LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-27-2017, 06:32 PM   #1
DirtyDeeds
LQ Newbie
 
Registered: Apr 2017
Posts: 5

Rep: Reputation: Disabled
secure erase ssd


Hello, why do ssd and hdd drives are securely erased differently? How can I unfrozen a ssd to do the secure erase? Thx
 
Old 04-28-2017, 12:21 PM   #2
Rickkkk
Senior Member
 
Registered: Dec 2014
Location: Montreal, Quebec and Dartmouth, Nova Scotia CANADA
Distribution: Arch
Posts: 1,253

Rep: Reputation: 467Reputation: 467Reputation: 467Reputation: 467Reputation: 467
Hello DirtyDeeds.

I am unsure of your objective. An ssd is simply a storage device based on solid state as opposed to magnetic / moving parts technology. For the most part, an operating system will view and operate on these in the same manner.

Could you please explain the "difference" you are experiencing ?

Thx.
 
Old 04-28-2017, 01:40 PM   #3
michaelk
Moderator
 
Registered: Aug 2002
Posts: 21,620

Rep: Reputation: 4186Reputation: 4186Reputation: 4186Reputation: 4186Reputation: 4186Reputation: 4186Reputation: 4186Reputation: 4186Reputation: 4186Reputation: 4186Reputation: 4186
As stated mechanical hard drives have a magnetic platter where the data is stored. Secure erase typically overwrites the same area several times with 0s,1s and/or random which essentially creates a constant field so data can not be recovered.

In a nutshell SSD uses flash memory which is a special type of Electronic Erasable Programmable Read only Memory (EEPROM). They have a limited number of writes so a special wear leveling program is used so that one cell does not fail out faster. This means that a hard drive secure erase utility can not access all the memory and puts access write cycles on the drive. SSDs have a built in command that resets all memory back to the same state.

What do you mean by frozen SSD? Is it a SSD or just a flash drive? What errors are you seeing? Do you know the drive's manufacture? How old is the drive? It could mean that the drive is worn out or the drive controller has failed.

I've had many flash drives fail and some just become read only and others start having I/O errors and finally become completely inaccessible.
 
1 members found this post helpful.
Old 04-28-2017, 01:43 PM   #4
Rickkkk
Senior Member
 
Registered: Dec 2014
Location: Montreal, Quebec and Dartmouth, Nova Scotia CANADA
Distribution: Arch
Posts: 1,253

Rep: Reputation: 467Reputation: 467Reputation: 467Reputation: 467Reputation: 467
Quote:
Originally Posted by michaelk View Post
... They have a limited number of writes so a special wear leveling program is used so that one cell does not fail out faster. This means that a hard drive secure erase utility can not access all the memory and puts access write cycles on the drive. SSDs have a built in command that resets all memory back to the same state....
Good to know - thx michaelk.
 
Old 04-28-2017, 03:23 PM   #5
jefro
Moderator
 
Registered: Mar 2008
Posts: 20,991

Rep: Reputation: 3406Reputation: 3406Reputation: 3406Reputation: 3406Reputation: 3406Reputation: 3406Reputation: 3406Reputation: 3406Reputation: 3406Reputation: 3406Reputation: 3406
There has been some discussion about ssd's having data saved in areas that the wear leveling has locked out. Not sure there is an easy way to clean that area. You'd have to unlock the ram and then wipe it. Even electronic ram may have residual and if one were to look at crypto level security then they'd be worried about the data in those areas.

The solution would be to physically destroy the drive to secure it.
 
Old 04-28-2017, 04:37 PM   #6
DirtyDeeds
LQ Newbie
 
Registered: Apr 2017
Posts: 5

Original Poster
Rep: Reputation: Disabled
Here is the article I read on secure erase ssd
https://www.unixmen.com/secure-erase-your-ssd/

This will explain the frozen part.
 
Old 04-28-2017, 04:42 PM   #7
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,585

Rep: Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351
Quote:
Originally Posted by DirtyDeeds View Post
Here is the article I read on secure erase ssd
https://www.unixmen.com/secure-erase-your-ssd/

This will explain the frozen part.
It's a bit late for me to go digging but the linked-to article looks like it was written about 10 years ago by somebody who had no idea what they were talking abut then.
The whole "the installer will write zeros and degrade the SSD" is just too moronic for words.
 
Old 04-28-2017, 04:59 PM   #8
DirtyDeeds
LQ Newbie
 
Registered: Apr 2017
Posts: 5

Original Poster
Rep: Reputation: Disabled
I guess I should always look at the date on the article first before doing anything. Perhaps this was for the early generations of ssd drives.

I'm not sure if the newer gen ssd requires these steps.
 
Old 04-28-2017, 06:09 PM   #9
AwesomeMachine
LQ Guru
 
Registered: Jan 2005
Location: USA and Italy
Distribution: Debian testing/sid; OpenSuSE; Fedora; Mint
Posts: 5,513

Rep: Reputation: 1010Reputation: 1010Reputation: 1010Reputation: 1010Reputation: 1010Reputation: 1010Reputation: 1010Reputation: 1010
In the ATA/SATA command set there is a security subset of commands. One of them is SECURITY_ERASE_UNIT. Once the drive receives that command, it begins erasing itself with zeroes. Even if the interface cable is removed from the drive, it will keep erasing itself.

