![]() ![]() ![]() Samsung > first 3D Vertical NAND SSD > SED technology While this is generally true, the latest generation of SSD have Trusted Computing Group ' Opal 2.0' transparent AES-256 encryption of pages (storage elements), and discard this key when the page is no longer needed or has exceeded 'wear' (re-write) tolerance. Use 'SED' ( Self-Encrypting Drives) technology: ![]() The only way to otherwise guarantee a secure wipe on an SSD is to destroy it. More than that, a wipe of an encrypted disk will knock out at least ~80% of the data (a mathematician will probably counter this), making it much harder to decrypt. In either case, it's childplay to prevent the correct key being entered, rendering the data unusable without time-expensive cracking techniques. Buy drives that are hardware-encrypted.You might be able to get everything by doing a multi-pass write but it's hard to guarantee without doing a chip-by-chip analysis (which a determined attacker might).Īs others have said before, if you want security you need to start with security: Because this is all handled by the disk in the background, this prevents you from actually clearing everything. It is true that overwriting a memory sector will wipe it without any of the ghosting old mechanical disks get, but the controllers for these disks have all sorts of life-prolonging features that obscure physical "sectors" away from the operating system.įor example, many modern disks reserve a portion (up to 20% of physical size) for wear levelling. I'd suggest reading this Security.SE answer (and the links at the end).
0 Comments
Leave a Reply. |