Are SSD drives more secure?

In regular drives data deleted can still be recovered, even if you use special erasing programs (7 pass etc).

What about SSD drives?

 

Good SSD drives (e.g. Intel, Samsung) should have wear-leveling algorithms that prevent erasing if the cell is likely to fail.

That means that data should not get lost even in the case of a cell too worn-out to be written to. Your application would receive an error during the write command (e.g "Cannot write to drive X") but the data would not be lost. This is much much better than HDD's - that are not able to predict failure so precise and, when failure happens, HDDs are usually not able to keep the data accessible.

Of course, SLC drives with good wear-leveling should have lifetime way beyond useful life of a computer, or even your life in most desktop/workstation use cases. There are SLC drives that are able to withstand hundreds of years with average 50 GB of written data every day

Now, this is all theory - we are yet to see how these predictions behave in practice. Hard Drives are much more time-proven technology, we know their reliability limits and we also know how they behave during their life. With modern SSDs, this data is yet to be created and understood better..

 

Ouch, now I read your question again and I realise that I misunderstood your question - are you asking if the data erase operation is reliable on SSDs, compared to HDDs where there is a chance to recover it?

I believe that SSDs are bit more "erase friendly", as they are not magnetic media where magnetic state could be predicted (extracted) even after erase.

Of course - this applies if and only if the cell is really erased. Because of the wear-leveling algorithms used in SSD, data is not immediately erased even if you delete the file. Instead, it is marked "for deletion", but the actual deletion happens later, when wear-leveling algorithm decides that it is time to use the cell again.

In order to really erase SSD, you have two ways:

- Use vendor-supplied format utility
- Fill the entire drive with new random data, as that will force controller to erase every cell

 

how would you recover data from regular HDD if it was erased with actual write of zeros at the place where the file was ?

 

this theory gives some hope ...

but then, if bits of the file sit next to bits of another file (which is always the case) then ones and zeros of bits next to the questionable bit would also affect the reading, and since you will be looking for very small differences then those could/would mess up the results

 

Be recovered by whom? You, me, the police? Not. Unless you are involved in international espionage you are way over thinking this. One pass is good enough. 3 passes pretty much makes recovery of any kind by anyone impossible.

I am very aware the capabilities both theoretically and in practice are a point of much contention between "experts" with opinions on both sides. I am also aware that multiple passes overwriting and even degaussing are no longer considered thorough enough in some operations. Anything short of complete physical destruction falls short. But as said unless you are some kind of a spook not sure why the need.

I agree with your points. I find them to likely make SSD's less secure or at least harder to make "secure". Vender supplied utility? Are they making them. Oh and formatting would not erase.

You, me? wouldn't and couldn't.

If you believe Peter Gutmann sure. But not all agree with him especially at the levels he sometimes like to claim.

Always nice to joined by a fellow cynic.


To OP if you use overwriting be careful. Applications that are run by the OS may not be able to see some sectors as at least with electromechanical drives when problems are detected by the HDD the data when possible is moved to a different (non damaged) sector and the damaged sector is now only able to be seen or modified by equipment none of us at NBR have. This can also be a problem even at a level below the OS.

Real world overwrite a few times and relax. Not enough get a hammer then throw in an acid bath then in case in a commercial epoxy adhesive. If Peter Gutmann can retrieve any data from that I will give you a years pay. Also take it to a scrap yard and have them activate their magnetic crane on top of it a few times. Or a hammer and some gas and a match. Do outdoors at least 20yds from the house.

 

Leftye you are 100% correct as to how it works. That is a perfect explanation you made in prior post.

Peter Gutmann is the "God Father" of this school of thought/technology. He is easily search able and wiki does have an article.

He is the one who for the most part with another gentleman opened up this entire area of thought. But as with many visionaries some might say he went a little off the deep end.

As I tried to express to OP not you per se. At some point you don't have to worry. There is no one who would get your HDD that could do as you described. Unlikely even the police computer forensic scientists have the one write pass recovery technology. Absolutely no way they have multi pass recovery technology. There are serious questions at what level any of it even exists. Peter Gutmann says something like 32 overwrites are needed I believe. It has been a long time my number could be way off.

Any way leftye like I said you are 100% correct as to how the basics work. If OP is concerned/interested in this there was much in my post he can go to wiki and search.

And really I can not emphasize enough. What are you trying to protect and from whom. One overwrite is enough if you are selling a computer. It is no problem to do 3 or 7 so nothing to worry about.

There are other threads on this that go into details "ad nusium" and of course I was a part of the "nusium".