Slashdot Mirror

← Back to Stories (view on slashdot.org)

Confidential Data Not Safe On Solid State Disks

Posted by timothy on from the tim-wants-targets-you-want-privacy-win-win dept.

An anonymous reader writes "I always thought that the SSD was a questionable place to store private data. These researchers at UCSD's Non-Volatile Systems Laboratory have torn apart SSDs and have found remnant data even after running several open source and commerical secure erase tools. They've also proposed some changes to SSDs that would make them more secure. Makes you think twice about storing data on SSDs — once you put it on, getting it off isn't so easy."

5 of 376 comments (clear)

  1. How about by Anrego · · Score: 4, Insightful

    Encrypting it?

    Is taking data off really an issue anyway. If it's confidential data, destroy the disk when you need to dispose of it. Not repurposing or re-selling hardware with sensitive information on it sounds like a no-brainer.

  2. thermite will fix that by WhiteDragon · · Score: 4, Insightful

    Thermite will fix everything! [s/fix/destroy] :-)

    --
    Did you mount a military-grade, variable-focus MASER on an unlicensed artificial intelligence?
  3. truecrypt by SharpFang · · Score: 5, Insightful

    encrypt the data before writing. at no point in its existence will it appear anything but white noise to unauthorized parties.

    --
    45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
  4. Re:Treat it like any other secure system by Solandri · · Score: 5, Insightful

    From what I've seen, it's not the end-of-life disposal of drives which leads to this type of data leak. It's when a drive dies under warranty and you send it to the manufacturer for a replacement. Since it's non-functional, you can't erase it. Since you need to return it without any signs of abuse for a warranty replacement, you can't destroy it.

    The manufacturer usually just fixes it, and sells it as a refurb / sends it out as a replacement drive for others which have failed under warranty. They just do a quick format, or sometimes even don't bother formatting, before sending the fixed drive out. Meaning the new recipient of your old drive has all your data.

  5. Re:Nuke it from orbit by lgw · · Score: 4, Insightful

    TrueCrypt volume inside a TrueCrypt volume

    You, dawg, I heard you liked TrueCrypt.

    The headline should just read "Confidential data not safe on unencrypted disk". Modern hard drives also arean't as easy to 100% delete as one might think - once a sector gets "spared out" there's no easy way to delete it, and there will still be readible data there. That just happens a lot less frequently than SSD load/wear balancing.

    Of course, any media can be adequetly destroyed by shredding - if you really care, this isn't a problem to solve with software.

    --
    Socialism: a lie told by totalitarians and believed by fools.