I understand traditional methods don’t work with modern SSD, anyone knows any good way to do it?
Physical destruction. It’s the only way to be 100% sure.
deleted by creator
No. Most SSDs actually contain far more storage internally than the SSD controller exposes. They then even out the wear and tear of the flash memory “packages” by cycling through the various packages and, given there being more packages than actually exposed for use, this offers a level of redundancy so the device lasts longer.
Because of this, wiping the logical device (e.g. zero filling or writing random data multiple times) doesn’t actually guarantee every storage package is written to / overwritten. Thus data may still reside even after wiping (that can be accessed by reading the packages directly and skipping the controller which abstracts these packages into a virtual block device).
Some SSDs offer a secure wipe tool that does a low level wipe of every page or wipes out an encryption key and generates a new one but not every SSD on the market offers that feature.
From the company my org has used to decommission old hardware; an industrial grinder is sadly the most assured way to guarantee no data can be recovered.
If it’s really an issue where “if the data on this SSD falls into the wrong hands, lives will be ruined” sort of thing, my favorite data security tool for this job is a bench grinder. Difficult to put the data back together when the flash chips are powder scattered throughout 14 different shop surfaces and at least two lungs.
Be careful with lung butter though. Been betrayed before
I prefer thermite. Recover my data from a messy contaminated slag heap.
Encrypted volume and burn the encryption key
This is how storage services attest to a secure wipe.
But I wouldn’t trust anyone else with said encryption key who knows if its going straight to the CIA or not.
Does it have to be from orbit?
What if the drive is not on a planet?
For all average user requirements that just involve backups, PII docs, your sex vids, etc (e.g. not someone who could be persecuted, prosecuted, or murdered for their data) your best bet (other than physical destruction) is to encrypt every usable bit in the drive.
- Download veracrypt
- Format the SSD as exFAT
- Create a new veracrypt volume on the mounted exFat partition that uses 100% of available space (any format).
- open up a notepad and type out a long random ass throwaway password e.g.
$-963,;@82??/@;!3?$.&$-,fysnvefeianbsTak62064$@/lsjgegelwidvwggagabanskhbwugVg, copy it, and close/delete without saving. - paste that password for the new veracrypt volume, and follow the prompts until it starts encrypting your SSD. It’ll take a while as it encrypts every available bit one-by-one.
Even if veracrypt hits a free space error at the end of the task, the job is done. Maybe not 100%, but 99.99+% of space on the SSD is overwritten with indecipherable gibberish. Maybe advanced forensics could recover some bits, but a) why the fuck would they go to that effort for a filthy commoner like yourself, and b) what are the chances that 0.01% of recoverable data contains anything useful!?! You don’t really need to bother destroying the header encryption key (as apple and android products do when you wipe a device) as you don’t know the password and there isn’t a chance in hell you or anyone else is gonna guess, nor brute force, it.
Are you considering using the drive afterwards? Because “toss it in a microwave for like 5 minutes” is always a valid answer if you’re not worried about reusing it.
Call the devices secure erase functionality.
here’s how to do it to sata and pata devices
I don’t do some of the checking and testing in that article, I just do —security-erase-enhanced and unless it fails it’s fine.
You could also encrypt the contents and delete the key.
This article covers several methods. Personally, I’d look for a BIOS based tool first, as that would be free and easiest. After that, the Diskpart Clean All command is probably fine for anything other than Top Secret data which a government based threat actor would be willing to put a lot of resources into recovering. If it’s just your tax documents and porn archive, no one is going to care enough to dig out anything which that command might have left behind.
- Secure erase using the drive OEMs tool.
- If you were using something like bitlocker then simply dump the key.
- Wood chipper or some other form of absolute physical destruction.
deleted by creator
NSA requires the use of a industrial shredder that can grind the components into pieces less than 2mm.
https://ameri-shred.com/portfolio-items/2mm-ssd-solid-state-drive-hammer-mills/
If you can’t do that, you should incinerate the drive at over 700 degrees.
As far as wiping goes, a 3 pass overwrite alternating 0s and 1s is good enough as long as it’s done over the entire drive, not just the partition.
BCWipe is good enough for this
I hear thermite is good at destroying things.
i know this isn’t what is being asked, but disk level encryption is cool
With fire
If it’s really sensitive shit, you should beat the shit out of it with a sledgehammer and make sure you got all the nand modules(see diagram online), then throw parts of it into a large body of water, deeper the better
