reallocated sectors)
  • enhanced secure erase - uses a more thorough approach of overwriting the whole physical disk (including reallocated sectors and parts of the disk not accessible to the user) using some manufacturer-specific data patterns (can be multiple writes)

Drives usually have some spare capacity not visible to the user, which is used when sectors fail and need to be internally reallocated. This mechanism can leave some data in the sectors that have been reallocated and hides them from being overwritten by the user. In that aspect the enhanced secure erase is far better as it reaches also those decommissioned sectors.

krisku
  • 111
  • 2