Stories
Slash Boxes
Comments

SoylentNews is people

posted by mrpg on Friday March 17 2017, @05:14AM   Printer-friendly
from the encrypt-for-the-win dept.

How do you destroy an SSD?

First, let's focus on some "dont's." These are tried and true methods used to make sure that your data is unrecoverable from spinning hard disk drives. But these don't carry over to the SSD world.

Degaussing – applying a very strong magnet – has been an accepted method for erasing data off of magnetic media like spinning hard drives for decades. But it doesn't work on SSDs. SSDs don't store data magnetically, so applying a strong magnetic field won't do anything.

Spinning hard drives are also susceptible to physical damage, so some folks take a hammer and nail or even a drill to the hard drive and pound holes through the top. That's an almost surefire way to make sure your data won't be read by anyone else. But inside an SSD chassis that looks like a 2.5-inch hard disk drive is actually just a series of memory chips. Drilling holes into the case may not do much, or may only damage a few of the chips. So that's off the table too.

Erasing free space or reformatting a drive by rewriting it zeroes is an effective way to clear data off on a hard drive, but not so much on an SSD. In fact, in a recent update to its Mac Disk Utility, Apple removed the secure erase feature altogether because they say it isn't necessary. So what's the best way to make sure your data is unrecoverable?


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1) by anubi on Friday March 17 2017, @05:49AM (3 children)

    by anubi (2828) on Friday March 17 2017, @05:49AM (#480237) Journal
    --
    "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
  • (Score: 3, Interesting) by Azuma Hazuki on Friday March 17 2017, @06:02AM (2 children)

    by Azuma Hazuki (5086) on Friday March 17 2017, @06:02AM (#480240) Journal

    DBAN just writes lots and lots of data. As was mentioned upthread, SSDs' internal wear-leveling algorithms will just think of the incoming bitstorm as a massive but intended load and distribute it across the flash cells as best they can. Theoretically, if you were to write petabytes upon petabytes of data to the drive, you could wear the cells out, but I'm not sure that would make them entirely unreadable.

    The best thing to do is to open the drive housing and destroy the NAND chips themselves. Puncturing them with a sharp tool should do it; the earlier poster's suggestion of firearms is rather excessive. If you have someone after you who has the tools and motive to read the data off the punctured NAND dice anyway, they likely already have what information they want.

    --
    I am "that girl" your mother warned you about...
    • (Score: 0) by Anonymous Coward on Friday March 17 2017, @03:26PM

      by Anonymous Coward on Friday March 17 2017, @03:26PM (#480447)

      DBAN just writes lots and lots of data. As was mentioned upthread, SSDs' internal wear-leveling algorithms will just think of the incoming bitstorm as a massive but intended load and distribute it across the flash cells as best they can.

      Well, that's the idea -- you don't need to wear the flash out, just make sure the wear-leveling algorithm has redistributed those writes to all parts of the flash, including the initially spare blocks. Depending on the details of the SSD's wear-leveling algorithm, and the SSD's previous write history, a few terabytes might be enough. The problem is, SSDs being black boxes, there's no practical way to verify that this has happened, at least none easier than physical damage. (Firearms are excessive, but they're also fun -- YMMV.)

    • (Score: 1) by Soylentbob on Friday March 17 2017, @04:25PM

      by Soylentbob (6519) on Friday March 17 2017, @04:25PM (#480487)

      The main problem with SSDs should be the fimware, which redirects write access to specific locations on the disk. Therefore tools like wipe will not work reliably.

      By completely filling the remaining space of the disk, the blocks marked "unused" should all be overwritten once the capacity limit is reached, except for the excess-storage used for wear-reduction. After deleting the fake file, and again filling it, the same algorithms should now favour the previously spared blocks, and it should be reasonably safe to assume the data to be actually deleted. (Maybe more than two iterations are required, but for previously spared blocks the likelyhood to be selected should increase over time.)

      Of course, having the disk encrypted in the first place, and maybe use the vendor-encryption on top of an OS based encryption, would give some additional security in case one suspects foul-play on the part of the vendor.

      For the final destruction, I would assume that a microwave is a more efficient solution to destroy the circuitry on the chip (once the outer metal-casing is removed).