Data Remains on USB and SSDs After Secure Erase

Discussion in 'privacy problems' started by redcell, Apr 3, 2011.

Thread Status:
Not open for further replies.
  1. redcell

    redcell Registered Member

    Sep 27, 2010
    Data Remains on USB and SSDs After Secure Erase

    Does anyone has any idea or program to wipe data on SSD effectively? It makes sense to give or sell my used iPhone to my own family members.
    Last edited: Apr 3, 2011
  2. x942

    x942 Guest

    For computers: DBAN works flawlessly. I have wiped several SSDs in the past with the NSA 7 wipe and guttmann wipe. After words nothing was recoverable through Helix Forensics Live CD or other recovery tools. I don't think the built in wipe with Mac OS X is that could as it does leave data untouched in certain areas while other programs do not have this issue.

    For iOS devices the restore functionality now does a FIPS certified wipe ( I would run it twice to be sure). If you are jail broken do this:
    open Cydia download iWipe (costs 99 cents) delete all your apps and messages etc. And then use iWipe toe zero free space.
    Now go to options general reset erase all content and settings.
    After that's done connect with iTunes and re activate the device to be 100% sure you may want to rejail brake and run iWipe on the fresh device.


    For what it's worth iOS devices are encrypted with a random key or one based on your password if it is set. As long as the device is on that information can be accessed via computer however during the erase it wipes the key making recovery impossible.
  3. J_L

    J_L Registered Member

    Nov 6, 2009
    What about TRIM for SSD?
  4. caspian

    caspian Registered Member

    Jun 17, 2007
    What if you put a huge truecrypt folder on it. Almost enough to cover the entire USB stick. And then just delete the folder. Would that overwrite that space?
  5. pharkit

    pharkit Registered Member

    Apr 8, 2011
    It wouldnt make any difference if the file you put on the drive was encrypted or not. What matters is whether it successfully overwrites the previously deleted files.

    Does anyone know how reliable Eraser is in these matters??
  6. x942

    x942 Guest

    Eraser has become unreliable. the latest versions don't even run properly on windows 7 (for me at least). I recommend using file shredder (the free ware one not the shareware by the same name). It works well is free and very similar to eraser. I have used it on SSD's and couldn't recover anything besides the occasional (1 or 2) filenames. Also just because the tool says it is recoverable doesn't mean it is. I wiped out my 16 GB USB drive and my Helix live CD and Recuvra (Spelling?) still said the MP3 on it was recoverable. BUT attempting to play back the "recovered" file failed with a "this file is corrupted" message.
  7. CloneRanger

    CloneRanger Registered Member

    Jan 4, 2006
    Here's a thought !

    Say you have a blank for eg 8Gb USB device and you record/delete and over time fill it up completely with various stuff . Until it was fully recorded onto, "apparently" deleted stuff/file names etc could be recovered, in part and/or whole. But as it's now full that is now impossible. So it must be capable of correctly deleting data when it needs to. In which case why can't it before it's full ?

    Same idea i'm applying to all solid state memory devices.
  8. x942

    x942 Guest

    This is what I do. I use CCleaner and file shredder for day to day wiping and my HDD is encrypted so if a little bit is left it is not a huge deal. On top of that I have a "special partition" that is essential DBAN with grub set to auto wipe :D If I ever need to wipe my HDD in a hurry I can!
  9. Enigm

    Enigm Registered Member

    Dec 11, 2008
    Yes .. You need to let the controller of the NAND-RAM storage-device do a security-erase .
    The reason is that 'partitions', 'sectors' etc etc on NAND-RAM devices don't actually exist as physical locations like they do on a traditional HDD . Only the controller can access the physical location and to complicate things, the actual location can be re-mapped at any time by wear-leveling ..

    To do that you will probably need to find the 'Mass Production Tool' for the storage-controller, all though a few SSD's (usually 'Enterprise'-class devices) allow you to do it via 'normal' ATA security-set commands, or a vendor-supplied application .. A few of the expensive SSD's can just put 1 volt over all cells, more or less at the same time, making the process almost instantaneous ..

    Also note that certain Sandforce-controllers ALWAYS encrypt the data, in that case this may actually not even be a problem !
  10. Goggles

    Goggles Registered Member

    Apr 18, 2011
    Additional information related to the article.
    There also seems to be some variation from manufacturer to manufacturer.
Thread Status:
Not open for further replies.