Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
|
04-27-2017, 06:32 PM
|
#1
|
LQ Newbie
Registered: Apr 2017
Posts: 5
Rep:
|
secure erase ssd
Hello, why do ssd and hdd drives are securely erased differently? How can I unfrozen a ssd to do the secure erase? Thx
|
|
|
04-28-2017, 12:21 PM
|
#2
|
Senior Member
Registered: Dec 2014
Location: Montreal, Quebec and Dartmouth, Nova Scotia CANADA
Distribution: Arch, AntiX, ArtiX
Posts: 1,364
|
Hello DirtyDeeds.
I am unsure of your objective. An ssd is simply a storage device based on solid state as opposed to magnetic / moving parts technology. For the most part, an operating system will view and operate on these in the same manner.
Could you please explain the "difference" you are experiencing ?
Thx.
|
|
|
04-28-2017, 01:40 PM
|
#3
|
Moderator
Registered: Aug 2002
Posts: 26,110
|
As stated mechanical hard drives have a magnetic platter where the data is stored. Secure erase typically overwrites the same area several times with 0s,1s and/or random which essentially creates a constant field so data can not be recovered.
In a nutshell SSD uses flash memory which is a special type of Electronic Erasable Programmable Read only Memory (EEPROM). They have a limited number of writes so a special wear leveling program is used so that one cell does not fail out faster. This means that a hard drive secure erase utility can not access all the memory and puts access write cycles on the drive. SSDs have a built in command that resets all memory back to the same state.
What do you mean by frozen SSD? Is it a SSD or just a flash drive? What errors are you seeing? Do you know the drive's manufacture? How old is the drive? It could mean that the drive is worn out or the drive controller has failed.
I've had many flash drives fail and some just become read only and others start having I/O errors and finally become completely inaccessible.
|
|
1 members found this post helpful.
|
04-28-2017, 01:43 PM
|
#4
|
Senior Member
Registered: Dec 2014
Location: Montreal, Quebec and Dartmouth, Nova Scotia CANADA
Distribution: Arch, AntiX, ArtiX
Posts: 1,364
|
Quote:
Originally Posted by michaelk
... They have a limited number of writes so a special wear leveling program is used so that one cell does not fail out faster. This means that a hard drive secure erase utility can not access all the memory and puts access write cycles on the drive. SSDs have a built in command that resets all memory back to the same state....
|
Good to know - thx michaelk.
|
|
|
04-28-2017, 03:23 PM
|
#5
|
Moderator
Registered: Mar 2008
Posts: 22,105
|
There has been some discussion about ssd's having data saved in areas that the wear leveling has locked out. Not sure there is an easy way to clean that area. You'd have to unlock the ram and then wipe it. Even electronic ram may have residual and if one were to look at crypto level security then they'd be worried about the data in those areas.
The solution would be to physically destroy the drive to secure it.
|
|
|
04-28-2017, 04:42 PM
|
#7
|
LQ Addict
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
|
Quote:
Originally Posted by DirtyDeeds
|
It's a bit late for me to go digging but the linked-to article looks like it was written about 10 years ago by somebody who had no idea what they were talking abut then.
The whole "the installer will write zeros and degrade the SSD" is just too moronic for words.
|
|
|
04-28-2017, 04:59 PM
|
#8
|
LQ Newbie
Registered: Apr 2017
Posts: 5
Original Poster
Rep:
|
I guess I should always look at the date on the article first before doing anything. Perhaps this was for the early generations of ssd drives.
I'm not sure if the newer gen ssd requires these steps.
|
|
|
04-28-2017, 06:09 PM
|
#9
|
LQ Guru
Registered: Jan 2005
Location: USA and Italy
Distribution: Debian testing/sid; OpenSuSE; Fedora; Mint
Posts: 5,524
|
In the ATA/SATA command set there is a security subset of commands. One of them is SECURITY_ERASE_UNIT. Once the drive receives that command, it begins erasing itself with zeroes. Even if the interface cable is removed from the drive, it will keep erasing itself.
There is also a command called ENHANCED_SECURITY_ERASE_UNIT that writes random characters over the drive. When a drive is frozen, none of the security subset can be changed. But the drive is automatically unfrozen each power cycle.
