SSD hard drives may be a trade of speed over security

Wipe types and their success

Researchers at the University of California in San Diego have found that the tried and true techniques used to erase a typical hard drive aren't quite as effective when used on solid state drives(SSD). 

The chart above shows the different methods the researchers used on the drives and how successful they were at completely removing the data, they found that even the most successful wipes left at least 10MBs of readable data from a 100MB file. Even using techniques that overwrite all of the data with random data still left nearly all of the original data intact. 

To find out how effective each of the wipe techniques was, the researchers went as far as to dismantle the drives and access the data through the pins on the chips. After all their tests, the researchers concluded that the most effective way to prevent data from being stolen from the drives is to encrypt them right from the moment you get it. This will also help protect your data if the drive is stolen. 

The researchers at the University said that they are using this data in an attempt to come up with a way to more effectively clean a SSD for disposal. SSDs are still making their way into the market, according to InformationWeek they currently only hold about 2% of the laptop market but that number is expected to double by 2014. 

Image source: University of California San Diego

Report a problem with article
Previous Story

Windows 8 tablet may feature live tiles similar to WP7

Next Story

Rumour: Final Cut Pro overhauled, new release imminent

64 Comments

View more comments

Shining Arcanine said,
Just issue an ATA Secure Erase command to the SSD. It will be reset to its factory settings, which means all of the data will be gone.
I'm pretty sure that won't work on a lot of SSD's since their RAID or AHCI (or both depending on the setting). They can emulate ATA but I'm not sure if they'll support a native command like that.

Tim Dawg said,
I'm pretty sure that won't work on a lot of SSD's since their RAID or AHCI (or both depending on the setting). They can emulate ATA but I'm not sure if they'll support a native command like that.

If you're going to erase just break the RAID array before Secure Erasing. Secure Erase works with ACHI, easiest way is through Linux (use a Live boot CD).

Tuishimi said,
The more I read about SSDs the less appealing they seem to be.
I have SSD's in all 3 of my laptops and both of my primary desktops (home and work) and they really do make a difference in speed, especially in laptops where the crappy 5400 RPM drives take forever to get anything done.

Tuishimi said,
The more I read about SSDs the less appealing they seem to be.

its not that they are less appealing, its that they are appealing in a different way... like if you are worried about damaging the disk and losing data from mechanical shock, thats something you dont have to worry about with SSD's ... and of course they are much faster and consume less power than mechanical disks, but you probably heard that already

Tuishimi said,
The more I read about SSDs the less appealing they seem to be.

I can't help but wonder what you've been reading

P1R4T3 said,
Just install OS, A/V & common apps on the SSD. Games/Download, pr0n should be on the SATAAA!

If you've got something to hide it's important not only not to have it found, but for it to never be known that you had it.

The issue is things like "Overthrow Egypt PM.docx" that get cached on the OS drive, or leaving references made to "secret" files behind even if you've never had the content of the file on that drive.

Do you think law enforcement would be more willing to free you if they only found the "10 year old kiddy porn.jpg" entries files in your browser history? Feel free to replace that file name with whatever your local community said is unforgivable. For westerners it's child pornography, for someone in China it might be pro-tibet independence papers, and for a saudi it might be comics about the prophet.

Either way, just being suspected of being in possession of that stuff is as bad as actually finding the files. For things like that a reliable way to remove all traces is important although full disk encryption is better still (though it has to be done in such a way as not to draw attention to the fact you're hiding something.

P1R4T3 said,
Just install OS, A/V & common apps on the SSD. Games/Download, pr0n should be on the SATAAA!

from a cost perspective it kind of makes sense, mechanical hard disks allow more storage for the same price

but if you are really paranoid, then yeah , either use encryption, or there has to be a command in the SSD to wipe it clean, sort of a low level format...

P1R4T3 said,

But if someone have these kind of (disturbing) things to hide, I don't think they'll be storing them on a home/work PC anyways.

Disturbing is a relative term and unfortunately it's not always the most charitable or sane people that make those marks in the sand.

For example, do you think a highly decorated and award winning novelist should be excuted for a best-selling and prize winning book? We're not talking about your typical Dan Brown nonsense but someone who was knighted for 'services to literature'? Probably not. But Iran has a different view of things and an westerner unfortunate enough to catch the eye of a zealous border-security agent in one of those nations may end up terminal danger.

