6

I have a Kingston hyperx drive circa 2012. I kicked off a secure erase on it. I then remounted the drive and was horrified (well, not really more like bemused) to see my whole parts of my old file system still intact. This correlates with the well known findings of a UCSD lab that SE is not implemented well in most SSDs.

How can I know whether my SSD's secure erase functionality works securely? (I can make a simple test, but how do I know that it'll work in all circumstances?)

More usefully, how can I find out before buying an SSD whether its SE is implemented correctly? Is there a publicly available list of known good vendors?

Gilles 'SO- stop being evil'
  • 50,912
  • 13
  • 120
  • 179
John Thompson
  • 181
  • 4
  • 1
    Kingston responded to the study and claim that the do properly support secure erase on V Series G2, V100, V+ G2, and V+100 SSDs. http://www.kingston.com/us/community/articledetail?ArticleId=10 – Xander Nov 18 '13 at 21:33
  • 1
    Interesting. If you go to their page on this, you'll see you need to have access to a dos bootable drive NOT from the Windows environment (command line app won't work) to execute the secure erase and actually Win 7 doesn't offer access to a dos bootable drive [link]:http://www.kingston.com/us/community/articledetail?ArticleId=10 – John Thompson Nov 19 '13 at 01:57
  • Perhaps one could create a bootable CD or USB flash drive using FreeDOS with HDDErase added. – mirimir Jan 14 '14 at 09:49

2 Answers2

2

Who are you defending against?

No, really, because remember, with SSD, there are sectors that go bad that are no longer writable. With ATA Secure Erase, the drive is also supposed to erase the mapped-out bad blocks, but if the blocks are actually no longer writable, it cannot succeed. You can't blame a vendor for not doing the impossible.

A custom firmware may be able to read back those sectors that have gone bad. But your typical adversary does not have such a firmware, so again from who are you defending against? And how much data will they actually be getting?

If you really need to make sure that your data is secure after you dispose of it, then never let unencrypted data touch the drive. Encrypt your volume, and when you're done, just zero the drive and never look back.

Bill McGonigle
  • 509
  • 3
  • 8
-1

I assume you are using Windows? If so, I'm wondering if the embedded SE algorithm is oblivious to the Windows Volume Shadow-copy Service (VSS). In other words, some Windows application sends a delete/erase command to SSD and the SSD firmware thinks it has deleted all the files, when in fact there are duplicates available, due to faulty windows originated commands. Second, also check the eMMC versions supported by your SSD. (Yes, they are not the same, but the standards still have to match, as SSD FW is very similar to that in eMMC's.) Finally, there are ways for low-level interaction with SSD firmware to find out their versions and supported features. Google for SMART report etc.

EDIT: I've revised my answer to clarify.

The above explanation was not satisfactory. Apparently there's a middle layer that is messing with what some simpler windows applications think they do, versus what is actually received/processed by the SSD firmware.

I'd like to quote this post:

"Secure Erase is embedded in the drive controller microcode and is initiated by an externally issued command sequence. Once initiated, SE uses an optimized single pass process that addresses all regions of the storage media, including the Protected Service Areas (when properly launched using compatible hardware). Protected service areas include G-List, Host Protected Area, and the Device Control Overlay (search Wikipedia for a detailed description of the role of each component of the PSA).

Despite the fact that it is launched by external command, and is a highly effective PURGE level sanitization technology it can not be reliably launched in on most host equipment due to host controller protection of the HPA, and the fact that many BIOS manufacturers inhibit SE from being launched due to security concerns. The issue being that if virus or malware were to initiate SE, the target computer would be purged rapidly, and with no hope for recovery."

For more details on the ATA SE command(s) check here.

not2qubit
  • 275
  • 2
  • 8
  • 1
    Secure Erase works on the drive, not on files or volumes. OSes and their features are irrelevant. – Xander Feb 26 '14 at 15:32
  • @Xander: You are wrong because SE is not well defined (above) by the vendors who claim it. In addition OP is not saying anything what he did or what tools he used. So please stop down-vote answers without checking the facts or providing adequate references. – not2qubit Feb 26 '14 at 15:49