I grilled my local hardware security friend who said you should never trust the secure delete feature in ssd . In general it has been found insecure.
As mentioned the "Large grinder" seems like the only way to be sure. On Sat., Mar. 23, 2024, 10:50 Giles Orr via talk, <[email protected]> wrote: > I have, for many years, used "Darik's Boot and Nuke" on a USB stick to > securely wipe spinning hard disks. It takes a long time, but I mostly > understand and trust the process. > > I'm now at the point that I have to wipe and dispose of SSDs, and I'm > feeling a bit shaky on the methodology. Here's what I did: > > # hdparm -I /dev/sdX > > Looked for enabled/locked/frozen in the output ... I won't go into > making sure those are toggled correctly, but that appears to be > needed. This also lists what appears to be info about doing a wipe on > the drive: > > 6min for SECURITY ERASE UNIT, 60min for ENHANCED SECURITY ERASE UNIT > > Then, set a password (why? but seems to be needed): > > # hdparm --user-master u --security-set-pass foobar /dev/sdX > > Last, run the wipe: > > # hdparm --user-master u --security-erase-enhanced foobar /dev/sdX > > Doing something like `dd if=/dev/sdX bs=5M count=5 | strings` (or > sending it to `less`) definitely shows that it's changed from > something organized to something full of identical characters. But > I've never seen this wipe process take more than 60 seconds, which > makes me wonder about the `hdparm` declaration about the time required > for a secure wipe. > > So I guess the big question is: should I trust this process? Do we > really think it's securely wiped? Or should I be taking a hammer to > the chips on the SSD because that's the only way to ensure it's fully > wiped? > > -- > Giles > https://www.gilesorr.com/ > [email protected] > --- > Post to this mailing list [email protected] > Unsubscribe from this mailing list > https://gtalug.org/mailman/listinfo/talk >
--- Post to this mailing list [email protected] Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk
