Data storeed on SSD drives, extremely hard to erase
Recent research involving solid state drives have revealed the fact that sometimes files stored on such drives are impossible to erase using traditional disk-erasure techniques. According to this research, as much as 75% percent of the data may still be present on the drive in question after erasure.
This difficulty comes form their radically changed internal design: SSDs use computer chips to store data and employ a flash translation layer (FTL) to manage the contents. This FTL component frequently writes files to new locations and updates its map to reflect the changes.
“These differences between hard drives and SSDs potentially lead to a dangerous disconnect between user expectations and the drive’s actual behavior,” scientists, from the University of California at San Diego, wrote in a 13-page paper. “An SSD’s owner might apply a hard drive-centric sanitization technique under the misguided belief that it will render the data essentially irrecoverable. In truth, data may remain on the drive and require only moderate sophistication to extract.”
“Our data shows that overwriting is ineffective and that the ‘erase procedures provided by the manufacturer’ may not work properly in all cases,” the paper warns.
Due to this difference in manufacturing and architecture, apparently even degaussing, a process in which a magnetic drive’s low level formatting is destroyed, has shown serious failures.
“The danger, however, is that it relies on the controller to properly sanitize the internal storage location that holds the encryption key and any other derive values that might be useful in cryptanalysis,” the researchers wrote. “Given the bugs we found in some implementations of secure erase commands, it is unduly optimistic to assume that SSD vendors will properly sanitize the key store. Furthermore, there is no way to verify that erasure has occurred (e.g., by dismantling the drive).”
