Re: Wiping hard drives
On Wed, Sep 14, 2011 at 09:55, Aaron Toponce <aaron.toponce@gmail.com> wrote:
> On Wed, Sep 14, 2011 at 09:02:42AM -0400, shawn wilson wrote:
>> On Sep 14, 2011 8:51 AM, "Robert Parker" <rlp1938@gmail.com> wrote:
>> > What's wrong with dd if=/dev/zero of=/dev/sdX for SSDs?
>>
>> Well, I remember hearing that data is recoverable to some degree unless the
>> media is destroyed. Is there no trace of a bit being stored after it is 0'd
>> out on an ssd?
>
> With regards to spinning platters, it's FUD. Today's drive densities are so
> great, that there is no room for the actuator to "jitter" the data off the
> track, as was problematic with drives in the early '90s and earlier. If the
> actuator doesn't put the data _exactly_ where it was last time, you could
> suffer data loss. So, writing a single pass of zeros will overwrite every
> bit, and there will be no "left-over" data that can be determined as to
> what was overwritten.
>
i sorta believe this. otoh, most of the places here in dc don't seem
to believe this. most places have a data assurance policy that
involves removing the face plate from the hdd (for rma purposes) and
shredding or compressing the disc (some places degauss, but i haven't
seen anyone do this for 2+ years now).
so, your argument is that this policy is because of fud?
> With SSDs, it's a different story. We've had HDD secure erasing solved for
> ages, but SSDs appear to be problematic. The same methods you would use for
> securely erasing an HDD should not be the same you use on an SSD (or any
> solid state media, such as USB thumb disks for that matter).
>
> Ars Technica ran two "Ask Ars" articles that pretty much explain the
> problem we are facing with SSDs:
>
>
> http://arstechnica.com/ask-ars/2011/01/askars-solid-state-drives-and-garbage-collection.ars
> http://arstechnica.com/ask-ars/2011/03/ask-ars-how-can-i-safely-erase-the-data-from-my-ssd-drive.ars
>
ok, yeah, i remember hearing about this. good read though. however,
this leaves the question: how do you delete data on a ssd?
>> The other thing is ease of use. I'm not going to tell my grandmother 'type
>> dd of......' no, not happening. But, 'go get the drill and you should notice
>> a circle outlay; you want to drill through the disc a third off center of
>> that circle' - that, she can manage just fine.
>
> If your grandmother is running a GNU/Linux desktop, then she should have no
> problem pulling up a terminal and typing "dd if=/dev/...". Then again, just
> physically bending the platters is enough to prevent every data recovery
> organization out there to get to your data, unencrypted or not.
>
i think that was sorta my point - it doesn't matter who you are or
what you run. if i tell you to drill a hole and give a rough
description of where to drill, i think a kid or mentally deficient
person can handle this task. it's a no brainer :)
'run linux, drop down to cli, run this'... no! even for me - if i want
to get rid of a disc and make sure the data isn't read, i pop out the
drill and follow my own advice. reason - it's quicker and better than
waiting for dd to write to every block on the disc. and generally, if
i'm getting rid of a disc, i've got a half dozen stacked in a closet
that i am cleaning out and i'm not going to shove disc in computer,
run dd, wait, remove disc, shove disc in computer, run dd, wait.......
no! i'm going to: grab 2x4, grab drill, take disc, drill, take disc,
drill, take disc, drill, etc.
however, my point (more validated by ars) is that there doesn't seem
to be a good solution for ssd that doesn't involve some mechanism of
total destruction that isn't viable for most people. it seems that the
only good advise is to encrypt data. this isn't a very good option if
i'm running a db or san/nas on these discs (i suppose tpm might help
but there's still overhead with this afaik).
Reply to: