I'm studying for an exam, that's why I don't need software for that purpose (which is what other questions I found on this topic provide) but an explanation.
The concrete questions I'm trying to answer are:
How can data securely be delete from a flash drive? What is the difference to deleting securely from a hard disk?
So far I thought the most secure way for both would be to overwrite the data (or physically destroy it), but considering these questions I assume the procedure is not the same.
It all depends on the OS you're using and the firmware used inside your SSD. There are two problems, frequently occurring.
When using windows, it has a function called Volume Shadow Copy Service (VSS). What this does, is keeping an extra copy of every file (indexed) on a different part of your "disk". If you're using cheap "secure" deletion software that doesn't recognize VSS, that may only deletes the main copy, so that there could be extra copies present on your disk.
Now, as you noticed, I didn't specify above what that disk was, but if it's an SSD that is emulating a normal HD, there is an additional problem. This is because SSD's cannot erase partial file blocks, only whole blocks, so every time you make a small change to a file, it just copies that/those block(s) to a new one and only deleting the inode of those blocks. This means that the data is still there after deletion, unless you issue the SSD a 'secure delete' command. However, this in turn depend on how well that is supported in both your OS and the SSD firmware.
Normally it should be enough with 1-2 over-write passes to securely delete anything, given that you are re-formatting the entire disk or those parts containing data. One method for accomplishing this is by formatting any disk with 0's and when erasing files, looking for non-zero regions, not part of an inode tree and write random data to those locations. Low Level Format!
