Permanently deleting files on SSD
When a file is deleted it isn't truly deleted until the page on the SSD is overwritten, how can I make sure my sensitive files are permanently deleted and cannot be recovered?
I know I could potentially create dummy data and copy that throughout the entire drive until it's full (therefore erasing the pages of sensitive files on the SSD), but is there any easy way to do this?
ssd file-management storage
add a comment |
When a file is deleted it isn't truly deleted until the page on the SSD is overwritten, how can I make sure my sensitive files are permanently deleted and cannot be recovered?
I know I could potentially create dummy data and copy that throughout the entire drive until it's full (therefore erasing the pages of sensitive files on the SSD), but is there any easy way to do this?
ssd file-management storage
Unfortunately, the original SSD devices had fairly prohibitive limits on how much change they could endure, and to work around those limits, people worked very hard to distribute writes evenly across the media. As such, it would probably require a specialized utility. I don't know of one off-hand. I don't want this to be the answer so I'm not posting it as an Answer.
– Ed Grimm
Feb 9 at 5:00
2
There isn’t a guaranteed way. Secure Erase doesn’t always work the same across brands. Writing 1’s and 0’s are inefficient on SDDs due to firmware avoidance to use the same cells to many times. The only efficient method is using full disk encryption, losing the key to the encryption by formatting the disk, then encrypting the drive again.
– Ramhound
Feb 9 at 5:08
add a comment |
When a file is deleted it isn't truly deleted until the page on the SSD is overwritten, how can I make sure my sensitive files are permanently deleted and cannot be recovered?
I know I could potentially create dummy data and copy that throughout the entire drive until it's full (therefore erasing the pages of sensitive files on the SSD), but is there any easy way to do this?
ssd file-management storage
When a file is deleted it isn't truly deleted until the page on the SSD is overwritten, how can I make sure my sensitive files are permanently deleted and cannot be recovered?
I know I could potentially create dummy data and copy that throughout the entire drive until it's full (therefore erasing the pages of sensitive files on the SSD), but is there any easy way to do this?
ssd file-management storage
ssd file-management storage
asked Feb 9 at 4:53
Courtney WhiteCourtney White
111
111
Unfortunately, the original SSD devices had fairly prohibitive limits on how much change they could endure, and to work around those limits, people worked very hard to distribute writes evenly across the media. As such, it would probably require a specialized utility. I don't know of one off-hand. I don't want this to be the answer so I'm not posting it as an Answer.
– Ed Grimm
Feb 9 at 5:00
2
There isn’t a guaranteed way. Secure Erase doesn’t always work the same across brands. Writing 1’s and 0’s are inefficient on SDDs due to firmware avoidance to use the same cells to many times. The only efficient method is using full disk encryption, losing the key to the encryption by formatting the disk, then encrypting the drive again.
– Ramhound
Feb 9 at 5:08
add a comment |
Unfortunately, the original SSD devices had fairly prohibitive limits on how much change they could endure, and to work around those limits, people worked very hard to distribute writes evenly across the media. As such, it would probably require a specialized utility. I don't know of one off-hand. I don't want this to be the answer so I'm not posting it as an Answer.
– Ed Grimm
Feb 9 at 5:00
2
There isn’t a guaranteed way. Secure Erase doesn’t always work the same across brands. Writing 1’s and 0’s are inefficient on SDDs due to firmware avoidance to use the same cells to many times. The only efficient method is using full disk encryption, losing the key to the encryption by formatting the disk, then encrypting the drive again.
– Ramhound
Feb 9 at 5:08
Unfortunately, the original SSD devices had fairly prohibitive limits on how much change they could endure, and to work around those limits, people worked very hard to distribute writes evenly across the media. As such, it would probably require a specialized utility. I don't know of one off-hand. I don't want this to be the answer so I'm not posting it as an Answer.
– Ed Grimm
Feb 9 at 5:00
Unfortunately, the original SSD devices had fairly prohibitive limits on how much change they could endure, and to work around those limits, people worked very hard to distribute writes evenly across the media. As such, it would probably require a specialized utility. I don't know of one off-hand. I don't want this to be the answer so I'm not posting it as an Answer.
– Ed Grimm
Feb 9 at 5:00
2
2
There isn’t a guaranteed way. Secure Erase doesn’t always work the same across brands. Writing 1’s and 0’s are inefficient on SDDs due to firmware avoidance to use the same cells to many times. The only efficient method is using full disk encryption, losing the key to the encryption by formatting the disk, then encrypting the drive again.
– Ramhound
Feb 9 at 5:08
There isn’t a guaranteed way. Secure Erase doesn’t always work the same across brands. Writing 1’s and 0’s are inefficient on SDDs due to firmware avoidance to use the same cells to many times. The only efficient method is using full disk encryption, losing the key to the encryption by formatting the disk, then encrypting the drive again.
