4 Apr
2022
4 Apr
'22
7:34 a.m.
Good data Paul! SSD's are a different beast, if you're going to put data
on them that you do not want recovered I would recommend encrypting the
drive before using it, then when done delete/destroy the key. That
should turn your drive into a useless (but format-able) chunk of silicon.
C
On 4/4/2022 8:28 AM, Paul Koning via cctalk wrote:
SSDs are a different story entirely because there you
don't write over the actual data; instead a write updates internal metadata saying
where the most recent version of block number xyz lives. So, given that you tend to have
a fair amount (10 or 20 percent if not more) of "spare space" in the SSD,
previous data are likely to be hanging around. I suspect if you write long enough you
could traverse all that, but how to do that depends on the internals of the firmware.
That's likely to be confidential and may not even be reliably known.
There are SSD SEDs. If designed correctly those would give you cryptographically strong
security and "instant erase". Not all disk designers know how to do these
designs correctly. If I needed an SED (of any kind) I'd insist on a detailed
disclosure of its keying and key management. Prying that out of manyfacturers is hard.
I've done it, but it may be that my employer's name and unit volume was a factor.