Timeline for Is shred bad for erasing SSDs?
Current License: CC BY-SA 4.0
12 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Jun 18, 2020 at 22:23 | comment | added | VerdantOzark | @ilkkachu Destruction still needs to be an option, in case the drive is rendered electronically inoperable such that you can't verify whether a key-throwing operation has succeeded but it might still be recoverable by pulling apart the drive. | |
| S Jun 18, 2020 at 14:27 | history | suggested | Amazon Dies In Darkness | CC BY-SA 4.0 |
Made it clear that it is recent SSDs that use wear leveling. SSDs did not originally have this feature.
|
| Jun 18, 2020 at 12:22 | review | Suggested edits | |||
| S Jun 18, 2020 at 14:27 | |||||
| Jun 18, 2020 at 11:02 | comment | added | ilkkachu | @adib, maybe. It depends on the enterprise and how they do things. Some just never let drives leave the company (or even a single site) without being physically destroyed. I expect others would just contract another company to do the destruction. | |
| Jun 18, 2020 at 10:40 | comment | added | adib | I suppose this is why encryption is mandatory for a server environment? Erasing a drive is as simple as "forgetting" the decryption key. | |
| Jun 17, 2020 at 20:59 | comment | added | supercat | @Attie: On top of that, drives are limited to erasing large groups of pages at once, meaning that if e.g. 3/4 the pages in a block contain useful data, and 1/4 contain obsolete data, recovering the storage used for obsolete data will require copying the useful blocks to some other location and then erasing the entire block, and will only free up a quarter block worth of pages. | |
| Jun 17, 2020 at 17:47 | comment | added | Attie | Not sure if it's worth adding to your answer, but the erase procedure is actually quite slow, which is another reason to perform erases during idle time / as housekeeping... If they were to erase and write a page at once, then the write performance of even modern SSDs would be awful. | |
| Jun 17, 2020 at 8:49 | comment | added | dirkt | @frostschutz It's not meant as "advice". It's what came up in the discussion (look at the other answers, and comments). If you want advice: The first step is to define your threat model. Be clear against what and whom you want to protect. "Protect from a knowledgeable person" is not a threat model. Then, once you know this, understand what consequences the actions you do have, and to what degree they protect you against the threat you modeled. This answer tries to shed at least some light on this, because there seem to be a lot of misconceptions around. | |
| Jun 17, 2020 at 8:39 | comment | added | frostschutz | Going from "shred is bad" (true for single files, regardless of HDD/SSD; fine for full device wipes) to "blkdiscard isn't safe" (true in theory, usually fine in practice) to "you can just use rm" sounds like bad advice to me... anyone can photorec, in the end for SSD it'll still be TRIM/discard (blkdiscard, fstrim, discard mount flag) to get rid of that data. For HDD you must overwrite (entire device or all free space) in a single pass. There is no purpose to multiple passes at all. | |
| Jun 17, 2020 at 8:11 | history | edited | dirkt | CC BY-SA 4.0 |
added 329 characters in body
|
| Jun 17, 2020 at 7:45 | history | edited | dirkt | CC BY-SA 4.0 |
added 89 characters in body
|
| Jun 17, 2020 at 4:47 | history | answered | dirkt | CC BY-SA 4.0 |