So, to unfreeze a drive, you hot cycle it. Some machine have freeze built into the BIOS, so drive security commands won't work.
In order to security erase you need a utility. Most SSD manufacturers provide this type of utility, whereas most HDD manufacturers do not. BXDR is a utility for the security subset of ATA commands. But even with it, you still must sometimes hot cycle the drive to unfreeze it.
I think you can also perform security erase with hdparm.
|
|
|
04-28-2017, 06:31 PM
|
#10
|
LQ Newbie
Registered: Apr 2017
Posts: 5
Original Poster
Rep:
|
Quote:
Originally Posted by AwesomeMachine
So, to unfreeze a drive, you hot cycle it. Some machine have freeze built into the BIOS, so drive security commands won't work.
|
I found a command that does the unfreezing and I tested it. First, I ran hdparm -I /dev/sda and it was frozen.
Then, I ran pm-suspend and it put my computer in some shutdown state. I press a key on the keyboard to bring it back on.
I did the hdparm again and the ssd was not frozen. So pm-suspend does unfreezes a ssd drive.
I didn't secure erase it yet, as the root filesystem is mounted. I have to use a livedvd to do this.
|
|
|
04-28-2017, 06:54 PM
|
#11
|
LQ Guru
Registered: Jan 2005
Location: USA and Italy
Distribution: Debian testing/sid; OpenSuSE; Fedora; Mint
Posts: 5,524
|
On your machine the suspend will unfreeze the drive. That may not be true on all machines. But after you unfreeze the drive, before you can run security erase, you have to lock the drive. Unless you have a manufacturer's utility that does everything in one step.
|
|
|
04-29-2017, 11:01 AM
|
#12
|
Senior Member
Registered: Dec 2014
Location: Montreal, Quebec and Dartmouth, Nova Scotia CANADA
Distribution: Arch, AntiX, ArtiX
Posts: 1,364
|
Just a comment, here ... I've learned a lot from this thread ...
I hadn't the slightest notion of anything to do with frozen or locked SSD drives and very little knowledge concerning secure erase or the real differences between how solid state and magnetic technology handle it.
So ... my apologies to the OP, DirtyDeeds, for my early simplistic post in this thread. To use the old cliché, I didn't know what I didn't know ... ;-) ... Big time. Thanks as well to the rest of the kind members here who had the knowledge and shared it for the OP and the rest of us.
Cheers to all - happy weekend !
|
|
|
04-29-2017, 11:07 AM
|
#13
|
LQ Addict
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
|
Quote:
Originally Posted by 273
It's a bit late for me to go digging but the linked-to article looks like it was written about 10 years ago by somebody who had no idea what they were talking abut then.
The whole "the installer will write zeros and degrade the SSD" is just too moronic for words.
|
Apologies, I was too quick to criticise here.
I take it the situation being typed about is when the installer is preparing to encrypt a partition on a previously used SSD and attempts to overwrite with 0s. I still believe that it wouldn't cause much wear as the 0s would just be swallowed up by the device firmware but, perhaps, if one did have some sensitive data it may still remain.
However, I've yet to see any indication that anybody but governments and well-funded and very bright individuals are capable of retrieving data from an SSD by bypassing the controller so I think that this is only an issue if your data is worth millions or you're expecting a visit from a government agency who won't find the fact you managed to securely erase your data as suspicious as your happening to download "The Art Of Deception".
|
|
|
04-29-2017, 11:15 AM
|
#14
|
Senior Member
Registered: Nov 2005
Location: ...uncanny valley... infinity\1975; (randomly born:) Milwaukee, WI, US( + travel,) Earth&Mars (I wish,) END BORDER$!◣◢┌∩┐ Fe26-E,e...
Distribution: any GPL that work on freest-HW; has been KDE, CLI, Novena-SBC but open.. http://goo.gl/NqgqJx &c ;-)
Posts: 4,888
|
|
|
|
04-29-2017, 03:40 PM
|
#15
|
LQ Addict
Registered: Dec 2013
Posts: 19,872
|
Quote:
Originally Posted by jamison20000e
|
that's the sort of random teenage backyard video that makes us love youtube!
|
|
|
All times are GMT -5. The time now is 09:48 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|