– Ramhound
Feb 9 at 5:08
add a comment |
2 Answers
2
active
oldest
votes
SSDs are different from regular HDDs, primarily because they use different technologies to record data. An HDD is a spinning platter that writes with a moving mechanical arm. An SSD is more akin to a flash memory stick, storing information in cells. To write new data to a cell, the drive must first erase existing data. This makes it harder, if not impossible to fully delete a file once it's written in the SSD.
Secure Erase methods should "theoretically" delete all the data from a drive on the first pass. But as several studies have shown, poorly-implemented or buggy Secure Erase versions can result in lingering data. This data is recoverable. The best method is to complete at least two full Secure Erase processes to ensure that every SSD cell is completely clear.
A group of engineers at the University of California studied how difficult it is to erase data from an SSD. Trying to securely erase a single file left behind anywhere from 4 to 75% of the information. And it’s tough on the drive.
Solution?
What you can do is make sure you encrypt your SSD, and make sure that you’ve got an SSD drive with TRIM capability.
Data in the SSD is constantly moved. This is what makes it so hard to fully delete a once-written file. But... Thankfully the TRIM command is designed to solve such a conundrum by marking blocks of data the drive no longer considers in use to be wiped internally. Simply put, your discarded data will eventually vanish into thin nothing and be irretrievable, but only your drive really knows when that will be.
Always, make sure to use the manufacturer's software.
add a comment |
SSD consists of NAND memory and the controller. Controller speaks SATA protocol and smart enough to spread your data over blocks (search for "wear leveling").
Only controller knows where is your data exactly, so simply writing nulls to the same address would not help.
Instead, you need to ask controller to erase everything. There is a special command in SATA protocol called "Secure Erase" (https://en.wikipedia.org/wiki/Parallel_ATA#HDD_passwords_and_security)
Use your SSD vendor software (like "Magican" for Samsung) to launch this command.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1403762%2fpermanently-deleting-files-on-ssd%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
SSDs are different from regular HDDs, primarily because they use different technologies to record data. An HDD is a spinning platter that writes with a moving mechanical arm. An SSD is more akin to a flash memory stick, storing information in cells. To write new data to a cell, the drive must first erase existing data. This makes it harder, if not impossible to fully delete a file once it's written in the SSD.
Secure Erase methods should "theoretically" delete all the data from a drive on the first pass. But as several studies have shown, poorly-implemented or buggy Secure Erase versions can result in lingering data. This data is recoverable. The best method is to complete at least two full Secure Erase processes to ensure that every SSD cell is completely clear.
A group of engineers at the University of California studied how difficult it is to erase data from an SSD. Trying to securely erase a single file left behind anywhere from 4 to 75% of the information. And it’s tough on the drive.
Solution?
What you can do is make sure you encrypt your SSD, and make sure that you’ve got an SSD drive with TRIM capability.
Data in the SSD is constantly moved. This is what makes it so hard to fully delete a once-written file. But... Thankfully the TRIM command is designed to solve such a conundrum by marking blocks of data the drive no longer considers in use to be wiped internally. Simply put, your discarded data will eventually vanish into thin nothing and be irretrievable, but only your drive really knows when that will be.
Always, make sure to use the manufacturer's software.
add a comment |
SSDs are different from regular HDDs, primarily because they use different technologies to record data. An HDD is a spinning platter that writes with a moving mechanical arm. An SSD is more akin to a flash memory stick, storing information in cells. To write new data to a cell, the drive must first erase existing data. This makes it harder, if not impossible to fully delete a file once it's written in the SSD.
Secure Erase methods should "theoretically" delete all the data from a drive on the first pass. But as several studies have shown, poorly-implemented or buggy Secure Erase versions can result in lingering data. This data is recoverable. The best method is to complete at least two full Secure Erase processes to ensure that every SSD cell is completely clear.
A group of engineers at the University of California studied how difficult it is to erase data from an SSD. Trying to securely erase a single file left behind anywhere from 4 to 75% of the information. And it’s tough on the drive.
Solution?
What you can do is make sure you encrypt your SSD, and make sure that you’ve got an SSD drive with TRIM capability.
Data in the SSD is constantly moved. This is what makes it so hard to fully delete a once-written file. But... Thankfully the TRIM command is designed to solve such a conundrum by marking blocks of data the drive no longer considers in use to be wiped internally. Simply put, your discarded data will eventually vanish into thin nothing and be irretrievable, but only your drive really knows when that will be.
Always, make sure to use the manufacturer's software.
add a comment |
SSDs are different from regular HDDs, primarily because they use different technologies to record data. An HDD is a spinning platter that writes with a moving mechanical arm. An SSD is more akin to a flash memory stick, storing information in cells. To write new data to a cell, the drive must first erase existing data. This makes it harder, if not impossible to fully delete a file once it's written in the SSD.
Secure Erase methods should "theoretically" delete all the data from a drive on the first pass. But as several studies have shown, poorly-implemented or buggy Secure Erase versions can result in lingering data. This data is recoverable. The best method is to complete at least two full Secure Erase processes to ensure that every SSD cell is completely clear.
