SSD secure erase - sometimes failing, why?
Hi experts!
I'd like to clarify what "secure erase" I am talking about, it's the function built into some ssd drives' firmware that allows you to erase the whole drive in seconds.
I have used the OCZ tool on 4 of their drives, 3 succeeded, one (identical model) failed ("drive is security locked"). I used the intel ssd tool on 1 intel ssd drive and it erased alright. I used the Samsung tool on one of their drives, it failed ("secure erase could not be completed").
I wonder what makes some of them fail. I really would like to have that function working because it's so much quicker than a normal wipe. [Actually, it's even the only method there is to securely erase an SSD, at least our government says that.]
I read that power cycling the drives would help but that changed nothing: unplugged, waited a minute, replugged, same result. So I resorted to normal wipe and after a full wipe of the OCZ, I was able to do the secure erase, too. Left me puzzled but I tried the same on the Samsung one: no, this time no luck, same error. Tried different buses: SATA3, SATA2, USB.
Anyone experienced here?
Environment: 64 Bit Vista, as well as win8 x64. SSDs: intel 520 series 180 GB, Samsung 840 non-pro 120 GB, OCZ Vertex2 120 GB. Latest versions of their tools.
I'd like to clarify what "secure erase" I am talking about, it's the function built into some ssd drives' firmware that allows you to erase the whole drive in seconds.
I have used the OCZ tool on 4 of their drives, 3 succeeded, one (identical model) failed ("drive is security locked"). I used the intel ssd tool on 1 intel ssd drive and it erased alright. I used the Samsung tool on one of their drives, it failed ("secure erase could not be completed").
I wonder what makes some of them fail. I really would like to have that function working because it's so much quicker than a normal wipe. [Actually, it's even the only method there is to securely erase an SSD, at least our government says that.]
I read that power cycling the drives would help but that changed nothing: unplugged, waited a minute, replugged, same result. So I resorted to normal wipe and after a full wipe of the OCZ, I was able to do the secure erase, too. Left me puzzled but I tried the same on the Samsung one: no, this time no luck, same error. Tried different buses: SATA3, SATA2, USB.
Anyone experienced here?
Environment: 64 Bit Vista, as well as win8 x64. SSDs: intel 520 series 180 GB, Samsung 840 non-pro 120 GB, OCZ Vertex2 120 GB. Latest versions of their tools.
ASKER
I know about this, yes.
The drives were fairly new, the Samsung for example was brand new.
Reflashing often does not even harm the data - I did a lot of firmware updates on SSDs.
The drives were fairly new, the Samsung for example was brand new.
Reflashing often does not even harm the data - I did a lot of firmware updates on SSDs.
For newer drives, secure erase can simply mean changing the encryption key for the drive, at which point the cryptographic keys to encrypt and decrypt the data is no longer valid, so all of the data becomes instantly unreadable.
Firmware updates are typically designed not to modify the encryption keys, if they even exist at all, and as a byproduct will retain data.
Manufacturers who offer encryption supporting SSDs will have a utility available to rekey the drive.
Another noteworthy thing to consider is that unlike a conventional spinning hard disk, recovering data from Flash is quite difficult in non-encrypted scenarios. Wear leveling makes this process a little easier as you can't technically address all of the data at any one point in time due to over provisioning, making it possible to recover data that one would believe would be overwritten. Utilizing TRIM on a drive makes data recovery even more difficult as it will simultaneously zero out data and transition data from cell to cell via wear leveling as well as increasing cell utilization as any read or write must re-write the entire 256KB cell, hence the reason why you would always make sure that your cluster sizes for a SSD is 256KB and that your drive is aligned appropriately.
Firmware updates are typically designed not to modify the encryption keys, if they even exist at all, and as a byproduct will retain data.
Manufacturers who offer encryption supporting SSDs will have a utility available to rekey the drive.
Another noteworthy thing to consider is that unlike a conventional spinning hard disk, recovering data from Flash is quite difficult in non-encrypted scenarios. Wear leveling makes this process a little easier as you can't technically address all of the data at any one point in time due to over provisioning, making it possible to recover data that one would believe would be overwritten. Utilizing TRIM on a drive makes data recovery even more difficult as it will simultaneously zero out data and transition data from cell to cell via wear leveling as well as increasing cell utilization as any read or write must re-write the entire 256KB cell, hence the reason why you would always make sure that your cluster sizes for a SSD is 256KB and that your drive is aligned appropriately.
ASKER
Fine. But what about the question? ;)
Could be the drive itself has problems. Try to erase it with Parted Magic as shown here: http://howto.cnet.com/8301-11310_39-20115106-285/how-to-securely-erase-an-ssd-drive/
ASKER
Sorry, missed to report that I did that already: failed as well.
Today I tried the DOS version of Samsung's tool: it ran alright.
Today I tried the DOS version of Samsung's tool: it ran alright.
Yes from any dos version it would run ok. Seems the problem s in drive detection in linux and Windows. Dos Has better detection.
ASKER
Hi noxcho.
"DOS has better detection" - the problem is not, that it does not get detected, but that it either starts erase but does not finish or that it thinks the drive is security locked. Ok, maybe you mean these issues are because of maldetection of what state the drive is in. Anyway, I will stop to rely on the online-tools and use offline-tools.
Ok, this will lead to another question: is there a tool apart from parted magic that will allow different/all brands of SSDs to be erased using their "secure erase" function?
"DOS has better detection" - the problem is not, that it does not get detected, but that it either starts erase but does not finish or that it thinks the drive is security locked. Ok, maybe you mean these issues are because of maldetection of what state the drive is in. Anyway, I will stop to rely on the online-tools and use offline-tools.
Ok, this will lead to another question: is there a tool apart from parted magic that will allow different/all brands of SSDs to be erased using their "secure erase" function?
As far as I know - no such tool was sent to the market. The SSD market seems t be still young and thus the software development is not in rush for it.
saw this paper and like what you did using the vendor tool to erase, most probably using some sort of ATA Secure command. That may not be foolproof as shared in the paper. Most of the failed case, maybe the buggy tool. Thought the other possible approach is to use full disk encryption: make sure the entire filesystem on the drive is encrypted from the start (e.g., Bitlocker, Truecrypt). When you want to sanitize the drive, forget all the crypto keys and securely erase them, and then erase the drive as best as possible. Maybe combine it with ATA Secure Erase for (higher) confidence. Few cents worth
http://static.usenix.org/events/fast11/tech/full_papers/Wei.pdf
Excerpt:
Our results lead to three conclusions:
First, built-in commands are effective, but manufacturers sometimes implement them incorrectly. Second, overwriting the entire visible address space of an SSD twice is usually, but not always, suf¿cient to sanitize the drive. Third, none of the existing hard drive-oriented techniques for individual ¿le sanitization are effective on SSDs.
http://static.usenix.org/events/fast11/tech/full_papers/Wei.pdf
Excerpt:
Our results lead to three conclusions:
First, built-in commands are effective, but manufacturers sometimes implement them incorrectly. Second, overwriting the entire visible address space of an SSD twice is usually, but not always, suf¿cient to sanitize the drive. Third, none of the existing hard drive-oriented techniques for individual ¿le sanitization are effective on SSDs.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
See comment.
In fact... likely you are damaging or at least shortening the drives life by doing this. FYI for same reason, SSD drives should not be defragmented.
Why it does not work on some drives? From my experience because the drive you are experiencing this issue with already have "exhausted" memory cells in certain areas.
I found that about the only tool to talk to these drives are the factory firware flashing utilities, and if you are realy concerned about whiping the drives clean, re-flashing the drive will do the trick.