Security Implications of Flash Memory

Hi Experts.

Today I'm researching the security aspects of USB flash drives.

I'm aware of some issues surrounding hard disk drive storage -- whenever I'm deleting sensitive data I use the Unix shred utility (or equivalent). But I've heard that in some cases, information can be recovered even after it has been overwritten many times.

That aside, I'm looking to purchase a USB flash drive, and the main requirement is that once I delete data off the drive, it can never be recovered.

One of my colleagues advised me against NAND-based flash memory and recommended that I look into NOR-based flash memory instead. He didn't know for sure though -- he had just heard this somewhere.

So basically I need some more information. Would I still need to use a shred utility on NOR-based flash memory. Would there be *any* possibility of recovering data off it? Should I be using flash at all, or some other type of memory?

Who is Participating?
SysExpertConnect With a Mentor Commented:
Flash uses different type of algorithms, and may not delete until needed, since it tried to minimize writing to flash.

Unfortunately, you would need some low level testing to check whether shredding actually works.

Sorry I could not provide more useful information.

cc16Author Commented:
Okay so it looks like nobody can provide a better answer.

SysExpert, can you give me some  pointers as to how one would go about such low level testing (i.e. is there a tool I can use)?

I suspect that you would need to get an SDK from each Flash manufacturer, both USB  and memory cards.

You would need to test each cipset or at least each algorithim  and 1 chipset per algorithm.

I hope this helps !
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

eagle0468Connect With a Mentor Commented:
From my understanding of ROM (Which is what most USB drives are essentially) and hard drives, the main difference would be that one stores data magnetically (hard drives) while the other does so electronically (USB drives).  Now, the question of data destruction becomes one of how the data is destroyed.  On a hard disk it is usually an index in the Master File Table (NTFS) or an entry in the File Allocation Table of a FAT 16 or 32 volume, and therefore the actual data still resides on the drive.  Now, there are utilities that can and will erase the actual data from a drive, but the data may still be recoverable with the proper algorithm.  

In the case of USB drives, both NOR and NAND, the data is kept electronically.  When a data bit is erased, it is due to an electrical discharge and not a change in magnitude.  All of the literature indicates the data is destroyed at the bit level and there is no file table or indexing involved.  Therefore I can say with some certainty that the data would be completely irrecoverable without the necessity of multiple overwrites (as many hard drive data destruction utilities use).  

In short I would feel safe that data erased from a flash drive such as a USB key goes quite quickly into the ether and is not stored for posterity as on a magnectic disk.

One thing I need to get clarification on is how "secure" the destruction of data might be on a solid state drive formatted with NTFS (i.e. the new flash drives available for some notebooks).  From what I have read, when you lose the data there is no chance of data recovery.

Here are a few references.
Well cc16,

It appears that data may be recoverable from a USB drive.  I checked on Drive Savers web site and discovered they offer data recovery of USB keys.  I am not exactly sure the circumstances of the possiblity of recovery, but it does appear to be possible.  I know, from working with them in the past, that they have had success in recovering data that in my opinion seemed to be gone forever.
cc16Author Commented:
Hi SysExpert, eagle.

I'm getting the feeling that it may be very hard to know for sure either way... and this has led me to consider using cryptography and steganography instead.

If I ensure that any cleartext is confined entirely to RAM and never touches the flash or hard drive -- then I will not ever have to worry as to whether or not data can be recovered.

Thanks for the info anyway guys.. it helped in my decision.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.