A group of engineers at the University of California studied how difficult it is to erase data from an SSD. Trying to securely erase a single file left behind anywhere from 4 to 75% of the information. And it’s tough on the drive.
Solution?
What you can do is make sure you encrypt your SSD, and make sure that you’ve got an SSD drive with TRIM capability.
Data in the SSD is constantly moved. This is what makes it so hard to fully delete a once-written file. But... Thankfully the TRIM command is designed to solve such a conundrum by marking blocks of data the drive no longer considers in use to be wiped internally. Simply put, your discarded data will eventually vanish into thin nothing and be irretrievable, but only your drive really knows when that will be.
Always, make sure to use the manufacturer's software.
SSDs are different from regular HDDs, primarily because they use different technologies to record data. An HDD is a spinning platter that writes with a moving mechanical arm. An SSD is more akin to a flash memory stick, storing information in cells. To write new data to a cell, the drive must first erase existing data. This makes it harder, if not impossible to fully delete a file once it's written in the SSD.
Secure Erase methods should "theoretically" delete all the data from a drive on the first pass. But as several studies have shown, poorly-implemented or buggy Secure Erase versions can result in lingering data. This data is recoverable. The best method is to complete at least two full Secure Erase processes to ensure that every SSD cell is completely clear.
A group of engineers at the University of California studied how difficult it is to erase data from an SSD. Trying to securely erase a single file left behind anywhere from 4 to 75% of the information. And it’s tough on the drive.
Solution?
What you can do is make sure you encrypt your SSD, and make sure that you’ve got an SSD drive with TRIM capability.
Data in the SSD is constantly moved. This is what makes it so hard to fully delete a once-written file. But... Thankfully the TRIM command is designed to solve such a conundrum by marking blocks of data the drive no longer considers in use to be wiped internally. Simply put, your discarded data will eventually vanish into thin nothing and be irretrievable, but only your drive really knows when that will be.
Always, make sure to use the manufacturer's software.
answered Feb 9 at 8:22
CashburnerCashburner
413
413
add a comment |
add a comment |
SSD consists of NAND memory and the controller. Controller speaks SATA protocol and smart enough to spread your data over blocks (search for "wear leveling").
Only controller knows where is your data exactly, so simply writing nulls to the same address would not help.
Instead, you need to ask controller to erase everything. There is a special command in SATA protocol called "Secure Erase" (https://en.wikipedia.org/wiki/Parallel_ATA#HDD_passwords_and_security)
Use your SSD vendor software (like "Magican" for Samsung) to launch this command.
add a comment |
SSD consists of NAND memory and the controller. Controller speaks SATA protocol and smart enough to spread your data over blocks (search for "wear leveling").
Only controller knows where is your data exactly, so simply writing nulls to the same address would not help.
Instead, you need to ask controller to erase everything. There is a special command in SATA protocol called "Secure Erase" (https://en.wikipedia.org/wiki/Parallel_ATA#HDD_passwords_and_security)
Use your SSD vendor software (like "Magican" for Samsung) to launch this command.
add a comment |
SSD consists of NAND memory and the controller. Controller speaks SATA protocol and smart enough to spread your data over blocks (search for "wear leveling").
Only controller knows where is your data exactly, so simply writing nulls to the same address would not help.
Instead, you need to ask controller to erase everything. There is a special command in SATA protocol called "Secure Erase" (https://en.wikipedia.org/wiki/Parallel_ATA#HDD_passwords_and_security)
Use your SSD vendor software (like "Magican" for Samsung) to launch this command.
SSD consists of NAND memory and the controller. Controller speaks SATA protocol and smart enough to spread your data over blocks (search for "wear leveling").
Only controller knows where is your data exactly, so simply writing nulls to the same address would not help.
Instead, you need to ask controller to erase everything. There is a special command in SATA protocol called "Secure Erase" (https://en.wikipedia.org/wiki/Parallel_ATA#HDD_passwords_and_security)
Use your SSD vendor software (like "Magican" for Samsung) to launch this command.
answered Feb 9 at 9:42
user996142user996142
1,120715
1,120715
add a comment |
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1403762%2fpermanently-deleting-files-on-ssd%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Unfortunately, the original SSD devices had fairly prohibitive limits on how much change they could endure, and to work around those limits, people worked very hard to distribute writes evenly across the media. As such, it would probably require a specialized utility. I don't know of one off-hand. I don't want this to be the answer so I'm not posting it as an Answer.
– Ed Grimm
Feb 9 at 5:00
2
There isn’t a guaranteed way. Secure Erase doesn’t always work the same across brands. Writing 1’s and 0’s are inefficient on SDDs due to firmware avoidance to use the same cells to many times. The only efficient method is using full disk encryption, losing the key to the encryption by formatting the disk, then encrypting the drive again.
– Ramhound
Feb 9 at 5:08