[Cryptography] Data remanence on solid state storage
Tom Mitchell
mitch at niftyegg.com
Sat Aug 17 16:12:23 EDT 2024
On Wed, Aug 7, 2024 at 2:46 PM Justin Goldberg <justgold79 at gmail.com> wrote:
> Does anyone have updated guidance or can point to a good study on data
> remanence with SSD storage?
>
> Also perhaps a study that includes successful recovery on the "faster"
> Secure Erase command, which afaict, has only been implemented on solid
> state disks and was the reason for it's creation.
>
The secure erase command is one NECESSARY aspect.
I have no secret secrets so I simply generate a block of random data and
with a script make a couple hundred thousand files to fill up the device
after loading a "different operating system" or hang it on another machine
that allows access to the raw device.
The command to wipe the disk would be off limits on any production machine
as it risks inadvertent instant total loss. It is a procedure at some
companies to store data encrypted with a special set of keys onto tape for
transport to "salt mine" storage. The loss during transport or recovery of
the physical tape is a risk that can be reduced by encryption. Customer
demands for erasure begin with destruction of the set of digital keys.
Test fixtures I built with others on a contract for Seagate DECADES ago
convinced me that writing 01010110 and 10101010 bits might still
find previous data recoverable in a lab. At the Fort in MD hammer and
currie point with a torch. Researchers always did the 0000's and 1111's
multi pass before transferring to security for physical destruction (as a
vendor this let us sell MORE devices ;-).
Know the value of your data; make good decisions.
I do not completely trust, do have processes with multiple steps and
checks.
--
T o m M i t c h e l l (on NiftyEgg[.]com )
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20240817/52927b04/attachment.htm>
More information about the cryptography
mailing list