On 6/27/20 6:00 AM, David Christensen wrote:On 2020-06-26 18:25, David Wright wrote:There's still the problem of what one does about sensitive data if one has been rash enough to write it unencrypted onto an SSD. Would shred -n 1 be preferable? Not really, because that doesn't hit the ex-file areas. What then?The best option is to command the SSD firmware to do a "secure delete". Some SSD manufacturers provide utilities for doing this. Alternatively, it can be done from the command line with Linux.
On 2020-06-27 01:05, Admin4 wrote: > 1) backup your data to external usb drive > > 2) reinstall with encrypted enabled > > 3) restore dataThat process is likely to leave both host-accessible and hidden unencrypted blocks from the prior installation on the device.
> = a lot of unencrypted data get's overwritten (if user does not have a > lot of data, generate some X-D)"a lot" is not the same as "all". The ATA secure erase command is designed to erase all blocks, both host-accessible and hidden.
David