Securely wipe a SSD?

[MRD]

Anyone know how to do a secure wipe on a SSD so you can resell it? It's not like it has military grade secrets on it, but I always wipe disks before I sell them, and I don't know how to do this with a SSD because of the wear leveling technology.

 

[mattspalace]

diskpart with the clean command should work fine. Or just format it without using the 'quick format' option.

 

[Mr Alpha]

Use the Secure Erase command. I think that merely formatting will not wipe the non-partitionable parts that are used as scratchpad for wear-leveling and such.

 

[MRD]

Formatting does not destroy data; data can easily be recovered from a delete or a format. I want something like DBAN. What is Secure Erase?

 

[Know Nuttin]

you can use hdd erase

 

[Mr Alpha]

What is Secure Erase?

It is part of the ATA spec. For SSDs most use it to put the SSD back in a new state but it was originally designed for exactly your need. It will irreversibly delete all data on the drive. It is similar to DBAN but without the paranoia. You can use HDD erase or hdparm to run it.

 

[Mpegger]

I'm not sure if those HDD eraser program will suffice either. They were made for normal mechanical HDDs, which do not have any hardware wear leveling, so they can easily just continually write to a drive in sequential order. That won't work on a SDD however because of the wear leveling. I think the only "secure" method of erasing a SDD is to write a random file the exact same size of the drive (right down to the last byte), multiple times which would prevent any wear leveling from taking place because the file size is too large to do so. But I dunno of any HDD eraser program which will do that for now.

 

[MRD]

Mr Alpha, I somehow have never heard of that, but I will definitely look into it. If it is implemented in hdparm, that would be really easy.

Mpegger, that's a lot of what I was thinking. Last time I had to send a drive back to the manufacturer for RMA I just did a cat /dev/urandom > /dev/sda (for non Linux people it just writes an endless string of random bytes to the drive until it runs out of space). That way you get all the space filled... even then though, I've heard there is a portion that the controller reserves for temporary use that may be unaffected. I wasn't that worried as it was going to the company, not some random guy on ebay, and I don't have anything all that secret, but I do have some things I'd be a bit concerned about. I think doing that though makes it hard enough that no one would bother for my info - it's just not that exciting.

Maybe if the hardware itself has to implement secure erase as part of the ata spec, that would be a solution? Worth looking into. I don't generally securely erase anything unless I'm dumping a drive.

 

[Mpegger]

Mpegger, that's a lot of what I was thinking. Last time I had to send a drive back to the manufacturer for RMA I just did a cat /dev/urandom > /dev/sda (for non Linux people it just writes an endless string of random bytes to the drive until it runs out of space). That way you get all the space filled... even then though, I've heard there is a portion that the controller reserves for temporary use that may be unaffected.

The is the problem I read about SSD concerning securely erasing them. There is always some extra space that is not shown to the system that is used if/when a cell goes bad. Its entirely controlled by the controller built into the SSD, so its not something that can be directly accessed afaik, and may or may be used as part of the available pool for wear leveling. Unless a program can directly access the controller on the SSD (which afaik is currently not possible/implemented in any shape or form), the only secure way is what I mentioned before; writing a file the exact same size as the available space of the drive, which would prevent any wear leveling from occurring, and do it multiple times to ensure that even the extra space is written to.

Thinking back, I think there was one (Windows) program which claimed to securely erase SSDs/Flash cards (which also have wear leveling), but I do not know what method is uses to do so (its payware so not something I looked any further into), but I doubt it was anything other then writing a single file the full size of the drive repeatedly.

Maybe if the hardware itself has to implement secure erase as part of the ata spec, that would be a solution? Worth looking into. I don't generally securely erase anything unless I'm dumping a drive.

From what I've read, SSD are abit more secure then mechanical HDD because of the fact it has a controller that takes care of wear leveling, although that still doesn't make it impossible to get data off a SDD, just more complicated. Since the data is normally not written sequentially, if you can get the data off the SSD, it'll be completely jumbled up into 4k clusters. Again, not impossible to get data off the SSD, just more complicated because of having to figure out what 4k clusters go with what and in which order. I think TRIM does add a "extra" layer of security, since some say that a SSD that uses TRIM, cannot have files recovered off of it.

I still think the best way is either having the drive encrypted. Less wear and tear on the drive, and no real need for any erasing since you can't recover anything from encrypted files.

[edit] Meant to type "cannot", not "can".[/edit]

 

[ratbuddy]

Mr Alpha, I somehow have never heard of that, but I will definitely look into it. If it is implemented in hdparm, that would be really easy.

Mpegger, that's a lot of what I was thinking. Last time I had to send a drive back to the manufacturer for RMA I just did a cat /dev/urandom > /dev/sda (for non Linux people it just writes an endless string of random bytes to the drive until it runs out of space). That way you get all the space filled... even then though, I've heard there is a portion that the controller reserves for temporary use that may be unaffected. I wasn't that worried as it was going to the company, not some random guy on ebay, and I don't have anything all that secret, but I do have some things I'd be a bit concerned about. I think doing that though makes it hard enough that no one would bother for my info - it's just not that exciting.

Maybe if the hardware itself has to implement secure erase as part of the ata spec, that would be a solution? Worth looking into. I don't generally securely erase anything unless I'm dumping a drive.

Yep, the SATA secure erase command is exactly what you need. Start here http://gparted.sourceforge.net/livecd.php and burn it or put it on a USB stick or whatever. There's a good and complete set of instructions for using hdparm at https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase

It will work on most any (if not all) modern SSDs, but if you have an older JMicron based drive like the OCZ Core/Core v2, it won't work. Anything newer should be fine.

 

[MRD]

It will work on most any (if not all) modern SSDs, but if you have an older JMicron based drive like the OCZ Core/Core v2, it won't work. Anything newer should be fine.

Grrrrr.... I have an OCZ Core v2.

 

[ratbuddy]

Grrrrr.... I have an OCZ Core v2.

Well, my loss of about 4 hours trying to get it to work is your gain - no SATA secure erase for you

 

[Mr Alpha]

The is the problem I read about SSD concerning securely erasing them. There is always some extra space that is not shown to the system that is used if/when a cell goes bad. Its entirely controlled by the controller built into the SSD, so its not something that can be directly accessed afaik, and may or may be used as part of the available pool for wear leveling. Unless a program can directly access the controller on the SSD (which afaik is currently not possible/implemented in any shape or form), the only secure way is what I mentioned before; writing a file the exact same size as the available space of the drive, which would prevent any wear leveling from occurring, and do it multiple times to ensure that even the extra space is written to.

Thinking back, I think there was one (Windows) program which claimed to securely erase SSDs/Flash cards (which also have wear leveling), but I do not know what method is uses to do so (its payware so not something I looked any further into), but I doubt it was anything other then writing a single file the full size of the drive repeatedly.



From what I've read, SSD are abit more secure then mechanical HDD because of the fact it has a controller that takes care of wear leveling, although that still doesn't make it impossible to get data off a SDD, just more complicated. Since the data is normally not written sequentially, if you can get the data off the SSD, it'll be completely jumbled up into 4k clusters. Again, not impossible to get data off the SSD, just more complicated because of having to figure out what 4k clusters go with what and in which order. I think TRIM does add a "extra" layer of security, since some say that a SSD that uses TRIM, cannot have files recovered off of it.

I still think the best way is either having the drive encrypted. Less wear and tear on the drive, and no real need for any erasing since you can't recover anything from encrypted files.

[edit] Meant to type "cannot", not "can".[/edit]

Secure Erase is not a program or algorithm that writes to the drive. It is a command that tells the drive to wipe itself. The whole point of it is to not only wipe the stuff you can write to but to wipe the stuff you can't directly access. Even if you can access it, the controller can and it is the controller that is doing the erasing.

Now, of course, this depends on the controller supporting the secure erase command, which a certain horrible JMicron controller doesn't. In that case you are relegated to writing lots of crap to it and prayer.