Reliably Erasing Data From Flash-Based Solid State Drives

A somewhat scary bit of research has been done by Michael Wei, Laura M. Grupp, Frederick E. Spada, and Steven Swanson. They found that the current methods for clearing hard drives of their data (ie: removing of sensitive material or just clearing it for selling or handing down to someone else for example) doesn’t work for SSD (solid state drives), which are very commonly found as USB Thumb drives and more commonly shipping or being put into new systems in place of standard hard drives.

While sanitizing entire disks and individual files is well-understood for hard drives, flash-based solid state disks have a very different internal architecture, so it is unclear whether hard drive techniques will work for SSDs as well.

We empirically evaluate the effectiveness of hard drive-oriented techniques and of the SSDs’ built-in sanitization commands by extracting raw data from the SSD’s flash chips after applying these techniques and commands. Our results lead to three conclusions: First, built-in commands are effective, but manufacturers sometimes implement them incorrectly. Second, overwriting the entire visible address space of an SSD twice is usually, but not always, sufficient to sanitize the drive. Third, none of the existing hard drive-oriented techniques for individual file sanitization are effective on SSDs.

This third conclusion leads us to develop flash translation layer extensions that exploit the details of flash memory’s behavior to efficiently support file sanitization. Overall, we find that reliable SSD sanitization requires built-in, verifiable sanitize operations.

More information can be found as a Video, PDF or also a summary article at TheRegister