Wear-leveling privacy risk and SSDs?

Discussion in 'privacy technology' started by Tipsy, Aug 28, 2013.

Thread Status:
Not open for further replies.
  1. Tipsy

    Tipsy Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    207
    What is current thinking about privacy risk of SSDs and other flash-based drives, compared to disk HDDs?

    You can easily overwrite sectors with zeros or garbage on disk HDD to secure erase files, but with SSDs and wear-leveling is it possible to get all the bits of data? And consider effect of constantly writing secure-erase data on lifespan of SSDs.

    There was a lot of discussion about this when the SSDs were newer maybe 3 or 4 years ago.
    But with improved SSD technology, what is current feeling?

    I am thinking for next laptop to get SSD internal drive, but maybe security-wise it is not such a good idea.
     
  2. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    SSD's TRIM or 'Wear Level' by overwriting any deleted data with (I think) zero's...letting the controller know that the cell is ready to be written to again. So that in itself is better than HDD's just removing the pointer to the file in the file system. But supposedly, you can't guarantee that any secure deletion tool will get all the bits, or if the controller will swap cells out, so that is a downside. Now HDD's can do the same if they come across bad sectors (swap out)...and you can't get to those either unless you use something like BCWipe Total Wipeout.

    There is this: -http://news.techworld.com/security/3263093/ssd-fimware-destroys-digital-evidence-researchers-find/-

    As usual, fully encrypting a brand new SSD before use, should eliminate any worries.

    I use BCWipe with Transparent Wiping and haven't noticed any decreased life on a Vertex 2 yet.

    The TC docs caution against SSDs, but the experts in the forum see no problem with SSDs.

    It's an interesting topic for sure, and I'd like to see a definitive study done with current hardware.

    PD
     
  3. Tipsy

    Tipsy Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    207
    Actually, what I am more worried about is something that is mention in another article that there is a link to in the article you link to.

    http://news.techworld.com/storage/3262210/ssd-drives-difficult-to-wipe-securely-researchers-find/

    I am not worry so much about secure erasing / reformatting a whole SSD. I am concern about leaving traces of data behind when I try to secure erase just individual files, not the whole SSD.
     
  4. JackmanG

    JackmanG Former Poster

    Joined:
    May 21, 2013
    Posts:
    284
    But with FDE, neither of those scenarios (reformatting a whole SSD, secure erase individual files) should pose a threat...or am I forgetting something?
     
  5. Tipsy

    Tipsy Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    207
    This is true. But best security has more than one layer.

    If you make everything depend on only the encryption, then if the encryption is broken or if the computer is access while running, the data is vulnerable.
     
  6. Enigm

    Enigm Registered Member

    Joined:
    Dec 11, 2008
    Posts:
    188
    I can recommend reading this :
    Abstract : TRIM is 'secure delete' ..
     
  7. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
  8. mike19

    mike19 Registered Member

    Joined:
    Sep 1, 2013
    Posts:
    1
    Location:
    USA
    Would Secure wiping with the Gutnam method, then installing a new OS, and then encrypting before writing any new information achieve the same effect?
     
  9. Enigm

    Enigm Registered Member

    Joined:
    Dec 11, 2008
    Posts:
    188
    What's wrong with using the SSD's built-in 'secure erase' ?

    35 Gutmann-passes is pointless, also on SSD's ...
     
  10. Tipsy

    Tipsy Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    207
    Interesting informations.
    The King article show that which OS you use is very important. Windows 7 support TRIM so the SSDs with Windows 7 wiped the files. Windows XP and Ubuntu (King article from 2011) did not!
    The Gubanov article (from October 2012) also says "SSDs self-destroy court evidence, making it difficult to extract deleted files and destroyed information (e.g. from formatted disks) close to impossible. . .Old versions of Windows, Mac OS and Linux do not support SSD's garbage collection mechanisms, and are also exceptions."
    So SSDs might be more secure in some way than disk HDD, but only if you use the right OS!

    Also, the Gubanov article mention how encryption software can hide the data from the TRIM command. "Somewhat counter-intuitively, information deleted from certain types of encrypted volumes (some configurations of BitLocker, TrueCrypt, PGP and other containers.) may be easier to recover as it may not be affected by the TRIM command. Files deleted from such encrypted volumes stored on an SSD drive can be recovered (unless they were specifically wiped by the user) if the investigator knows either the original password or binary decryption keys for the volume." And TRIM does not work fully in Windows if not using NTFS file system.

    The King article (again 2011, so maybe it is different now) also show that success of data recovery depend on which SSD being used. They are not equal!
    The Corsair, Crucial and OCZ SSDs even with TRIM did not completely erase all the data but the Intel SSDs with TRIM did.

    The King article also show data recovery was much more easy for small size files (900kB) than for large size files (650MB).
     
  11. Tipsy

    Tipsy Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    207
    Anyone know if most of the popular linux distro today fully support TRIM?
    Like Ubuntu, Mint and for security TAILS and Liberte?
     
  12. Tipsy

    Tipsy Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    207
    Seems default Linux does not support TRIM.
    In Ubuntu, user has to activate TRIM or it is not working.
    http://ubuntuforums.org/showthread.php?t=2106852

    TAILS Linux has warnings that secure erase maybe is not reliable on SSDs and USB flash drives.

    https://tails.boum.org/doc/encryption_and_privacy/secure_deletion/index.en.html
     
  13. Tipsy

    Tipsy Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    207
    I am surprise this subject does not receive more attentions.
     
Loading...
Thread Status:
Not open for further replies.