112
How do I wipe a modern SSD to prevent data recovery?
(lemmy.world)
A loosely moderated place to ask open-ended questions
If your post meets the following criteria, it's welcome here!
Looking for support?
Looking for a community?
~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~
For all average user requirements that just involve backups, PII docs, your sex vids, etc (e.g. not someone who could be persecuted, prosecuted, or murdered for their data) your best bet (other than physical destruction) is to encrypt every usable bit in the drive.
$-963,;@82??/@;!3?$.&$-,fysnvefeianbsTak62064$@/lsjgegelwidvwggagabanskhbwugVg
, copy it, and close/delete without saving.Even if veracrypt hits a free space error at the end of the task, the job is done. Maybe not 100%, but 99.99+% of space on the SSD is overwritten with indecipherable gibberish. Maybe advanced forensics could recover some bits, but a) why the fuck would they go to that effort for a filthy commoner like yourself, and b) what are the chances that 0.01% of recoverable data contains anything useful!?! You don't really need to bother destroying the header encryption key (as apple and android products do when you wipe a device) as you don't know the password and there isn't a chance in hell you or anyone else is gonna guess, nor brute force, it.
If you want to keep/sell the drive...
Is that the best strategy? Or is anything outside of 2 and 3 redundant?
You can’t fill the drive. The drive decides when to use its buffered free storage blocks. It’s at the hardware level and only the Secure Erase command will clear it.
Right, I read some more of the comments and realized that's what some of the "unreported space" is used for. Makes sense, thanks!
You fill up the usable space. Or the visible space. No one will disamble the device and read from the raw storage.
Then why do that when you can do a secure erase in seconds?
That makes sense. Thank you!
Nobody is gonna bother doing advanced forensics on 2nd hand storage, digging into megabytes of reallocated sectors on the off chance they to find something financially exploitable. That's a level of paranoia no data supports.
My example applies to storage devices which don't default to encryption (most non-OS external storage). It's analogous to changing your existing encrypted disks password to a random-ass unrecoverable throwaway.