I need advice, I want to clean SSD disks in a company that cannot be recovered from them (let only the NSA be able to). There is something like secure Erase and I run it in Partition Magic but it only takes a few seconds (the Patriot drive has NVME). I reset 3 times before (it took almost an hour under Linux) - I don't know if it gives you more confidence. Do you know any free software that would work under uefi? If not, payable ...
Win10 has an option to restore to the initial settings, and there is an option in the event of selling the device, so it probably cleans everything thoroughly and then just delete win10.
First of all, the bank does not clean the disk, especially for sale I would not do something like that. This is one, another - I want the best LiveCD like ParticMagic, something that will give me confidence and it is proven that it works and cleans actually, not theoretically. Only the disks inserted into the laptop PC etc will not be cleaned, but those that will also be through the docking station.
So your advice is this 2/10. This method erases, not erases.
Have you checked if it does not clean completely? Because I read on the internet that this option does just that. But what do I know. Or it is a reset of the wines to their initial settings. I do not remember. https://www.asus.com/pl/support/FAQ/1013065/# There you have the option "remove my files and clear hard drive" And it takes a few hours as time is important to you and you think the longer the better.
Added after 1 [minutes]:
What is the problem with using a bootable flash drive and e.g. mhdd and resetting the disk?
Wait, let's explain: 1. SSD disk (the disk is exaggerated because there is no disk there) is silicon flash memory, right? In flash memory, whole blocks are erased, not pages or cells. If the deletion program has implemented flash support, the deletion command will be realized many times faster than writing each cell (which is saved in a group of other cells anyway - saves the entire page). And the SSD itself is faster than the disk. So deletion can be instant. 2. I do not know how trim and wear leveling affect the disruption of the cell deletion process - let the specialists speak here.
And is it not sometimes the case that by deleting data from SSDs, it is practically impossible to recover it? After all, it's not a HDD that you need to format or reset it several times ...
There were a couple of points in the thread that I would like to address: 1 / - the deletion procedure lasting several seconds comes down to generating a new encryption key and creating new translation tables responsible for assigning LBA logical addresses to physical blocks. As a result of such an operation, the old data remains, but because it is encrypted with a key that we do not know and we lose the information and their physical arrangement in memory chips, they are considered by most procedures to be safely deleted, 2 / - writing anything in a block of the NAND system requires prior deletion of this block (removal of charges from floating gates of all cells), which irretrievably destroys the previous content, 3 / - In carriers using NAND memories there is a redundancy of physical blocks in relation to blocks addressed in LBA addressing. This allows you to keep empty blocks ready for writing, use wear equalization algorithms ... that's right ... if any block is badly worn, the controller starts saving it. Such a block temporarily stops participating in the rotation (until the wear of other blocks is evened out) and even despite repeated overwriting beyond the LBA addressing, a block may remain where some data will be saved. Therefore, when erasing SSDs, you should use procedures working in physical addressing, and not in the LBA addressing. 4 / - some fragments of data may behave in the same way as damaged in blocks excluded from use. 5 / - ... but when we want to recover data, usually in such a situation what we care most about is lost forever. 6 / - hard drives do not need to be overwritten many times - you only need one time. The risk may be related to areas that are beyond the LBA addressing during overwriting (eg HPA) or have permanently dropped out of it (bad sectors that have been remapped - their LBA numbers have been assigned to other physical sectors from the reserve area).
In my opinion, after generating a new encryption key and new translation tables, you can sleep well. The task is solvable, but you will likely be dead until someone finds a solution. In addition, after resetting, max. some traces of the puzzle.
I am glad someone explained it, but when it comes to security and when it comes to losses of millions of dollars with the possibility that someone will recover data or customer data, I would rather be sure. Of course, keeping the SSD drive. However, not all disks allow for secure erase, and for regular wipe shred or dd as on Linux distributions.
Physical data recovery is one thing and technical possibilities are another. In service reality, sometimes we know that the data is on the medium, but its extraction is so complex that most likely nobody will ever do it. Time is a limiting factor far more than budget. Think for yourself how much your data is worth now, how much will it be worth in a year, and how much in 10 years. In 100 years, you won't care about them at all. Such data includes data encrypted with a key that no one knows. Mathematically, you can say that there is a solution, but there is no practical result.
You just need to reset in DMDE or MHDD. Of course, in the case of SSD disks, data recovery is possible, but the cost starts from about PLN 3,000 and specialized tools are needed for this. A normal user does not have this option.
We practically know that even Bitlocker is crackable. The question of some software that would make sure that the SSD drive was wiped completely. All that's left is the firmware. As for Mhdd - 2010, thank you.
Your concern is blocks outside of LBA addresses. Working in LBA addressing with any program you are not sure that you deleted all blocks, but with TRIM enabled, the probability that something has been saved is negligibly small. In addition, it is encrypted with a key that we do not know. Give me a model of this patriot, and in my free time I will try to find something more about him.
