If This Is TRIM, DBAN Should Work

-1

2

I am informed that drive wiping tools do not work reliably on SSDs due to such features as wear leveling. Here, for example, a quote from MakeUseOf:

[T]o comply with wear levelling, the SSD must constantly move data around the drive to ensure all blocks are worn at an equal rate. Using a secure “file shredder” to overwrite a specific file or folder many numbers of times is not going to work, because the drive writes all new incoming data to various different blocks, depending on its needs. Only the drive knows where this data is written . . . .

But explanations of TRIM seem to indicate that, in fact, only the OS knows where the data is written. For instance, Wikipedia says,

The TRIM command enables an operating system to notify the SSD of pages which no longer contain valid data.

These accounts seem to conflict. If the OS knows where valid data is located, then presumably the OS also knows where invalid data is located. In that case, the OS should be able to inform a drive wiping program of the blocks needing to be erased. Then, contra MakeUseOf, a file shredder should work.

What am I missing?

Ray Woodcock

Posted 2018-03-28T03:21:24.183

Reputation: 363

"What am I missing?" -- You're conflating the two layers that the SSD firmware deals with: the layer with logical sectors that the host OS uses and the lower layer of flash blocks and pages. You the user or the OS never knows exactly what is going on at that lower layer, i.e. where a "sector" is actually mapped in flash. – sawdust – 2018-03-28T05:56:04.097

There is a layer between the SSD flash blocks and the OS that the SSD uses to translate "logical" OS block addresses into flash block addresses. The OS has no visibility of this layer and so has no idea where a physical block is on the SSD. https://superuser.com/a/901521/19943

– Mokubai – 2018-03-28T06:07:29.590

Two questions: (1) Why did this question get downvotes? and (2) Why do people sometimes answer questions by providing comments (i.e., here) instead of posting them as answers? (My reply to Mokubai's comment appears below.) – Ray Woodcock – 2018-03-28T18:03:21.283

Answers

0

There are a couple of different things at play, and some wrong information.

The SSD does, indeed move data arround. This happens at a level underneath the OS, and the SSD presents, more or less, as a regular hard drive - is the SSD firmware tracks these changes regardless of OS.

On the other hand, multiple overwrites with something like DBAN ARE likely to overwrite data so it can't be recovered (except for cells marked bad) which are not actually bad. Crucially, however, because of over provisioning you need to overwrite with more then 1 pass, and no one will guarantee you everything will be overwritten .

You should use Full Disk Encryption in future to avoid this conundrum (also seeif your drive supports secure erase which will also wipe everything securely)

davidgo

Posted 2018-03-28T03:21:24.183

Reputation: 49 152

Note that TRIM works from OS -> SSD to help the SSD with block management - not the other way arround. – davidgo – 2018-03-28T05:10:25.670

The OS (specifically the file system system) knows where things are in terms of logical block addresses, just as it does for any modern hard drive. The the SSD's firmware maintains a table of mappings of LBAs to actual locations within "pages" in the semiconductor media. If it "moves data around" this changes where LBAs are stored, but the LBAs are unchanged. A TRIM command tells the SSD to "forget about" a span of LBAs. This does not necessarily overwrite anything but it will cause the SSD to return zeroes when those LBAs are read unless they are subsequently written with something else. – Jamie Hanrahan – 2018-03-28T16:11:52.990

I wasn't concerned about drive security. I was just using DBAN as an example of a tool that wants to access specific sectors.

Apparently Wikipedia's phrasing is incorrect: the OS cannot give the SSD information regarding specific pages, because the OS does not have information about SSD pages.

But I'm not sure these replies answer the question. A DBAN-like program could equally well tell the FTL (thanks to Mokubai for that link) to overwrite the block corresponding to LBA no. 1008, for instance, wherever it happens to be. – Ray Woodcock – 2018-03-28T18:01:35.990

1If our responses - which are similar - don't answer your question - please reword your question to better clarify what you are asking. The Wikipedia answer is correct - the IS can not directly access pages on the SSD - the OS can tell the FTL to overwrite a particular block. The FTL will say "ok" but it won't actually overwrite the page representing that block - it will write the data to a different page, and make a note that anytime that block is requested it should get it from the new page. – davidgo – 2018-03-28T18:16:49.273

Thus it's possible to do block operations, but it is not possible to guarantee where the data is physically stored on the chips. – davidgo – 2018-03-28T18:18:25.243

(1) Pages don't "represent" blocks, do they? (2) Consider the Wikipedia quote (above) with this from Digital Citizen: "the TRIM command immediately wipes the pages or blocks where the files are stored." It still seems something like DBAN should be feasible. (How do you add links in comments here? Digital Citizen quote is from https://www.digitalcitizen.life/simple-questions-what-trim-ssds-why-it-useful)

– Ray Woodcock – 2018-03-28T19:43:05.627

What do you mean by "represent"? The whole thing we are trying to explain is that the OS sees blocks, the SSD works with pages and FTL translates between blocks and pages - so blocks represent pages, but there is not a 1:1 mapping between blocks and pages. Note also that SSDs are overprovisioned so there are more pages then blocks. What are you actually trying to achieve ? – davidgo – 2018-03-28T19:52:32.390

Davidgo - I appreciate your attempts to help, but you seem confused. You referred to "the page representing that block" and, now, to "mapping between blocks and pages." Both blocks and pages are features of SSD memory, right? To illustrate: you didn't answer the question about adding links, so I'll have to give you the long version: see Mokubai's link (above): https://superuser.com/a/901521/19943. I think you may mean clusters? I guess they call those blocks too?

– Ray Woodcock – 2018-03-28T20:46:30.207

It is not me that is confused. The SSD uses pages to store data, the FTL manages pages and makes appropriate pages appear as blocks to the Operating system. As stated there is a relationship between pages and blocks, but its not a 1:1 relationship, as a the page represented by a block changes when the block is overwritten. – davidgo – 2018-03-28T20:53:01.723

Could someone else help here? Davidgo is not responding to the questions I am presenting and the explanations I am providing. – Ray Woodcock – 2018-03-28T21:21:47.760

@RayWoodcock - your questions are unclear, and you have not explained anything. The upvote to my earlier comment should emphasize to you that the question you have asked is unclear and needs to be reworded to show where your confusion lies. Maybe you should tell us your understanding of how it fits together so we can actually determine what you are missing. Also, can you unambiguously state the question you are presenting. (The link to the answer to another question is not an explanation to your problem - and indeed I took to using the terms of that answer as the basis to help you) – davidgo – 2018-03-28T21:28:06.257

Davidgo - I've already stated things clearly. If you're interested in helping, by all means read and respond to what I've written. Otherwise, never mind -- I'll try a different forum. – Ray Woodcock – 2018-03-28T21:31:02.910

Asked: 2018-03-28T03:21:24.183

Viewed: 154 times

Active: 2018-03-28T05:09:30.947