Friday, August 1, 2014

security - How to securely delete files stored on a SSD?


From a (very long, but definitely worth to read) article on SSDs:



When you delete a file in your OS, there is no reaction from either a hard drive or SSD. It isn’t until you overwrite the sector (on a hard drive) or page (on a SSD) that you actually lose the data. File recovery programs use this property to their advantage and that’s how they help you recover deleted files.


The key distinction between HDDs and SSDs however is what happens when you overwrite a file. While a HDD can simply write the new data to the same sector, a SSD will allocate a new (or previously used) page for the overwritten data. The page that contains the now invalid data will simply be marked as invalid and at some point it’ll get erased.



So, what would be the best way to securely erase files stored on a SSD? Overwriting with random data as we are used to from hard disks (e.g. using the "shred" utility) won't work unless you overwrite the WHOLE drive...


Answer



As stated by @teabot using full disk encryption software will circumvent the issue of secure deletion because you don't have to any more. However, as stated in a related question, this will have huge performance impacts because this prevents a lot of the controller's features like compression and TRIM and has been reported to decrease the performance up to a level where a normal hard disk is faster then the expensive SSD. For SandForce-based devices, there is a better solution: Those devices do AES encryption by default and the key will be wiped when you use the ATA secure delete feature, making all data unaccessible unless the attacker can break AES (128bit for current, 256bit for the new drives released in march 2011).


No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...