1
1
I know that when files are deleted they aren't really completely erased. The drive just says hey this space is free and you can overwrite it. With programs like Boot and Nuke and Eraser .etc. you can write over those sections with random bytes.
How does this process differ with SSDs? Does trimming the drive with disk optimizer remove the files completely?
Alex
Posted 2018-01-18T09:00:50.970
Reputation: 133
2
SSD flash memory cannot overwrite existing data in a classic manner. In an HDD system, the Operating System can request that new data be written to the same location where data is already stored, and the drive will directly overwrite the old data (magnetically). In an SSD, however, the target area must first be erased before it can be written to locations previously holding data. This is happening because of the internal structure. Flash memory is divided into blocks, sub-divided in pages. Data can be written directly into an empty page, but only whole blocks can be erased. So if you want to erase some of the data in a block, the rest of the data will be copied to another and the initial block will be erased or marked usable/empty.
The process is handled by FTL (flash translation layer) which has to do something like this when you change a very small amount of data: read one whole physical block (which let's say contains 64 pages - it can be up to 256), replace what you edited (let's say 4 pages) while keeping the rest intact (60 pages), erase a new block somewhere on the device and finally write the new set of 64 pages on that block.
TRIM support enables the old blocks to be considered empty, even if they have not been erased yet, which improves endurance.
The result of all that is that physically, some data still exists in marked-as-empty blocks and may be theoretically recovered by special means.
But this also simplifies a lot free space erase. You can just make a self-expanding file to occupy all space or copy any random data just to reach 0 free space and at that point all your previous blocks are practically irreversibly erased.
If you want to completely wipe the drive, you can use any tool supporting ATA Secure Erase, which electrically nullifies all data in the blocks. The tools are vendor specific (Corsair SSD Toolbox, OCZ Toolbox, Intel Solid State Toolbox, Samsung Magician Software). These essentially set all available blocks to the “erase” state (electrically), which is what TRIM uses for garbage collection purposes (and with which erases the blocks with before usage). The blocks remain empty with no information on their initial content.
So, to clean an SSD you just have to follow one rule: use all it's space for something. If a simple copy-a-big-file seems strange, you can always create an encrypted partition taking all the space, copy data there, then erase it and re-create it. But taking all the space with junk data is enough for a complete clean-up.
Overmind
Posted 2018-01-18T09:00:50.970
Reputation: 8 562
Interesting. The large file writes and subsequent deleting is an interesting idea. Just for clarity, it seems as though if we know where the file is (pre-deletion), we can just overwrite it with random bytes effectively corrupting it and then we can delete it at which point it doesn't really matter what the SSD does with it. Is there something in the method of action here that I am missing? Otherwise I find it strange that tools for this sort of thing don't exist. – Alex – 2018-01-28T07:17:49.630
Even if you know where the file pieces are located, the SDD won't overwrite those, it will write in other locations when the file is edited. So that's why all free space should be overwritten to clear remnants (and this needs no special tool). If the SSD does this entirely by it's own design rules, may won't allow external tools to know the exact location of the information (so no tools can be developed as such, but this may vary from one manufacturer to another). – Overmind – 2018-01-29T06:06:18.423
What? Did you even read my question? – Alex – 2018-01-18T21:44:31.723
The logic is: if you have TRIM working, your erase is secure by default. – Overmind – 2018-01-23T06:18:44.417
I've read otherwise. So some more concrete information is preferred over conjecture. – Alex – 2018-01-23T08:19:10.583
Looks like the initial dupe link was to another question than intended. I'll detail things in an answer. – Overmind – 2018-01-23T08:55:59.400