[cryptography] Deleting data on a flash?

Moritz moritz at headstrong.de
Mon Sep 23 04:26:42 EDT 2013


On 09/23/2013 10:02 AM, ianG wrote:
>> The issue is that it's pretty much impossible to delete data securely
>> from a flash device.
> Why is that?

The flash memory controller hides the real storage cells from you and
spreads writes across all cells equally for wear-leveling. You cannot
directly access the cells. Some SSDs have a secure erase option, but you
never know if it is properly implemented, and you can only use it to
wipe the complete drive.

https://www.schneier.com/blog/archives/2011/03/erasing_data_fr.html

[...] Our results lead to three conclusions: First, built-in commands
are effective, but manufacturers sometimes implement them incorrectly.
Second, overwriting the entire visible address space of an SSD twice is
usually, but not always, sufficient to sanitize the drive. Third, none
of the existing hard drive-oriented techniques for individual file
sanitization are effective on SSDs.

--Mo


More information about the cryptography mailing list