[cryptography] Deleting data on a flash?

Eugen Leitl eugen at leitl.org
Mon Sep 23 01:42:49 PDT 2013

----- Forwarded message from Moritz <moritz at headstrong.de> -----

Date: Mon, 23 Sep 2013 10:26:42 +0200
From: Moritz <moritz at headstrong.de>
To: cryptography at randombit.net
Subject: Re: [cryptography] Deleting data on a flash?
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130827 Icedove/17.0.8

On 09/23/2013 10:02 AM, ianG wrote:
>> The issue is that it's pretty much impossible to delete data securely
>> from a flash device.
> Why is that?

The flash memory controller hides the real storage cells from you and
spreads writes across all cells equally for wear-leveling. You cannot
directly access the cells. Some SSDs have a secure erase option, but you
never know if it is properly implemented, and you can only use it to
wipe the complete drive.


[...] Our results lead to three conclusions: First, built-in commands
are effective, but manufacturers sometimes implement them incorrectly.
Second, overwriting the entire visible address space of an SSD twice is
usually, but not always, sufficient to sanitize the drive. Third, none
of the existing hard drive-oriented techniques for individual file
sanitization are effective on SSDs.

cryptography mailing list
cryptography at randombit.net

----- End forwarded message -----
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130923/b7f7e9a7/attachment.sig>

More information about the Testlist mailing list