Slashdot Mirror
Confidential Data Not Safe On Solid State Disks
An anonymous reader writes "I always thought that the SSD was a questionable place to store private data. These researchers at UCSD's Non-Volatile Systems Laboratory have torn apart SSDs and have found remnant data even after running several open source and commerical secure erase tools. They've also proposed some changes to SSDs that would make them more secure. Makes you think twice about storing data on SSDs — once you put it on, getting it off isn't so easy."
Encrypting it?
Is taking data off really an issue anyway. If it's confidential data, destroy the disk when you need to dispose of it. Not repurposing or re-selling hardware with sensitive information on it sounds like a no-brainer.
I know OCZ has its own wipe utility and I believe intel too. Using wiping software designed for mechanical disks makes absolutely no sense and the results from this study are 100% predictable. Oh your Gutmann wipe pattern for circa1991 MFM drives doesn't wipe SSDs? You don't say! If you needed to securely wipe one, use the proper tool.
That said, it would be nice if there was some standard way of doing this.
Thermite will fix everything! [s/fix/destroy] :-)
Did you mount a military-grade, variable-focus MASER on an unlicensed artificial intelligence?
encrypt the data before writing. at no point in its existence will it appear anything but white noise to unauthorized parties.
45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
From what I've seen, it's not the end-of-life disposal of drives which leads to this type of data leak. It's when a drive dies under warranty and you send it to the manufacturer for a replacement. Since it's non-functional, you can't erase it. Since you need to return it without any signs of abuse for a warranty replacement, you can't destroy it.
The manufacturer usually just fixes it, and sells it as a refurb / sends it out as a replacement drive for others which have failed under warranty. They just do a quick format, or sometimes even don't bother formatting, before sending the fixed drive out. Meaning the new recipient of your old drive has all your data.
The lack of security of SSD's is not new! So unoriginal, in fact, that Truecrypt.org doesn't even recommend that you encrypt an SSD drive!
I challenge anyone to find my MicroSD card. I've conducted extensive security audits to verify that no attacker, even one with inside information, can gain electronic or physical access to the disc.
Block storage devices have more capacity than they report. Magnetic disks keep a small reserve of unallocated blocks as a hedge against blocks that fail in use. SSDs keep a much larger reserve because they can only erase in increments that are relatively large compared to their block size.
If you overwrite a sector on a magnetic disk, you will almost always destroy all traces of the old data. The exception is when the drive thinks the old sector has failed or is about to fail, in which case you get an entirely new sector, and your old data is still (possibly) on the old sector. Attacks using magnetic force microscopes to read data from track fringes were possible a decade ago, but there is no reason to think it is possible on a modern drive.
If you overwrite a sector on a SSD, the SSD gives you a whole new block from a list of free blocks, and adds the address of the old block to the list of deleted blocks. Blocks are moved from the deleted list to the free list when the SSD has some free time, or when one is really needed. There is currently no mechanism to force the SSD to actually erase a sector.
This is all known, and there are mechanisms built into the specs to provide a secure erase. What their research is showing, however, is that these mechanisms don't always work. A number of them are buggy, and at least one just plain lies, claiming to have done the secure erase, but actually just doing the normal pointer update trick just like any other write.
See that "Preview" button?
It IS pretty much impossible, but that's not going to stop people from perpetuating the wive's tale for decades to come.
I actually have seen Magnetic Force Microscopy used as a tech demo to image the bits on a floppy disk. I asked the process owner if it could be used to extract data, and he just rolled his eyes. He said that besides the issues with modern hard drives having bits that are orders of magnitude smaller both in size and in magnetization, it's just impractical to extract any data, which should be obvious since it takes like 10 minutes to image a handful of bits. A handful of bits that could mean anything, and be anywhere on the disk platter, and anywhere in the file system, and which could represent erased or scrambled or encypted data anyway. I think the idea that you could go beyond even that and divine what bits were written "UNDER" the current ones is just fantasy. I have heard rumors that NSA has made purchases of a large quantity of scanning probe microscopes for this purpose, but they could have just been buying some for testing...manufacturing volume for scanning probe microscopes is such that an order of a half-dozen of them would be an overwhelmingly large order.
TrueCrypt volume inside a TrueCrypt volume
You, dawg, I heard you liked TrueCrypt.
The headline should just read "Confidential data not safe on unencrypted disk". Modern hard drives also arean't as easy to 100% delete as one might think - once a sector gets "spared out" there's no easy way to delete it, and there will still be readible data there. That just happens a lot less frequently than SSD load/wear balancing.
Of course, any media can be adequetly destroyed by shredding - if you really care, this isn't a problem to solve with software.
Socialism: a lie told by totalitarians and believed by fools.
This is when you tell us he re-assembled it, loaded up some Linux Drive Recovery program and pulled all the data to safety, right?
-=This sig has nothing to do with my comment. Move along now=-