SSD Data Sanitation in Linux

Previously I talked about data sanitation on magnetic media (see my DoD tutorial). Now I want to explore the same topic, only with solid state drives. Data sanitation for SSDs is very different from data sanitation for HDDs – it is both easier and harder. Easier because there’s no residual data left over – once a solid state transistor is flipped, it’s flipped entirely; there’s no residue left over from the previous value as there is when using a magnetic head.

At the same time it’s harder because wear-leveling on an SSD means you can’t directly overwrite a region of the drive and expect it to work; chances are you’ll end up overwriting a completely different region because that’s how SSDs do things. They have to level the wearing by writing new data to a new region of the drive, and doing this in a rotating fashion, in order to extend the life of the drive. The unfortunate side effect of this is that you can’t securely erase single files in a reliable manner. If you want to securely erase data on an SSD, you have to erase the entire thing.

This is really all you need to know to understand the method I’m about to give you. 1. You don’t need multiple overwrites, and 2. Wear-leveling means an SSD is erased in a circular fashion. Let’s say we have an SD card with data that we’re no longer using, and we want to repurpose it for something else. What we’re going to do is simply overwrite the entire thing with zeros. This method works because even though we may not be writing the zeros to the correct place if we only overwrite part of the drive, if the number of zeros we write is exactly equal to the size of the drive in bits, anything we miss will be overwritten later when we wrap around. The ultimate effect of this is complete sanitation of the entire SSD.

First we open up the Linux terminal and find the device location for the SSD. We can usually tell which one it is by examining its size (with df), its mount point (with mount), and the number of partitions on it or the type of those partitions (with fdisk). Typically we don’t have to do this though, because the identity of the drive will be apparent from our particular use case.


$ ls /dev
console   random    sda2      sr0       urandom
full      sda       sdb       tty       zero
null      sda1      sdb1      ttyS0

That’s just a sample listing of the /dev directory in Linux, though a real one would most likely have a lot more in it. In any case, here we see the device files corresponding to our mass storage drives – these will typically be called sdxX where x is a letter that indicates the physical medium and X is a number that indicates the partition. sda almost always refers to the hard drive, and here we can see it has two partitions. sdb is our SD card, and we can verify this by running df -H and looking at the size of /dev/sdb1.

Now that we know what device file we want to erase, there’s one more file we need, and that file is also in the /dev directory. It’s /dev/zero. /dev/zero is a character special file that just spits out an endless stream of zero bytes when we read from it. This means that when we copy its contents to a file, it will zero out that file. But we can’t just use a regular copy like cp. We’re trying to copy the data in the file, not the file itself. This doesn’t make much of a difference when we’re copying regular files, but it makes a huge difference when we’re doing I/O with special files. For this we need to use a binary copy, and to accomplish that there is a very nifty command called dd.


$ dd if=/dev/zero of=/dev/sdb

There are quite a few options available for dd, and you can find them all in the man page, but for now the only two you need to know about are if and of. if designates the input file – the source of the data stream – while of designates the output file – the destination for the data stream.

Once you have entered this command, it will take several minutes to a few hours to run, depending on the size of the SSD being sanitized. Afterward it will display a message that looks something like this:


8388608+0 records in
8388608+0 records out
34359738368 bytes transferred in 25.589 mins (23430926 bytes/sec
$

You can now verify that the SSD was properly erased by typing the following command at the terminal:


$ hexdump /dev/sdb | less

If you see an output like this…


00000000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
*
80000000
END

…That means all bits on the drive have been successfully cleared.

Just remember that because this drive is completely erased, you will have to rebuild the partition table and all the partitions from scratch, either with fdisk or some other program.

3 thoughts on “SSD Data Sanitation in Linux

    1. Isn’t that filesystem-level encryption? I’m not sure how that would work for an external SSD that doesn’t house your main filesystem. In any case, yes, encryption is an option (in fact the built-in secure erase functions found on a lot of SSDs work by changing encryption keys). I don’t completely trust it though because it can still be broken either through side channel attacks, or if the cipher itself ever gets broken. I always zero out my SSDs when I repurpose them. That makes sure the old data is completely gone. I guess I’m somewhat of a perfectionist.

      Like

      1. No, it’s not. 2 Layers of Full-Disc-Encryption on the same device above each other. If one fails, the other still keeps you safe.

        Naja, you have to start with a fully encrypted device, before you put any data on it. If it gets stolen, lost or sold is than the same scenario. If you trust your encryption key/pass , you will sleep well 🙂

        Liked by 1 person

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s