11

Will a "traditional" secure delete utility that overwrites physical sectors on a magnetic HDD work on an SSD, or will the SSD simply "remap" the sector to avoid the expensive delete operation and leave the data intact for an undetermined period?

ScottS
  • 213
  • 2
  • 6

3 Answers3

9

Short answer: overwriting sectors from outside the SSD, (for example, by using a "traditional" secure delete utility) does not guarantee that the underlying data will be deleted.

For more in-depth information, you might want to look at this presentation from some folks at UCSD who have been running experiments on this subject. See: http://cseweb.ucsd.edu/users/m3wei/assets/pdf/FMS-2010-Secure-Erase.pdf

Their data seems to say that:

  • Many current implementations of the "secure erase" command (a command to securely delete all of the data on an ATA device) do not work.
  • Techniques that try to overwrite just one file, or even all of the free space in an SSD, do not reliably destroy data.

Personally, I don't think you'll be able to securely delete an individual file on an SSD without some sort of firmware support inside the SSD that can track and overwrite all of the internal pages that have residual copies of the data.

Keith Smith
  • 769
  • 6
  • 6
6

Secure erase is built into the ATA spec, so you should be able to issue a secure erase command to your SSD device and let it take care of itself - that way you don't have to worry about whether or not the SSD is re-mapping sectors.

EEAA
  • 108,414
  • 18
  • 172
  • 242
  • 1
    Are there any options that don't involve erasing the whole drive? I'm looking to securely remove some files that held sensitive data without wiping everything else. – ScottS Nov 09 '10 at 02:45
  • SSD Drive do wear-leveling. That's almost impossible to secure delete something. – J-16 SDiZ Nov 09 '10 at 06:13
  • @J-16 ATA drive manufacturers, as part of implementing the ATA command set, build into their drives support for the ATA secure erase command, as documented in the page I linked to above. When issued this command, the SSD controller knows what it needs to do to complete a truly secure erase. Wear-leveling has nothing to do with this. In fact, other than issuing the secure erase command, the operating system doesn't need to know anything about what the device is actually doing to erase things. – EEAA Nov 09 '10 at 06:25
  • I was answering ScottS. SSD don't keep old used block data. – J-16 SDiZ Nov 09 '10 at 06:59
2

The behavior of SSD-unaware secure-delete utilities is not predictable. Whether or not the chipset on the drive will overwrite a specific flash cell, flag it for later TRIMing and leave it in place until later, or simply flag it 'dirty' and overwrite another clean sector entirely depends completely on the chipset in question. It varies from manufacturer to manufacturer and even within product lines based on the firmware being used.

I would not trust these utilities on SSDs, at least until they become SSD-aware.

sysadmin1138
  • 131,083
  • 18
  • 173
  • 296