Security Basics mailing list archives
Re: Flash Memory Wiping
From: Dragos Ruiu <dr () eusecwest com>
Date: Fri, 19 Jan 2007 12:25:37 -0800
On Friday 19 January 2007 06:18, nolife () gmail com wrote:
dd if=/dev/zero of=/dev/devicex ? Just overwrite the data, in comparison to a hard disk a flash can not be opened by a normal professional. The structures are so small that it would be very very hard to analyse the "old" contents. For nuclear weapon control units the standard procedure is to "shredder" the chip into a set of pieces, i do not know of any successfull reconstruction :-)
You can't jsut overwrite the data. You must overwrite the data and FILL the devices. Flash filesystems are designed to spread out the writes as much as possible to avoid as much overwriting as possible. Deleted data does not get overwritten, just marked invalid, most flash filesystem go for the least recently used block (or similar) when allocating the next block to write to. They try to do this to maximize the limited number of write cycles in the lifetime of flash by minimizing writes to repeated locations. So... you have to fill the device to capacity to make sure you have overwritten the data. cheers, --dr (cc'ing daily dave because i remember dave asking about this...) -- World Security Pros. Cutting Edge Training, Tools, and Techniques London, U.K. Mar 1-2 - 2007 http://eusecwest.com pgpkey http://dragos.com/ kyxpgp
Current thread:
- Re: Flash Memory Wiping, (continued)
- Re: Flash Memory Wiping C Anctil (Jan 23)
- Re: Flash Memory Wiping Dragos Ruiu (Jan 24)
- Re: Flash Memory Wiping Lou Losee (Jan 24)
- Re: Flash Memory Wiping William M. Ryan (Jan 26)
- RES: Flash Memory Wiping Cleverson de Freitas Ferla (Jan 30)
- Re: Flash Memory Wiping C Anctil (Jan 23)
- Re: Flash Memory Wiping Snoopy Brown (Jan 24)
- Re: Flash Memory Wiping Atom Smasher (Jan 22)
- Re: Flash Memory Wiping Dragos Ruiu (Jan 22)
- How to securing endpoints? WALI (Jan 22)
- RE: Flash Memory Wiping Barrett, Will (Jan 22)