Wipe it free: secure wiping software

By Ashton Mills, CSO Online (Australia) |  Security

SSDs (solid state drives) have rapidly gained popularity in the last few years in both business and the home. It's common knowledge they are fast, quiet, and use less power, but they come with another feature intrinsic to their design: they are also somewhat less secure. Unlike traditional spinning-platter media, the NVRAM on which SSDs are based have limited write-cycles. While in practice the shelf life of an SSD is still very decent--there are no long-term studies yet that accurately catalogue write-cycle lifetimes--they use firmware designed to extend their life by using a technique called wear levelling. This balance writes out across the media to ensure all cells get written-to evenly.

In practice this means when a file is overwritten in the operating system, the new file is actually written to a different location than the original. Hence, even though it may be 'deleted' from the drive, it's still recoverable. Securely deleting files or wiping free space is also a bit of misnomer for SSDs for the same reason. The translated sectors the operating system sees on the drive don't bear any relation to where the data is physically stored in the NAND chips.

Unfortunately, there's no real solution to this if security is paramount except to perform what's known as a secure erase. All SSDs support this and is similar to restoring the drive to factory condition (with the exception of wear on the chips), resetting all cells to 0s. While secure, it's an all-or-nothing affair, you can't selectively erase files, folders or partitions as you can with spinning-platter media.

Adding to the complexity, many SSDs keep of a pool of memory (which can be many gigs in size) to use either as scratch space for garbage collection routines or to allocate as new sectors if any cells become unusable. This pool may also contain old data that could be recovered with the right tools.

What about TRIM? Contrary to popular belief TRIM does not clear the cells, it sets a flag in the drive's cluster map to indicate these cells don't need to perform the full read/modify/write cycle which is normally required when writing to cells that already contain data. Until those cells are actually written over with new information, that data is also still present.

All up, this tends to indicate that if security is more important to you than speed, SSDs are perhaps not the best choice.

Originally published on CSO Online (Australia) |  Click here to read the original story.
Join us:






Answers - Powered by ITworld

Ask a Question