On 7/12/25 21:46, songbird wrote:
[email protected] wrote:
On Thursday, July 10, 2025 10:41:18 PM David Christensen wrote:
On 7/10/25 04:07, songbird wrote:
I was able to get some SSD replacements and want to add them
to my existing setup,
Be sure to do a secure erase before you put the SSD's into service:
https://en.wikipedia.org/wiki/Secure_Erase#Secure_erase
Why do you recommend that? Are you assuming the SSDs songbird got are used,
or do you recommend that even for new SSDs -- if so, why?
beyond that what assurances do you have that with behind the
scenes managment going on of the drive that any attempts at
wiping it completely are actually happening?
aside from the original manufacturer hopefully not putting
backdoors and ET Phone Home sorts of hooks?
i pretty much have always assumed that a new disk drive when
it gets a new partition table and file systems created on it
will be destroyed enough. sometimes i have written random
data on new disks but i have no illusion that this has been
perfect as i know some people who have been able to get a lot
of information from disks that have been somewhat scrubbed
as long as they weren't outright destroyed and the metals
recycled.
songbird
Yes, things get very bad when bad people control the SSD firmware. I
can only hope the firmware in my SSD's is legitimate, and updates are
cryptographically signed.
When using d-i to initialize a physical volume for encryption, I have
seen the option to fill the volume with random bytes. AIUI 'discard'
and 'trim' would gradually defeat such security-by-obfuscation as blocks
are erased, but it does make sense if the incremental security gain is
justified. I don't do it to my SSD's because I want to save their erase
cycles.
Please clarify "somewhat scrubbed".
David
