Researchers from the University of California at San Diego delivered a paper at the FAST-11 Conference in San Jose, Calif., last week that shows it's almost impossible to reliably erase data from a solid state drive.
The tome, "Reliably Erasing Data from Flash-Based Solid State Drives" (PDF), goes through all of the known techniques for erasing data and comes up short in every case. The study's method is straightforward: They put repeating data on an SSD or USB drive, tried using various erasing techniques, took the SSD or USB drive apart, and pulled raw data off the chips. If any of the original data remained, erasing didn't work.
The culprit? SSD's so-called Flash Translation Layer, a firmware interface that makes an SSD appear to the PC like a big fat, uh, FAT device. Operating systems want to work with file allocation tables and clusters. SSDs have to deal with the vagaries of Flash media, which are quite different from rotating magnetic layers. For example, SSD blocks have to be erased before they can be written, and erasing takes a lot of time. FTL figures out how to erase unused blocks of memory when the SSD isn't doing anything else. SSD devices wear out faster if the same blocks are written and rewritten, so FTL balances the write load across all of the available memory.
You might imagine with all of these delayed erases running around and blocks of data being intentionally scattered to remote corners, there's some potential for error. Ends up, there's more than just a potential.
Here's what they found.
Erasing an entire SSD hard drive is difficult
When the researchers used the drive's built in "Erase Unit" command -- that's a legacy ATA-era command and it doesn't work on USB drives -- of the twelve SSDs tested, only four were completely erased. (One of the drives is automatically encrypted, so they couldn't tell if it was erased properly or not.) One of the drives reported it had been erased when, in fact, all of its data was immediately accessible. #FAIL.