Educause Security Discussion mailing list archives

Re: Erasing/Wiping Solid State Drives

From: Gary Dobbins <dobbins () ND EDU>
Date: Mon, 17 Aug 2009 16:35:53 -0400

You may want to [re]consult NIST, who I'm told has updated their standard advice to require only a single-pass write of 
all-zero to be sufficient for magnetic disks.
e.g. dd if=/dev/zero etc.

Not sure if that applies equally to electronic devices (thumb, SSD') which may store things internally in ways that 
could enable recovery, but otherwise they too just emulate an array of blocks which could be zeroed as well.  It's not 
clear to me how a 1000-block thumbdrive could retain any valid data, no matter how stored internally, if 1000 blocks 
worth of replacement data were written to it.


From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of James 
Moore
Sent: Monday, August 17, 2009 4:24 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Erasing/Wiping Solid State Drives

This is an area where I have very little experience.  We are using wiping utilities like Eraser (for files & 
directories) and Darik's Boot and Nuke (for disks).  They do passes to overwrite data to reduce possibilities of 
extracting data due to magnetic remanence.  Is there an analog (no pun intended) for solid state drives?  Thanks.

Jim
- - - -
Jim Moore, CISSP, IAM
Senior Information Security Forensic Investigator
Rochester Institute of Technology
151 Lomb Memorial Drive
Rochester, NY 14623-5603
(585) 475-5406 (office)
(585) 255-0809 (Cell - Incident Reporting & Emergencies)
(585) 475-7920 (fax)


If you consciously try to thwart opponents, you are already late.  Miyamoto Musashi, Japanese philosopher/samurai, 1645


Risk comes from not knowing what you're doing. -Warren Buffet

CONFIDENTIALITY NOTE: The information transmitted, including attachments, is intended only for the person(s) or entity 
to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, 
dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other 
than the intended recipient is prohibited. If you received this in error, please contact the sender and destroy any 
copies of this information

Current thread:

Erasing/Wiping Solid State Drives James Moore (Aug 17)
- <Possible follow-ups>
- Re: Erasing/Wiping Solid State Drives Gary Dobbins (Aug 17)