China has jailed hundreds of people for supporting tibet's movement for political independence. Look at how they've treated a Nobel Peace Prize winner this winter for an example of how internationally recognized people can be dealt with by authoritarian governments: how do you suppose your more typical "Screw the man" starbucks-wannabe-anarchist might fair?

Child pornography is a western boogie-man: the sort of thing where people lose their minds instead of sticking to principles of fairness to the accused and justice for all. In other nations the things we hold most dear (like the right to self governance or political/religious criticism) are forbidden. Issues like security and privacy are of equal importance to both but for different reasons.

Personal computers are exactly where you store all of that kind of stuff. Public locations are monitored, work (for many people) isn't reasonable because you can't go about "unpopular activities" in the public square.

Good topic. Here's my 2c about SSD's.

I"m running it on my pc. It has a good setup (p6t deluxe, i7 920, 6GB ram DDR3 triple channel, and a GTX250 ) and running RAID-0 Corsair 2x 60GB SSD's.

In my case, i'm not a hardcore gamer, plus don't use heavy suites like adobe and stuff. I'm just a regular user, play some games sometimes, burn DVD's, play a movie etc..

I'm a bit disapointed after 10 months running this setup. Sure SSD's are fast, HD programs show me it running read/write at 500+ MB/s.

BUT

On my usual daily, i think it a bit slow in some operations compared with my old RAID-0 S-ATA-'s II setup.

For example, i have to extract big files from the rars everytime. Like unrar 8-10GB iso file.

On my old setup, using the satas drivers, it takes like 4 min to unrar de full iso from rars.
On the new setup, thar raid-0 SSD, i have no clue why, but it take longer. Like 10 min to extract the very same file.

I was supposing it should be way faster from that. At last, faster from the old sata's. But it won't happen.

Plus other concern, like the loss of speed if i run drivers encrypted. With no encrypt, it always read/write at 500+ MB/s, but with truecrypt running, a default encrypt setup, i lost A LOT OF speed.

After encrypted, the very same test, just allow me read/write at 120MB/s max. that's really bad.

I really have no more ideas on what to do. I can't run unecrypted drivers, plus i don't like the loss of speed when drivers runs encrypted.

Also, de unrar thing is serious, and a pain to be honest.

tester.br said,
i7 920, 6GB ram DDR3 triple channel

The DDR3 RAM is at 1066 MHz? (Unless you overclocked your i7)
tester.br said,
For example, i have to extract big files from the rars everytime. Like unrar 8-10GB iso file.

Try extracting from one of your SSDs to the other (in both ways) and see if one of those is faster.

If your last machine was running 32-bit windows and now it is 64-bit then google returns a result about DEP being different on 64-bit native things (i.e. done at hardware level) to how it was on 32-bit (software level), so make sure you aren't doubling your DEP on the winrar thread maybe?

If you still have no success then try a newer version of winrar, or try a different compression method e.g. 7z

It was 2001. I had just switched over from Windows 98 SE to Windows ME and then to Windows 2000 Pro. I had this incredible idea that Windows would run way better if it was hardware instead of software. That my friends is essentially what SSD allows us to do.

heh. how many people really have that many 8-10GB iso in rar files? ... Its a waste of time Vs. bandwidth these days to even rar up things that large. no offense.

Don't know if it's been sad or not. I would recommend to anyone when you get a brand new hard drive is to buy a nice encryption package or even use trucrypt will work is to Encrypt the entire hard drive and when it comes time to getting rid of it just secure erase it at that time.

Or if your paranoid freak, toss it in a furnace.

The article said that most SSD's implement full-disk wiping correctly. It's individual file wiping that doesn't work well on SSDs. So just "dd if=/dev/zero of=DRIVE" on your HD when you're done with it.

I'd prefer games on the ssd for faster loading and os and stuff on normal drive. Once the os is up it's up ssd won't make much difference in load times for it then plus not much else intensive I use it for

I get so tired of people using the excuse, "what have you got to hide"... that is complete BS. Your a fool if you don't think erasing your drive is a good thing. There are plenty of none illegal things you don't want others getting. I store backups of all our important papers on my drives.

Commenting is disabled on this article.