Hey guys,
I want to shred/sanitize my SSDs. If it was a normal harddrive I would stick to ShredOS / nwipe, but since SSD’s seem to be a little more complicated, I need your advice.
When reading through some posts in the internet, many people recommend using the software from the manufacturer for sanitizing. Currently I am using the SSD SN850X from Western digital, but I also have a SSD 990 PRO from Samsung. Both manufacturers don’t seem to have a specialized linux-compatible software to perform this kind of action.
How would be your approach to shred your SSD (without physically destroying it)?
~sp3ctre
I don’t see how attempting to over-write would help. The additional blocks are not addressable on the OS side.
ddwill exit because it reached the end of the visible device space but blocks will remain untouched internally.Where does it say that? Here it seems to support the opposite. The linked paper says that two passes worked “in most cases”, but the results are unreliable. On one drive they found 1GB of data to have survived 20 passes.
Sorry, it wasn’t the Arch wiki. It was this page.
I hate using Stack Exchange as a source of truth, but the Arch wiki references this discussion which points out that not all SSDs support “Deterministic read ZEROs after TRIM”, meaning a pure blkdiscard is not guaranteed to clear data (unless the device is advertised with that feature), leaving it available for forensics. Which means having to use
--secure, which is (also) not supported by all devices, which means having to use-z, which the previous source claims is equivalent todd if=/dev/zero.So the SSD is hiding extra, inaccessible, cells. How does
blkdiscardhelp? Either the blocks are accessible, or they aren’t. How are you getting a the hidden cells withblkdiscard? The paper you referenced does not mentionblkdiscarddirectly as that’s a Linux-specific command, but other references imply or state it’s just calling TRIM. That same paper, in a footnote below section 3.3, claims TRIM adds no reliable data security.It looks like - especially from that security paper - that the cells are inaccessible and not reliably clearable by any mechanism.
blkdiscardthen adds no security overdd, and I’d be interested to see whether, with-z, it’s any faster thanddsince it perforce would have to write zeros to all blocks just the same, rather than just marking them “discarded”.I feel that, unless you know the SDD supports secure trim, or you always use
-z,ddis safer, sinceblkdiscardcan give you a false sense of security, and TRIM adds no assurances about wiping those hidden cells.The idea is that
blkdiscardwill tell the SSD’s own controller to zero out everything. The controller can actually access all blocks regardless of what it exposes to your OS. But will it do it? Who knows?After reading all of this I would just do both… Each method fails in different ways so their sum might be better than either in isolation.
But the actual solution is to always encrypt all of your storage. Then you don’t have to worry about this mess.
Just to be clear,
blkdiscardalone does not zero out anything; it just marks blocks as empty.--securetells compatible drives to additionally wipe the blocks;-zactually zeros out the contents in the blocks likedddoes. The difference is that - without the secure or z options - the data is still in the cells.Yes! Although, I don’t think hindsight is helpful for OP.