If data security is your concern, it should be noted that neither a SECURE_ERASE nor a TRIM actually erase the flash cells. The SSD firmware keeps a list of which cells are allocated and which are not. A TRIM simply marks a cell as unallocated the same way deleting a file causes the filesystem to mark a cluster as unallocated. No attempt is made to actually erase the data. A read request from an unallocated cell simply causes the device to return 0x00 (or some other bit pattern) without actually checking the cell’s contents.
There is no effective way of securely wiping an SSD. Forensics tools that can interface with the firmware directly can see the cells’ contents. Also, there is more storage on the device than what is accessible from user-space. These extra cells are used in garbage collection. Garbage collection can reallocate cells on-the-fly and can still work even on a drive that is 100% full. A SECURE_ERASE may (probably does) TRIM those cells, but a blkdiscard or fstrim certainly wouldn’t, since they use sector numbers to identify the areas to be TRIMmed.
The only way to securely erase an SSD is to destroy it. This is the policy of most companies in health care, banking, and government when surplussing equipment.
This is a complete digression but do you know if there is a consumer hardware that can be reliably erased? I’m trying to make something behave as an affordable HSM. If I could store a key encrypted at rest and be able to actually delete it, that would work for me.
This is a complete digression but do you know if there is a consumer hardware that can be reliably erased?
behave as an affordable HSM
Like, to create a hardware keystore? No, I don’t, sorry. If I wanted one myself, I’d probably just buy an existing one and hope that they did things correctly. :-)
tal@lemmy.today 7 months ago
I mean, I read the PDF, the problem was the viewer bogging down.
googles
This sounds like what I expected:
superuser.com/…/triming-as-alternative-to-securel…
barsquid@lemmy.world 7 months ago
This is a complete digression but do you know if there is a consumer hardware that can be reliably erased? I’m trying to make something behave as an affordable HSM. If I could store a key encrypted at rest and be able to actually delete it, that would work for me.
tal@lemmy.today 7 months ago
Like, to create a hardware keystore? No, I don’t, sorry. If I wanted one myself, I’d probably just buy an existing one and hope that they did things correctly. :-)