Category Archives: SSD

The question is almost completely answered. However, more details are still needed. See Update 2 down here.

I’ve learnt that the ATA Secure Erase is uncorrectly implemented in SSDs (sources are down here), but I’m still willing to find a way to erase as much as I can on them.

What I intend to wipe is the whole SDD, which includes:

• The cells that users may access
• Bad/unmapped/corrupted sectors
• The over-provisioned space
• The trimmed cells
• The Device Configuration Overlay (DCO)
• The Host Protected Area (HPA)
• And everything I’ve forgot

I know that encryption is the best way to simulate a limited “Secure Erase”, but before doing that for my new datas, I want to at least make a single pass in order to wipe as much as I can of the old ones.

As I know so far:

• ATA Secure Erase: Not reliable, still wipe correctly HPA or DCO ?
• dban: Do not erase remapped sectors, nor HPA or DCO
• nwipe: Same problems as dban since it’s a fork
• dd: Same as dban and nwipe, but also blocks everytime it meets a bad sector
• shred: Recommended for files, works like dban, may have issues with SSDs
• badblocks -w : Should check every sectors destructively, is it correctly implemented for SSDs ?

For now, the best I can do is a badblock -w.

So the question is: What tools can I use in order to erase data as much as possible on an SSD ?

The idea is, based on information I may not know -yet- but you do, to find the most suitable tool listed here, or any other tools not listed here.

Also, anything that may lead to correctly access or/then then delete an SDD’s DCO or HPA is ok too. -> This was almost completely answered by @guest, but see update 2.

Same goes for remapped/bad/unnmapped sectors, trimmed cells and over-provisioned space.

Destroying the drive is not an option.

Sources:

• http://cseweb.ucsd.edu/~swanson/papers/Fast2011SecErase.pdf
• http://nvsl.ucsd.edu/index.php?path=projects/sanitize

Update:
badblocks -w may not be reliable (https://lime-technology.com/forum/index.php?topic=23792.0), but I need to dig that up more, unless someone provide an answer here first, which I’m also interested in.

Update 2:

Now, the remaining thing I need to know is: Does the implementation of DCO and HPA respective erasure and disabling is effective -and not badly done like it is for ATA secure erase- ?
Furthermore, a naive question here: Does disabling the HPA means this latter will get erased too ?

PS: Sorry if I don’t answer right away, I’m working and travelling around the world -thus making this post related- and I often face time-squeezing business.
But, I will definitely answer back for sure.

Continue reading How to erase as much as possible an SSD without ATA Secure Erase?→