Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Data Storage Privacy Security Hardware

Confidential Data Not Safe On Solid State Disks 376

An anonymous reader writes "I always thought that the SSD was a questionable place to store private data. These researchers at UCSD's Non-Volatile Systems Laboratory have torn apart SSDs and have found remnant data even after running several open source and commerical secure erase tools. They've also proposed some changes to SSDs that would make them more secure. Makes you think twice about storing data on SSDs — once you put it on, getting it off isn't so easy."
This discussion has been archived. No new comments can be posted.

Confidential Data Not Safe On Solid State Disks

Comments Filter:
  • How about (Score:5, Insightful)

    by Anrego ( 830717 ) * on Thursday February 17, 2011 @04:17PM (#35236204)

    Encrypting it?

    Is taking data off really an issue anyway. If it's confidential data, destroy the disk when you need to dispose of it. Not repurposing or re-selling hardware with sensitive information on it sounds like a no-brainer.

  • Encryption (Score:3, Insightful)

    by __aardcx5948 ( 913248 ) on Thursday February 17, 2011 @04:18PM (#35236224)

    It doesn't matter if you can get hold of ALL of the data, if it's encrypted you're fucked. Nothing to see here, move along.

  • by WhiteDragon ( 4556 ) on Thursday February 17, 2011 @04:22PM (#35236310) Homepage Journal

    Thermite will fix everything! [s/fix/destroy] :-)

  • truecrypt (Score:5, Insightful)

    by SharpFang ( 651121 ) on Thursday February 17, 2011 @04:25PM (#35236344) Homepage Journal
    encrypt the data before writing. at no point in its existence will it appear anything but white noise to unauthorized parties.
  • by Solandri ( 704621 ) on Thursday February 17, 2011 @04:28PM (#35236392)
    From what I've seen, it's not the end-of-life disposal of drives which leads to this type of data leak. It's when a drive dies under warranty and you send it to the manufacturer for a replacement. Since it's non-functional, you can't erase it. Since you need to return it without any signs of abuse for a warranty replacement, you can't destroy it.

    The manufacturer usually just fixes it, and sells it as a refurb / sends it out as a replacement drive for others which have failed under warranty. They just do a quick format, or sometimes even don't bother formatting, before sending the fixed drive out. Meaning the new recipient of your old drive has all your data.
  • by causality ( 777677 ) on Thursday February 17, 2011 @04:35PM (#35236512)

    "Trust but verify"? Verification results from the exact opposite of "trust" :p You're right to verify, but saying stuff like that sounds silly..

    Verification is after-the-fact. Prior to that, the vendor could still do something dishonest like fail to deliver on its promises. You're trusting them not to do that as indicated by your willingness to do business with them in the first place. Verification is an attempt to check against not only dishonesty on their part but also well-intentioned mistakes that wouldn't strictly be issues of trustworthiness.

    It's sort of like when I deposit cash at a bank. If I tell them "this is 200 dollars, please put it into my account" they are going to count the money. I don't take that as an accusation that I am trying to deceive them, because it isn't. It's a standard practice because multiple pairs of eyes are more likely to catch both honest mistakes and deliberate deception. That's an example of "trust but verify".

    It's not really so silly and it's far less extreme than "I want to be involved in each step of the process so I can watch your every move". That would be distrust.

  • by lgw ( 121541 ) on Thursday February 17, 2011 @05:11PM (#35236984) Journal

    TrueCrypt volume inside a TrueCrypt volume

    You, dawg, I heard you liked TrueCrypt.

    The headline should just read "Confidential data not safe on unencrypted disk". Modern hard drives also arean't as easy to 100% delete as one might think - once a sector gets "spared out" there's no easy way to delete it, and there will still be readible data there. That just happens a lot less frequently than SSD load/wear balancing.

    Of course, any media can be adequetly destroyed by shredding - if you really care, this isn't a problem to solve with software.

  • Re:How about (Score:2, Insightful)

    by Anonymous Coward on Thursday February 17, 2011 @05:36PM (#35237352)

    Congrats... I think you've just built a hard drive sized One Type Pad. Unless I'm missing something, this is horribly vulnerable if an attacker can "borrow" your disk at multiple snaps in time (as you are essentially reusing the one time pad everytime you delete/modify files, so the attacker can now calculate oldfile xor newfile ... if I know at snapshot one I hadn't sent you somebigimage.jpg and at snapshot two, I can basically xor my two snapshots and then xor somebigimage.jpg over all the non-zero fragments and see what file you deleted that freed up space for somebigimage (oversimplified but still and issue)

Real Users never know what they want, but they always know when your program doesn't deliver it.

Working...