From eugen@leitl.org Mon Sep 23 04:42:56 2013 From: Eugen Leitl To: cypherpunks@lists.cpunks.org Subject: Re: [cryptography] Deleting data on a flash? Date: Mon, 23 Sep 2013 10:42:49 +0200 Message-ID: <20130923084249.GH10405@leitl.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============0053023287988965600==" --===============0053023287988965600== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable ----- Forwarded message from Moritz ----- Date: Mon, 23 Sep 2013 10:26:42 +0200 From: Moritz To: cryptography(a)randombit.net Subject: Re: [cryptography] Deleting data on a flash? User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130827 Icedove/1= 7.0.8 On 09/23/2013 10:02 AM, ianG wrote: >> The issue is that it's pretty much impossible to delete data securely >> from a flash device. > Why is that? The flash memory controller hides the real storage cells from you and spreads writes across all cells equally for wear-leveling. You cannot directly access the cells. Some SSDs have a secure erase option, but you never know if it is properly implemented, and you can only use it to wipe the complete drive. https://www.schneier.com/blog/archives/2011/03/erasing_data_fr.html [...] Our results lead to three conclusions: First, built-in commands are effective, but manufacturers sometimes implement them incorrectly. Second, overwriting the entire visible address space of an SSD twice is usually, but not always, sufficient to sanitize the drive. Third, none of the existing hard drive-oriented techniques for individual file sanitization are effective on SSDs. --Mo _______________________________________________ cryptography mailing list cryptography(a)randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ----- End forwarded message ----- --=20 Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5 --===============0053023287988965600== Content-Type: application/pgp-signature Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="signature.asc" MIME-Version: 1.0 LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KVmVyc2lvbjogR251UEcgdjEuNC4xMiAoR05V L0xpbnV4KQoKaVFJY0JBRUJBZ0FHQlFKU1AvOElBQW9KRVBSdU5JbXNpVTdGYTFNUC9pM0p2alN1 UGJLTGc2MHNOdkMvZlJkeApFeHJka3N0MXI0RXVlYzQrd0M5cWVZQ2R0ZXR3UW81T204Rk5pVTkr L0tVS3d1a3VqVFA0S2RkbVlQekpNYkhrCkFsa21lQjJWSVFNWlg5dHhyd2xPMVE3cThuWHhzbjQr UXpTaHoyNjRoQ0xMT0xmbkNTUlVMd2JSMFY4RHMyQ3kKMXJpb3paNFVqUVF2Q1VTQXdqOHNtR3hN cVRTaU5hbGtVWnlyZ25WNUFaU3pIbDJoalRETmw3alVrYTQzR3hqSQo0bllMNWV4Y05yUmR6U3lE eHY5dy9RS05Cbm03MTM3a2s2MmR4ZUFxcXNkdjQ5M2U1R00zR2NpY1c5Mjg0ajZhCk1WR09vQ3dy L3lXSWNrMTZaOGJ3ZkcwYkppTkpKcFUzOWZQM0JPWWxrTlpLYTVPcTRHK0pZOTQwZ2NIODNKdngK N1JmbUFLM1BZRTh4NE9qcWJQd0k1eE5YMEU4TnpYRENKbDJadmZ4a0daeE5MWDFiWU90V0w4T1VX UkEwYmlpMQpyVFFnSzJhN2VxQmRtc3dHZVpFd1dwL0hvV1dLcjdxN0FyWGxzdW5rdHRsSUE2cVIr dm1MMytsU2p5cnh6SkNNCmNDYkpKMitQclkzWnZNTDJxY0JDeU83WkNzZDh6OTM5NExyUUFtazhu VlcxQWxMRTFTaldIdXNFd2ltbHRTN2kKNnI5a1V3QTFDTDUwNTZsdzNBL3NBZlFwK1IzSGFGT0U4 U3FSYTdIbmtBTGhVeDJDemlaYjBzRUJNQ2F2YjJydQpVN01yU1E1cnlsdXFrNjdCMkF2aC96TjVs V1ZwSXZJTldFWlVzK1BrZXEzK1N4WGFacUFucXM0OE83YXk1ZTM3CjE3Q3hWdjBJV1VEUTQxdHlj dzJxCj1nTjNpCi0tLS0tRU5EIFBHUCBTSUdOQVRVUkUtLS0tLQo= --===============0053023287988965600==--