SSD - Longevity, Reliability, and Security

From what I understand, SSD (NAND) technology supports a very limited amount of rewrites, much less than standard hard drives. and that it uses a wear leveling technology that makes truly erasing data impossible. Are these things true? If so, it doesn't sound like a very good alternative to standard hard drives to me longevity, reliability, and security reasons.

 

It is true, but the standard wear rate would outlast most people's useage, and unlike a typical drive you don't need to spin it up/down every 6-12 months in an archival situation so they're much better for long term storage.

As for security, not sure if you could bypase the wear leveling for a DOD level wipe in 2 gos, but I'm sure that a few more 0101010101010->10101010101010 rewrites would do the trick just like on a standard HDD which requires a few for security too.

 

I can not address the security issue. It is not a concern of mine and as such, I have done no research on the subject. But regarding longevity, Some of the research I did when trying to hone up my knowledge of SSD'd:

Hope that helps!

 

Good info there, thanks for the info guys!

Still not happy with the security aspect though, this issue really needs to be addressed for this technology to "replace" standard hard drives.

 

I still think multiple re-writes would do the job (and 4 re-writes out of 1,000,000 shouldn't hurt longevity , and not have the magnetic persistance problem of magnetic drives.

You could always just encrypt your drive.

 

Maybe, but you'd have to make sure that every single cell was overwritten x amount of times, and hope that the wear leveling wasn't just swapping the data all around, avoiding being actually overwritten.

Yeah, but if it's your C drive, that would be a real pain.

This security issue really should be addressed by the manufacturers.

 

A typical ssd will outlast a hard drive in all circumstances. Logical testing as to the longevity of the single level cell ssd has shown that it is quite believable for their lifespan to last well in excess of 100 years and, even the most 'right winged' approach i have seen still shows the mls to last 49 years VERY LEAST.

Multi level technology will be the common ssd the consumer will purchase, however, and its life span will be quite a bit less,somewhere in the area of 10 years plus. This is a result of cheaper NAND prices through mlc and thus, the consumer will see much cheaper ssds because of this very soon.

Dell is now offering the 64Gb slc Samsung ssd, this being a ssd expected to last well past the life of any equipment you will need it for as it is slc. It is also above 80MB/s read and write.

 

scoober I have to say you brought up a very good issue with security. I did Google and know much more than before, and might mention not to happy with standard HDD's remapping bad sectors also. But yes even less on SSD's I could find. So I want to be careful because I don't know, but if you had a 64GB SSD and instead of using a shredding app you simply transferred 64GB (or whatever is free) of music the wear leveling would never start to overwrite music files? So I suspect the shredder apps would be the same. I know the SSD is hiding where it is really working in from OS but the HDD does do the same thing when remapping bad sectors so don't be so confident with the current state of HDD security. And yes I would like better answers I don't have, Les? Are you out there?

Edit: Les welcome started writing b/4 you posted nice to see ya!

 

Thanks powerpack, and yes, security seems to be the chink in SSD's armor right now, let's hope they address this issue sooner than later. There's no way I'd put any of my personal or business files on such a drive.

 

I still don't see the issue though as being at all different than on magnetic drives, in fact IMO they would be safer than magnetic because there is no physical persistance (it's not marking a 0 or 1 magentically it is tuly fliping a 0 or 1 in chip gate state).

And while wear leveling would mean you write to A C B D when posibble, if you do a full re-write sweep then you are filling all of ABCD with bogus data and then re-writing over it again, wear leveling would do nothing to help that unless it is 128GB of NAND acting like a 64GB drive, which it isn't.

Sure if you were to do mid-work 'deletes' without low level format/overwrite/format, off course it would be insecure, but no less so than any unencrypted drive.

You still have the same table issues if that's what you're getting at.

And like I said, at that point if it's that much of a problem, you encrypt the whole drive, with a dedicated I/O encryption scheme like those on theThinkpads.

Really unless you encrypt it a magnetic drive is not better at hidding the information, and it's not like SSDs are any worse at fargmenting the information, if anything wear levelling would mean that mid second write to much of this you would have a less coherent image than on a magnetic drive (because less of a need to defrag an SSD [and more reason not to if you were worried about wear]). If it's spread all over the map a re-write would quickly destroy portions of 'hidden deleted' bits to make the rest un-readable. At least with magnetic persistence someone who is a pro at this would be able to recover layers of information.

I don't know, I just don't see this as a 'more insecure' situation, perhaps I'm missing the area you think is the weakest link, other than small batch overwriting (at the end of the day to you mass overwrite your temp files?), which you could accomplish the same by doing an end of day delete followed by a copy 1GB 010010010010 file to fill drive at the end of the day (thus adding 366 write cycles to the annual budget).

Could you give a little more detail as to the specific area of weakness I just don't see a difference, if anything now that you made me think of it I would prefer an SSD for security for two reasons, not magnetic persistence and quicker read/write of encrypted data spread out wider across the drive.

 

OK, let's suppose that you are using an SSD as you C drive, and you want to delete your web cache every time you browse so that it cannot be recovered, which is easily done on a normal hard drive, but with SSD your basically out of luck, and this is just a small example of the problem with SSD and security, especially if it's your C drive. It just plain fails at basic security and privacy, and therefore it's not fit for use IMO.

 

OK first of all I admit this is not my area so if I say something stupid run with it and understand I am just bringing out, will say like I have a clue!

It does not delete the DATA it deletes the "table of contents", "address". I am saying that all it is doing is hiding from OS (HDD), any forensic tech could pull what was not overwritten. Not as big of issue. And to TGGA you can't do "low level formats" on any current HDD or am I mistaken? And I think I understand and agree with the TGGA on SSD at this point.

 

I'm not talking about a simple standard delete, I'm talking about a randomized multiple overwrite of the data. This just isn't going to be possible if you're using an SSD drive as your C drive, with current technology.

 

OK you scrub a file and SSD wear leveling does not scrub that area, I get that and that is what I am confused about also. See your point! But I stick by LLF of HDD to TGGA for now.

 

True in the formal sense of the word, but the essentially similar practice to the extent we have access nowadays (like the zero-filling I was mentioning accomplishes about the same thing), and while best done on it's own as a standalone app you can get tools like Acronis' that make it easy. It's not the same low-level format anymore, but us 'old folk' still use the term even if it's incorrect.

IMO zero-filling or bulk copying would erase all tracks, and better on an SSD than a magnetic drive.

Even for scoober's example, if you're that concerned, you only need to block replace once, basically recopying bogus chunks using a formula to fill up & erase what's left of the HD each time you close up for the day. It's a hassle, but at least you wouldn't have to write it 3-4 times to ensure 'deletion' just once for the entire remainder of the drive. It would pretty much replicate the scripts I made (for OS/2, REX and Windows) in the old days to cover my tracks, back when I had something to hide... other than monkey pr0n.