The complexity of the secure deletion from SSDs is related to their completely different internal structure. Standard ATA and SCSI hard drives use magnetic properties of materials to write data into the physical location known as the LBA or Logical block addressing. SSDs, in contrast, use computer chips to store data in digitalized form, as well as FTL, or flash translation later, for data management. When data is modified, FTL frequently writes new files to different sectors and updates the card to display the changes.
In the process, the data remanence from the old file, which the authors attribute to the digital remaining residue, still remain in the drive.
"The differences between HDD and SSD can potentially lead to a dangerous divergence between the user's expectations and the actual behavior of the drive," - the researchers from the University of California in San Diego wrote in an 13-page article. "The owner of SSD can employ the technique of hard drive "sanitation" in the mistaken belief that this will delete data irretrievably. As a matter of fact, the data may remain on the drive and devious methods will be needed to delete it."
Indeed, the researchers reveal that 67% of the file data remains even after it has been deleted from the SSD with secure data deletion option offered by Apple in the OS Mac OS X. Other operations on the "data overwrite" - which securely delete files by overwriting the data stored in a specific location on the disk - failed with same high figures when used to delete a file from the SSD. When executing of pseudo-random operations on the data, for example, 75% of the data has remained, while the British HMG IS5 technique has slightly better results - 58%.
Selecting one or more files to delete is just a "sanitation" technique which allows continuing to use the drive on which the data was held. The researchers also found that all the techniques for data overwrite, oriented to a single file, failed to delete all digital remaining residue, even if the procedure was followed by the disk defragmentation, which reorganizes remaining data in the file system.
"Our data show that overwrite is ineffective and that "manufacturer suggested data deletion techniques' may not always work well", the article warns.
Techniques for cleaning the entire drive work just a little better with SSD. There is an isolated incident when an unnamed SSD still contained 1% of 1 GB data even after 20 consecutive attempted data overwrites on the entire device. Other drives were able to delete their data securely after two attempts, but most of them require from 58 to 121 hours for a single run, which makes the technique inviable in most cases.
The researchers also found serious failures when trying to expose SSD-media to degauss, which leads to the destruction of low-level formatting of hard drives. Since degauss is dangerous only for magnetic drives, it is not effective when applied to storage devices of the new generation. "In every case, the information was left intact," - the researchers wrote.
The researchers found the most effective way to delete data from SSD - it was the use of data encryption devices. Data deletion is executed by erasing the encryption keys from the so-called keystore. This assures reliability of data's remaining encrypted forever.
"However, the danger is that this method relies on the fact that the controller thoroughly clears internal storage that contains the encryption key and other valuable data that can be useful in the cryptanalysis", the researchers wrote. "We found these bugs while executing some clearing commands. It is over-optimistic to believe that SSD manufacturers will thoroughly clear the keystore. Moreover, there is no way to make sure that the clearing has been executed (for example, if you remove the drive). "
The study was carried out by writing the files detected by signatures on SSD and later using special devices, which had to find signs of any residual data after the use of secure techniques for files deletion. The research device is about $1000, but "a simpler version based on the micro-controller will cost $200 and require only a limited amount of technical skills to create it", they said.
If you experienced any sort of trouble with you Solid-State Drive in Salt Lake City, UT, contact our data recovery Utah lab