I have a SSD and wanted to use Veracrypt for plausible deniability and protection against any & all level attacks e.g. state sponsored, non sponsored. My goal was to use a VM and place it in the hidden VC container. After further research it seems using VC on a SSD won't "ensure" the level of security I desire for several reasons.
As you know Veracrypt recommends not using SSD due to wear leveling https://www.veracrypt.fr/en/Wear-Leveling.html and the Trim operation. https://www.veracrypt.fr/en/Trim%20Operation.html Even tho Trim can be disabled the wear leveling is compromising enough.
I was, considering replacing it with a HDD. But after reading "Comparing SSD Forensics with HDD Forensics" analysis paper from 2020 ( https://repository.stcloudstate.edu/cgi/viewcontent.cgi?article=1140&context=msia_etds ) SSD are superior in thwarting forensic efforts for several reason. The Trim function, and self-corrosion properties of the SSD play a large role in the prevention of data recovery. (Pg 101/102 Conclusion) "From the results obtained, this study concludes that data deleted on Hard Disk Drives can completely be retrieved, and data deleted on Solid-State Drives cannot be completely retrieved using Autopsy forensic tool, whereas sometimes it can be retrieved using ProDiscover Basic forensic tool".
I'm conflicted. How does one interpret these facts from a Op-sec pov? On one hand SSD are vulnerable when encrypted due to wear leveling, yet against data recovery tools difficult to retrieve data from. HDD offer the better security when encrypted, but vulnerable to data recovery tools. If encryption is compromised, so is your data. Based on this information What are your thoughts? Does it still depend on the threat model?