There is also a command called ENHANCED_SECURITY_ERASE_UNIT that writes random characters over the drive. When a drive is frozen, none of the security subset can be changed. But the drive is automatically unfrozen each power cycle.

So, to unfreeze a drive, you hot cycle it. Some machine have freeze built into the BIOS, so drive security commands won't work.

In order to security erase you need a utility. Most SSD manufacturers provide this type of utility, whereas most HDD manufacturers do not. BXDR is a utility for the security subset of ATA commands. But even with it, you still must sometimes hot cycle the drive to unfreeze it.

I think you can also perform security erase with hdparm.
 
Old 04-28-2017, 06:31 PM   #10
DirtyDeeds
LQ Newbie
 
Registered: Apr 2017
Posts: 5

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by AwesomeMachine View Post
So, to unfreeze a drive, you hot cycle it. Some machine have freeze built into the BIOS, so drive security commands won't work.
I found a command that does the unfreezing and I tested it. First, I ran hdparm -I /dev/sda and it was frozen.
Then, I ran pm-suspend and it put my computer in some shutdown state. I press a key on the keyboard to bring it back on.

I did the hdparm again and the ssd was not frozen. So pm-suspend does unfreezes a ssd drive.

I didn't secure erase it yet, as the root filesystem is mounted. I have to use a livedvd to do this.
 
Old 04-28-2017, 06:54 PM   #11
AwesomeMachine
LQ Guru
 
Registered: Jan 2005
Location: USA and Italy
Distribution: Debian testing/sid; OpenSuSE; Fedora; Mint
Posts: 5,513

Rep: Reputation: 1010Reputation: 1010Reputation: 1010Reputation: 1010Reputation: 1010Reputation: 1010Reputation: 1010Reputation: 1010
On your machine the suspend will unfreeze the drive. That may not be true on all machines. But after you unfreeze the drive, before you can run security erase, you have to lock the drive. Unless you have a manufacturer's utility that does everything in one step.
 
Old 04-29-2017, 11:01 AM   #12
Rickkkk
Senior Member
 
Registered: Dec 2014
Location: Montreal, Quebec and Dartmouth, Nova Scotia CANADA
Distribution: Arch
Posts: 1,253

Rep: Reputation: 467Reputation: 467Reputation: 467Reputation: 467Reputation: 467
Just a comment, here ... I've learned a lot from this thread ...

I hadn't the slightest notion of anything to do with frozen or locked SSD drives and very little knowledge concerning secure erase or the real differences between how solid state and magnetic technology handle it.

So ... my apologies to the OP, DirtyDeeds, for my early simplistic post in this thread. To use the old cliché, I didn't know what I didn't know ... ;-) ... Big time. Thanks as well to the rest of the kind members here who had the knowledge and shared it for the OP and the rest of us.

Cheers to all - happy weekend !
 
Old 04-29-2017, 11:07 AM   #13
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,585

Rep: Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351
Quote:
Originally Posted by 273 View Post
It's a bit late for me to go digging but the linked-to article looks like it was written about 10 years ago by somebody who had no idea what they were talking abut then.
The whole "the installer will write zeros and degrade the SSD" is just too moronic for words.
Apologies, I was too quick to criticise here.
I take it the situation being typed about is when the installer is preparing to encrypt a partition on a previously used SSD and attempts to overwrite with 0s. I still believe that it wouldn't cause much wear as the 0s would just be swallowed up by the device firmware but, perhaps, if one did have some sensitive data it may still remain.
However, I've yet to see any indication that anybody but governments and well-funded and very bright individuals are capable of retrieving data from an SSD by bypassing the controller so I think that this is only an issue if your data is worth millions or you're expecting a visit from a government agency who won't find the fact you managed to securely erase your data as suspicious as your happening to download "The Art Of Deception".
 
Old 04-29-2017, 11:15 AM   #14
jamison20000e
Senior Member
 
Registered: Nov 2005
Location: ...uncanny valley... infinity\1975; (randomly born:) Milwaukee, WI, US( + travel,) Earth( I wish,) END BORDER$!◣◢┌∩┐ Fe26-E,e...
Distribution: any GPL that works well on my cheapest; has been KDE or CLI but open... http://goo.gl/NqgqJx &c ;-)
Posts: 4,427
Blog Entries: 3

Rep: Reputation: 1438Reputation: 1438Reputation: 1438Reputation: 1438Reputation: 1438Reputation: 1438Reputation: 1438Reputation: 1438Reputation: 1438Reputation: 1438
https://www.youtube.com/watch?v=KCgCBWmSWw0
 
Old 04-29-2017, 03:40 PM   #15
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 17,426
Blog Entries: 10

Rep: Reputation: 5249Reputation: 5249Reputation: 5249Reputation: 5249Reputation: 5249Reputation: 5249Reputation: 5249Reputation: 5249Reputation: 5249Reputation: 5249Reputation: 5249
Quote:
Originally Posted by jamison20000e View Post
that's the sort of random teenage backyard video that makes us love youtube!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Do you secure erase your SSD before installing a new distro on it dalinuxguy71 General 5 12-06-2015 01:11 PM
[SOLVED] btrfs compressed ssd-secure erase file tsester Linux - Security 7 11-14-2015 01:48 PM
[SOLVED] ssd 'erase block' alignment with gparted qrange Linux - Newbie 2 12-18-2013 12:42 AM
LXer: Secure Erase your SSD LXer Syndicated Linux News 0 07-18-2012 05:00 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 03:43 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration