Forgot your password?
typodupeerror
Data Storage Privacy Security Hardware

Confidential Data Not Safe On Solid State Disks 376

Posted by timothy
from the tim-wants-targets-you-want-privacy-win-win dept.
An anonymous reader writes "I always thought that the SSD was a questionable place to store private data. These researchers at UCSD's Non-Volatile Systems Laboratory have torn apart SSDs and have found remnant data even after running several open source and commerical secure erase tools. They've also proposed some changes to SSDs that would make them more secure. Makes you think twice about storing data on SSDs — once you put it on, getting it off isn't so easy."
This discussion has been archived. No new comments can be posted.

Confidential Data Not Safe On Solid State Disks

Comments Filter:
  • by gad_zuki! (70830) on Thursday February 17, 2011 @04:19PM (#35236246)

    I know OCZ has its own wipe utility and I believe intel too. Using wiping software designed for mechanical disks makes absolutely no sense and the results from this study are 100% predictable. Oh your Gutmann wipe pattern for circa1991 MFM drives doesn't wipe SSDs? You don't say! If you needed to securely wipe one, use the proper tool.

    That said, it would be nice if there was some standard way of doing this.

  • by Zironic (1112127) on Thursday February 17, 2011 @04:27PM (#35236386)

    It's because the bits in the harddrive aren't actually binary but rather values that are intepreted as 1 or 0. For instance a value of 0.6 would be interpreted as 1 and 0.4 would be 0.

    This means that if you look at the exact value rather then the interpretation you can make a guess at what values it has been before.

  • Re:dd (Score:4, Informative)

    by Zironic (1112127) on Thursday February 17, 2011 @04:30PM (#35236430)

    According to RTFA they can recover almost 100% of the data from a 0'd HD, 90% of the data from a randomed HD and 1-10% from a HD that has run extremely extensive random HD passes (Like Gutmann)

    This is due to SDD's working differently then the standard HD's.

  • by jittles (1613415) on Thursday February 17, 2011 @04:31PM (#35236434)
    The lack of security of SSD's is not new! So unoriginal, in fact, that Truecrypt.org [truecrypt.org] doesn't even recommend that you encrypt an SSD drive!
  • by Rashkae (59673) on Thursday February 17, 2011 @04:31PM (#35236436) Homepage

    By scanning the surface of the platter with specialized equipment, it's possible to detect residual magnetization 'around' the area written by the drive head and determine where there used to be a bit. Actually using this technique to recover anything outside of a laboratory experiment (where the drive was only written to and erased with 0's once) is a myth, however. No one does this, not even CTU.

  • by gstoddart (321705) on Thursday February 17, 2011 @04:36PM (#35236530) Homepage

    You know, I've never understood this one. If you have written a zero to every sector on the hard drive, including the hidden space, how in the world is it possible to recover any data at all?

    Essentially, residual magnetism [wikipedia.org] and other sciency-bits.

    Suffice it to say, simply writing a bunch of zeros doesn't erase all traces of what was on. With old school HDs, you needed to write random data to each location multiple times -- there's a DoD spec for doing it (DoD 5220.22-M).

    I believe the article is saying that it doesn't seem to work with SSDs.

  • Summary (Score:5, Informative)

    by Orgasmatron (8103) on Thursday February 17, 2011 @04:42PM (#35236620)

    Block storage devices have more capacity than they report. Magnetic disks keep a small reserve of unallocated blocks as a hedge against blocks that fail in use. SSDs keep a much larger reserve because they can only erase in increments that are relatively large compared to their block size.

    If you overwrite a sector on a magnetic disk, you will almost always destroy all traces of the old data. The exception is when the drive thinks the old sector has failed or is about to fail, in which case you get an entirely new sector, and your old data is still (possibly) on the old sector. Attacks using magnetic force microscopes to read data from track fringes were possible a decade ago, but there is no reason to think it is possible on a modern drive.

    If you overwrite a sector on a SSD, the SSD gives you a whole new block from a list of free blocks, and adds the address of the old block to the list of deleted blocks. Blocks are moved from the deleted list to the free list when the SSD has some free time, or when one is really needed. There is currently no mechanism to force the SSD to actually erase a sector.

    This is all known, and there are mechanisms built into the specs to provide a secure erase. What their research is showing, however, is that these mechanisms don't always work. A number of them are buggy, and at least one just plain lies, claiming to have done the secure erase, but actually just doing the normal pointer update trick just like any other write.

  • by BetterSense (1398915) on Thursday February 17, 2011 @04:58PM (#35236800)
    It IS pretty much impossible, but that's not going to stop people from perpetuating the wive's tale for decades to come.

    I actually have seen Magnetic Force Microscopy used as a tech demo to image the bits on a floppy disk. I asked the process owner if it could be used to extract data, and he just rolled his eyes. He said that besides the issues with modern hard drives having bits that are orders of magnitude smaller both in size and in magnetization, it's just impractical to extract any data, which should be obvious since it takes like 10 minutes to image a handful of bits. A handful of bits that could mean anything, and be anywhere on the disk platter, and anywhere in the file system, and which could represent erased or scrambled or encypted data anyway. I think the idea that you could go beyond even that and divine what bits were written "UNDER" the current ones is just fantasy. I have heard rumors that NSA has made purchases of a large quantity of scanning probe microscopes for this purpose, but they could have just been buying some for testing...manufacturing volume for scanning probe microscopes is such that an order of a half-dozen of them would be an overwhelmingly large order.
  • by vadim_t (324782) on Thursday February 17, 2011 @05:24PM (#35237174) Homepage

    And what good is that?

    Again, this is a SSD, not a hard disk. The PCB contains both the interface and the data storage parts. If you microwave that, you've destroyed everything that was important. It's no use to unsolder anything, the flash chips themselves are destroyed by microwaving.

    The part you would skip on microwaving is the metal casing, which contains no data.

  • by Anonymous Coward on Thursday February 17, 2011 @05:29PM (#35237264)

    This is a very popular myth, but after hunting for comfirmation a few years ago I came up empty. Even the original author no longer stands behind this assertion. It's widely considered to be debunked: http://www.lawtechguru.com/archives/2009/03/11_multipass_erasure_myth_debunked.html

Some people carve careers, others chisel them.

Working...