Educause Security Discussion mailing list archives

Re: [External] Re: [SECURITY] Fully Erase Hard and Flash Drives

From: John McCabe <john.mccabe01 () MANHATTAN EDU>
Date: Mon, 30 Sep 2019 12:54:19 -0400

If you have a behaving SSD, this will appear to be a simple problem. SSD
manufacturers though are not to be trusted.

There was the self-encrypting SSD fiasco from about a year ago, where SSD
drives claiming to have onboard AES encryption in some cases did not.
Reference:
https://cacm.acm.org/news/232668-flaws-in-self-encrypting-ssds-let-attackers-bypass-disk-encryption/fulltext

Microsoft recently updated BitLocker such that for new drives, only
software encryption will be used. Reference:
https://support.microsoft.com/en-us/help/4516071/windows-10-update-kb4516071

I have yet to see anyone report that Secure Erase is implemented poorly
from any SSD manufacturer but that doesn't give me confidence that these
manufacturers are or will continue to implement Secure Erase correctly.





On Mon, Sep 30, 2019 at 11:26 AM Robert Freeman-Day <rmday () iu edu> wrote:

I am new to the list, so I don't know if this was ever mentioned. There
is an SSD secure erase option that does not require physical destruction.

https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase

Hope that helps.

Robert

On 9/30/19 10:24 AM, Brad Judy wrote:

This message was sent from a non-IU address. Please exercise caution

when clicking links or opening attachments from external sources.

-------

While it goes deep into the high security/paranoia realm, single punch

destruction isn’t the standard when it comes to solid state devices. Full
physical destruction of an SSD using a press should be a “bed of nails”
approach to ensure that all of the chips are broken. Of course, you’re
talking about a pretty high security environment if you’re worried about
people pulling data off of individual chips, but those in high value
research might consider it.


Brad Judy

Information Security Officer
Office of Information Security
University of Colorado
1800 Grant Street, Suite 300
Denver, CO  80203
Office: (303) 860-4293
Fax: (303) 860-4302
www.cu.edu<http://www.cu.edu/>

[cu-logo_fl]


From: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of

Michael Hart <mhart20 () MSUDENVER EDU>

Reply-To: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU>
Date: Thursday, September 26, 2019 at 10:33 AM
To: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] Fully Erase Hard and Flash Drives

We have an arbor press with a punch.  See attached results:



From: The EDUCAUSE Security Community Group Listserv <

SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Rob Milman

Sent: Thursday, September 26, 2019 10:30 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Fully Erase Hard and Flash Drives

Our team uses a 5-ton press. It’s become a stress relief exercise,

similar to the Office Space printer smashing scene.



[cid:image004.png@01D18F19.9217E950]

Rob Milman
Associate Director, Information Security
Information Technology Services

Southern Alberta Institute of Technology
EH Crandell Building, GA 214
1301 – 16 Avenue NW, Calgary AB, T2M 0L4

(Office) 403.774.5401  (Cell) 403.606.3173
rob.milman () sait ca<mailto:rob.milman () sait ca>





From: The EDUCAUSE Security Community Group Listserv <

SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> On
Behalf Of Todd Watson

Sent: Thursday, September 26, 2019 10:27 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU

Subject: Re: [SECURITY] Fully Erase Hard and Flash Drives

Agreed, Kevin.

Because of the variations in hardware design, complete deletion of flash

drives may not be possible based on the factors to which you alluded. We
shred before discarding.


Regards,
---
Dr. W. Todd Watson, CISSP
Information Security Officer
University System of Georgia
Cybersecurity
706-583-2400
todd () usg edu<mailto:todd () usg edu>

From: The EDUCAUSE Security Community Group Listserv <

SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> on
behalf of Kevin Wilcox <wilcoxkm () APPSTATE EDU<mailto:wilcoxkm () APPSTATE EDU

Reply-To: The EDUCAUSE Security Community Group Listserv <

SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>>

Date: Thursday, September 26, 2019 at 12:10 PM
To: "SECURITY () LISTSERV EDUCAUSE EDU<mailto:

SECURITY () LISTSERV EDUCAUSE EDU>" <SECURITY () LISTSERV EDUCAUSE EDU<mailto:
SECURITY () LISTSERV EDUCAUSE EDU>>

Subject: Re: [SECURITY] Fully Erase Hard and Flash Drives

On Thu, 26 Sep 2019 at 11:58, White, Ryan <Whitery () bhc edu<mailto:

Whitery () bhc edu>> wrote:


BHC is looking for a program to erase hard drives and flash drives.

What programs do you recommend to completely wipe USB and Hard Drives?  We
are currently using an open source program when the need arises but that
doesn’t erase flash drive and Solid State Drives.  Any input would be
appreciated!


My short answer is, "it depends".

