s**********t
发帖数: 1846 | 1 Researchers from the University of California at San Diego delivered a paper
at the FAST-11 Conference in San Jose, Calif., last week that shows it's
almost impossible to reliably erase data from a solid state drive.
The tome, "Reliably Erasing Data from Flash-Based Solid State Drives" (PDF),
goes through all of the known techniques for erasing data and comes up
short in every case. The study's method is straightforward: They put
repeating data on an SSD or USB drive, tried using various erasing
techniques, took the SSD or USB drive apart, and pulled raw data off the
chips. If any of the original data remained, erasing didn't work.
The culprit? SSD's so-called Flash Translation Layer, a firmware interface
that makes an SSD appear to the PC like a big fat, uh, FAT device. Operating
systems want to work with file allocation tables and clusters. SSDs have to
deal with the vagaries of Flash media, which are quite different from
rotating magnetic layers. For example, SSD blocks have to be erased before
they can be written, and erasing takes a lot of time. FTL figures out how to
erase unused blocks of memory when the SSD isn't doing anything else. SSD
devices wear out faster if the same blocks are written and rewritten, so FTL
balances the write load across all of the available memory.
You might imagine with all of these delayed erases running around and blocks
of data being intentionally scattered to remote corners, there's some
potential for error. Ends up, there's more than just a potential.
Here's what they found.
Erasing an entire SSD hard drive is difficult
When the researchers used the drive's built in "Erase Unit" command -- that'
s a legacy ATA-era command and it doesn't work on USB drives -- of the
twelve SSDs tested, only four were completely erased. (One of the drives is
automatically encrypted, so they couldn't tell if it was erased properly or
not.) One of the drives reported it had been erased when, in fact, all of
its data was immediately accessible.
Overwriting the whole disk fared a little bit better. With a hard drive,
overwriting routines typically write all zeroes or all ones or some random
character -- and then repeats the process a specific number of times. Out of
eight drives tested using a similar method, one was completely erased after
a single pass and two were completely erased after overwriting the data
twice. One of the drives had 1 percent of the original data still on it
after 20 writes. But half of the drives took more than 58 hours to perform a
single pass. The researchers gave up.
Then the researchers tried degaussing, but it didn't work at all.
Encrypting drives passed muster, because deleting the key from the Key
Storage Area makes the data useless. But the authors are less than
enthusiastic about the approach because there's no way to verify that the
manufacturer's key deleting mechanism completely obfuscates the contents of
the Key Storage Area.
Erasing a single file is a horse of a different color
Single-file eradication generally relies on overwriting all of the storage
space used by the file. As you might imagine, with the FTL running
interference, it's going to be very hard to pick up all the pieces of a file.
When the researchers tried the usual approach -- 35 different variations on
the file-overwriting theme, including several military spec algorithms --
they found single-file erasure just didn't work: "All single- | a****l
发帖数: 8211 | 2 I can completely erase an SSD within 10 seconds. Only a sledge hammer is
needed.
paper
),
【在 s**********t 的大作中提到】
: Researchers from the University of California at San Diego delivered a paper
: at the FAST-11 Conference in San Jose, Calif., last week that shows it's
: almost impossible to reliably erase data from a solid state drive.
: The tome, "Reliably Erasing Data from Flash-Based Solid State Drives" (PDF),
: goes through all of the known techniques for erasing data and comes up
: short in every case. The study's method is straightforward: They put
: repeating data on an SSD or USB drive, tried using various erasing
: techniques, took the SSD or USB drive apart, and pulled raw data off the
: chips. If any of the original data remained, erasing didn't work.
: The culprit? SSD's so-called Flash Translation Layer, a firmware interface
|
|