We practically know that even Bitlocker is crackable. The question of some software that would make sure that the SSD drive was wiped completely. All that's left is the firmware. As for Mhdd - 2010, thank you.
Bitlocker is crackable because of its vulnerabilities. The encryption itself is unbreakable. My advice - show anything and go with two recovery programs - signatures and fat / mft. I have no idea what about blocks except for the head.
In general, the ONFI 0x60 command (block erase) applied to each physical block of NAND memory gives you the guarantee of irreversible data destruction. It is not necessary to save new content here. As for the commands of ATA and SCSI standards (e.g. 0xF4 - Secure Erase) - in SSD they can be implemented in various ways - e.g. in your case it is changing the encryption key and creating new translation tables. The data theoretically remain on the medium, but firstly they are encrypted with a key that we do not know, and secondly - they are scattered, as it happens in NAND media. To compose an image of the logical structure, we would first need to read and decode the contents of the NAND chips. and in the case of brutforce methods, biology will not allow us to live to find a solution. Yes - if we secure the encryption key beforehand or find errors in the implementation of the encryption (as in the case of bitlocker), the data will no longer be secure. If you reset the SSD once, the volume of recoverable data is not greater than the total physical capacity of the medium - LBA address area. In practice, it's even less, because TRIM works, blocks rotate all the time, but working in LBA addressing will never give you a 100% guarantee of removing everything, because there can always be a single block containing some fragment of critical data. To get to blocks outside the LBA area, you would have to desolder the memory chips and read them on the programmer. And because in your case the data is encrypted with two different keys (the current content with the current key, any remnants of the old content - with the old key), the possibilities of identifying and decrypting the old content are highly theoretical ... but potentially they are In the case of unencrypted SSDs, Secure Erase is block erasing, but I cannot guarantee the correct implementation of the procedure for each media model. In the case of HDD - you overwrite the entire LBA address space once, remembering to make sure that the LBA address size corresponds to the factory value. After this procedure, the only thing you can worry about is remapping defects or an attempt to intentionally hide a small piece of information in SA - the latter one would have to be done without damaging the drive's firmware. Subsequent overwriting runs are a waste of time and electricity. The overwrite pattern can be any - it does not matter for the effectiveness of the procedure. Because I assume that you no longer use old drives with a stepper motor, where the eccentricity of the motor axis and the thermal expansion of the platters could lead to a situation where the head hit the path inaccurately.
The topic of data overwriting has grown to the size of a book for me, only so many other classes that I don't know when I'm going to finish it: http://kaleron.pl/Nadpisanie-danych.php
I need advice, I want to clean SSD disks in a company that cannot be recovered from them (let only the NSA be able to).
Resetting the entire LBA range with any program and then, to be sure, scan by signatures, you can also use mft. After the signatures, he may find some TXT - try to open, like bushes, the traces are blurred. Even a rejected MHDD is suitable for this. There will be data (in fact, their remains, if they are not a few KB txt files, they will be useless) except for the LBA, which will grind up with the subsequent use of the trim and wear leveling drive. Remember that SSD reads single cells, but writes pages (groups of cells, it is impossible to write a single cell) and deletes blocks (it cannot write to an already saved cell, it must first delete it and delete entire blocks - groups of pages). Therefore, writing zeros or anything (overwriting) will be preceded by a physical erasing of everything.
A small correction - the NAND system is not able to address single cells. The minimum reading and writing unit is a page that corresponds to a volume from a few to several kB, and the minimum erasing unit is a block containing several to several hundred pages. LBA sectors are "cut" from pages by the controller - therefore on the external interface of the device we see these sectors, not pages.
If you use your procedure, you do not have a 100% guarantee - this is only given by deleting all blocks in the physical address. But from a practical point of view, it is after the data. The chances of correctly identifying and decrypting blocks that may have remained uncleared are purely mathematical.
I don't know what you have to do with MHDD. From the body of the thread I conclude that you haven't found anything that works in physical addressing of the medium, Surely MHDD is a class better than OS measures. At least it supports NHPA.
The discussion centers on secure SSD wiping methods to ensure data is irrecoverable, particularly in a corporate context. Users express concerns about the effectiveness of various data erasure techniques, including Windows 10's reset feature, which may not provide sufficient security. Recommendations include using specialized software like KillDisk and MHDD, as well as the importance of utilizing the Secure Erase command for SSDs. Participants highlight the differences between SSDs and HDDs in terms of data deletion processes, emphasizing that SSDs can utilize commands that effectively render data unrecoverable through encryption and block erasure. The conversation also touches on the implications of TRIM and wear leveling on data security, with a consensus that while data recovery from SSDs is challenging, it is not impossible without proper erasure methods. Summary generated by the language model.
