[Cryptography] Data remanence on solid state storage
Joshua Marpet
Joshua.Marpet at guardedrisk.com
Wed Aug 21 17:16:50 EDT 2024
So, the answer is simple. Nope. You cannot trust any device that has an SSD
or spinning rust. I have personally worked cases where data was recovered
after being written over. I even worked a case where a dedicated backup
device was recovered at the platter level, and five previous companies data
was recovered in part or whole.
SSD's are worse, with wear-leveled blocks that get locked off once they've
undergone enough writes. Any data present when locked is locked "in".
This totally ignores the HPA/DCO questions, and other alternate
datastream possibilities. Now, can you use an encrypted filesystem? Wipe
your own keys? SURE!!! Go to town!
But metadata may still remain, and it may still be "interesting". Besides,
when you decrypt your filesystem, and USE the data, decrypted/plaintext
chunks of data may get locked in to a writelocked wear leveled cell. Oops.
Long story short, I am going to curmudgeon this and say, if you care about
your data, care enough to sledge the very best. Destroy that sucker.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20240821/1fce83be/attachment.htm>
More information about the cryptography
mailing list