Data remains on USB and Solid-State Hard Drives (SSDs) even after Secure Erase
New research shows that secure erase programs used on standard hard drives to wipe important data do not completely erase solid-state (SSD) drives and USB thumb drives. As much as 75 percent of the data could remain after a succesful secure wipe.
SSD drives are being used more frequently now, especially as boot drives in laptops, because of their high speeds. But it looks like raw speed is not the only difference between them and standard hard drives.
According to The Register, the difference lies in the way that SSD and USB flash drives function. Unlike standard hard drives that store the file in a single location, flash drives can make multiple copies of the file on the flash drive and just points to the latest version:
The difficulty of reliably wiping SSDs stems from their radically different internal design. Traditional ATA and SCSI hard drives employ magnetizing materials to write contents to a physical location that’s known as the LBA, or logical block address. SSDs, by contrast, use computer chips to store data digitally and employ an FTL, or flash translation later, to manage the contents. When data is modified, the FTL frequently writes new files to a different location and updates its map to reflect the change.
According to scientists at the University of California at San Diego, different wiping techniques left varying levels of information behind. Up to 67% of data remained when using Mac’s OSX secure wipe. Up to 58% of data was recoverable when using British HMG IS5. Pseudorandom wipes were the worse, up to 75% of wiped data was recoverable.
When you run a secure wipe on a hard drive, the program will write data over top of the existing data to make sure it is unrecoverable. Random binary 0’s and 1’s are written over the existing ones, sometimes numerous times. This works very well, because the data is only located in one area of the drive. Because SSD drives could hold copies of the data in a couple of areas, only the active copy is securely erased, and the copies may go untouched and be fully recoverable.
The scientists used a $1,000 device to recover the data, but a DIY version could be made for about $200. According to the article, SSD drives that store information in an encrypted form are much safer to use. This is something for companies to keep in mind when they go to use and discard SSD drives that contain critical data.
I am sure now that the need has surfaced for a SSD secure erase program, we will probably see several in the near future.