My longer answer is, "generally speaking, I'm happy with encrypting a

drive with BitLocker and then formatting it or using Secure Erase in the
ATA standard".


My long answer is "cue folks talking about wear levelling and how you

can't trust the drive to *actually* remove that data and what about the
areas of the drive where data may be stored that you can't overwrite and a
bonded destruction company is the only acceptable method and ..."


That's a big ol' can of worms, I hope you're ready to do some fishin'.

kmw

**********
Replies to EDUCAUSE Community Group emails are sent to the entire

community list. If you want to reply only to the person who sent the
message, copy and paste their email address and forward the email reply.
Additional participation and subscription information can be found at
https://www.educause.edu/community<
https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=02%7C01%7Cmhart20%40MSUDENVER.EDU%7C6f5fcb1e54b54d23cbcb08d7429ed562%7C03309ca417334af9a73cf18cc841325c%7C1%7C0%7C637051122285805098&sdata=eHRJQ0ajDCvQI1IirIB1%2B%2BaWr0VJe6%2FLSDdqBbaZwXE%3D&reserved=0



**********
Replies to EDUCAUSE Community Group emails are sent to the entire

community list. If you want to reply only to the person who sent the
message, copy and paste their email address and forward the email reply.
Additional participation and subscription information can be found at
https://www.educause.edu/community<
https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=02%7C01%7Cmhart20%40MSUDENVER.EDU%7C6f5fcb1e54b54d23cbcb08d7429ed562%7C03309ca417334af9a73cf18cc841325c%7C1%7C0%7C637051122285815106&sdata=QIIMZUOjnnQNg5AyLd9R6hVgcY4YTA3oBT5f4xqAoPA%3D&reserved=0



**********
Replies to EDUCAUSE Community Group emails are sent to the entire

community list. If you want to reply only to the person who sent the
message, copy and paste their email address and forward the email reply.
Additional participation and subscription information can be found at
https://www.educause.edu/community<
https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=02%7C01%7Cmhart20%40MSUDENVER.EDU%7C6f5fcb1e54b54d23cbcb08d7429ed562%7C03309ca417334af9a73cf18cc841325c%7C1%7C0%7C637051122285815106&sdata=QIIMZUOjnnQNg5AyLd9R6hVgcY4YTA3oBT5f4xqAoPA%3D&reserved=0



**********
Replies to EDUCAUSE Community Group emails are sent to the entire

community list. If you want to reply only to the person who sent the
message, copy and paste their email address and forward the email reply.
Additional participation and subscription information can be found at
https://www.educause.edu/community


**********
Replies to EDUCAUSE Community Group emails are sent to the entire

community list. If you want to reply only to the person who sent the
message, copy and paste their email address and forward the email reply.
Additional participation and subscription information can be found at
https://www.educause.edu/community


--
________

Robert Freeman-Day
Indiana University UITS
LSERV - System Administrator - Linux
2709 E. 10th St.
Bloomington, IN 47405

Pronoun: He or E/Em - https://pronoun.is/he?or=e

GPG Public Key:
https://keybase.io/robertfreemanday/pgp_keys.asc


**********
Replies to EDUCAUSE Community Group emails are sent to the entire
community list. If you want to reply only to the person who sent the
message, copy and paste their email address and forward the email reply.
Additional participation and subscription information can be found at
https://www.educause.edu/community



-- 
*John McCabe *

*Senior Information Security Manager & Data Protection OfficerInformation
Technology Services*
[image: Manhattan College Logo/Shield]
Riverdale, NY 10471
Phone: 718-862-6217
john.mccabe01 () manhattan edu
www.manhattan.edu

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Current thread:

Fully Erase Hard and Flash Drives White, Ryan (Sep 26)
- Re: Fully Erase Hard and Flash Drives Doug Brooks (Sep 26)
- Re: Fully Erase Hard and Flash Drives Jones, Justin (Sep 26)
- Re: Fully Erase Hard and Flash Drives Jonathon Poling (Sep 26)
- Re: Fully Erase Hard and Flash Drives Kevin Wilcox (Sep 26)
  - Re: Fully Erase Hard and Flash Drives Todd Watson (Sep 26)
    - Re: Fully Erase Hard and Flash Drives Rob Milman (Sep 26)
    - Re: Fully Erase Hard and Flash Drives Hart, Michael (Sep 26)
    - Re: Fully Erase Hard and Flash Drives Brad Judy (Sep 30)
    - Re: [External] Re: [SECURITY] Fully Erase Hard and Flash Drives Robert Freeman-Day (Sep 30)
    - Re: [External] Re: [SECURITY] Fully Erase Hard and Flash Drives John McCabe (Sep 30)
    - Re: Fully Erase Hard and Flash Drives Vince Vargiya (OculusIT) (Sep 30)
- Re: Fully Erase Hard and Flash Drives Kimmitt, Jonathan (Sep 26)