Secure Erasing Isn’t That Secure with SSDs
Posted on by Peter James
In a paper to be presented at this week’s Usenix FAST 11 conference in California, a groupe of security researches from the University of California, San Diego, have found that securely erasing SSDs (solid-state drives) is not efficient, and may leave large amounts of data on the drives, which is then accessible via file recovery software. As they point out in their paper, “none of the existing hard drive-oriented techniques for individual file sanitization are effective on SSDs.”
The researchers used a number of devices and techniques, and notably found that Mac OS X’s “secure erase Trash” – most likely the “Secure Empty Trash” feature – left 67% of data accessible on an SSD, compared to only 9.8% on a USB drive. Even overwriting free space on SSDs turned out to be ineffective.
Given that SSDs are increasingly popular – and are provided on the MacBook Air – this suggests that data protection requirements for users of SSD-based computers are much more stringent. When users securely delete files, or securely erase free space on their drives, they have no way of knowing how effective these operations are. The paper concludes, saying that, “the increased complexity of SSDs relative to hard drives requires that SSDs provide verifiable sanitization operations.”