Friday, March 27, 2020

How to Securely Erase Your SSD Without Destroying It

ssd-eraser

A solid-state drive (SSD) is one of the best upgrades you can make to your PC. An SSD was once a trade-off between disk space, cost, and the speed boost, but large capacity SSDs are now cheaper than ever.

Like other types of flash memory, you can only write to an SSD so many times, which presents an issue if you want to wipe the solid-state drive clean. Using a regular tool can damage the SSD, reducing its lifespan.

So, how do you securely erase an SSD without damaging the drive?

Does Secure Erase Damage Your SSD?

Generally speaking, you should never have to perform any maintenance on your solid-state drive. SSDs are designed with self-sufficiency in mind, using a series of algorithms and fail-safes that the manufacturer puts in place to maximize drive life and ensure data is discarded correctly.

What Is SSD Wear Levelling?

The first protection comes in the form of wear leveling, designed to evenly distribute stored data between SSD blocks to ensure even wear. Wear leveling is one of the major differences between a regular magnetic hard drive and a solid-state drive.

A traditional hard drive stores files in physical locations on a magnetic platter. The operating system indexes the file locations in a file system and accesses the data using a mechanical arm. Whereas, a solid-state drive is a form of flash memory, like a USB thumb drive—but with a much larger capacity.

Instead of writing to a location on a physical disc, an SSD writes the data to a block. Each write process causes the memory to degrade, or “wear.”

While the SSD uses a file system to communicate data storage locations to the host system, it also re-shuffles the data to ensure even wear across all memory blocks. Changes made for wear leveling record to a separate file map.

In other words, SSDs do not use any physically indexable locations, and software cannot specifically target sectors on the disk. Basically, your computer has no way of telling “where” that information was just copied to.

What Is SSD Trim and Should You Use It?

Your SSD constantly moves data around to comply with wear leveling, ensuring all blocks wear at an even rate. What that does mean, however, is that some common secure file deletion methods don’t work as you would expect. At least, not how they work on a magnetic hard drive.

Solid-state drives use a specific command to keep on top of file deletion, known as TRIM. The TRIM command marks the blocks of data the SSD is no longer using, ready for wiping internally. In basic terms, this means when you delete a file in your operating system, the TRIM command wipes the space and makes it available for use.

The next time your operating system attempts to write something to that space, it can do so immediately. Simply put, your SSD manages your discarded data.

The difference in how an SSD handles data deletion and the use of wear levelling is why regular secure drive wiping programs are not recommended for an SSD. You will eventually write 1s and 0s to the drive, but it will cause a significant amount of wear to the drive memory in the process.

Because the drive writes all new incoming data to various blocks, depending on its needs, only the drive knows where this data is written. So, secure deletion tools actually harm SSDs by performing an unnecessary number of additional writes.

For a much more detailed look at TRIM and garbage collection, you should read our article on the usefulness of TRIM on modern SSDs.

How to Securely Erase an SSD

Right now, you’re probably thinking, “How do I securely wipe my SSD, then?” Thankfully, it is still possible to securely wipe your SSD using software, and without damaging the drive. The difference is that instead of securely wiping all data from the drive, an SSD “resets” to a clean memory state (not factory, which implies there is no drive wear!).

The “ATA Secure Erase” command instructs the drive to flush all stored electrons, a process that forces the drive to “forget” all stored data. The command resets all available blocks to the “erase” state (which is also the state the TRIM command uses for file deletion and block recycling purposes).

Importantly, the ATA Secure Erase command does not write anything to the SSD, unlike a traditional secure wipe tool. Instead, the command causes the SSD to apply a voltage spike to all available flash memory blocks in unison. The process resets every available block of space in a single operation, and the SSD is “clean.”

Using the ATA Secure Erase command does use a whole program-erase cycle for your SSD. So yes, it does cause a small amount of wear, but it is negligible in comparison to a traditional secure wipe tool.

Secure Erase Your SSD Using a Manufacturer Tool

Most manufacturers supply software to use with their SSD. The software usually includes a firmware update tool and secure erase tool, and perhaps a drive cloning option. While it’s impossible for MakeUseOf to check the software of every manufacturer, you can find a list of tools for the major SSD manufacturers below.

The SSD manufacturer’s management app is the first place to check for a secure erase tool. However, some manufacturers do not include the ATA Secure Erase command as an option. Furthermore, in some cases, your SSD model may not support the command. If that is the case with your SSD, move onto the next section.

Secure Erase Your SSD Using Parted Magic

Although the SSD manufacturer tool may come with a secure erase tool, many experts advise using Parted Magic instead. Indeed, Parted Magic features as an essential tool to keep in your PC repair USB toolkit.

Parted Magic is a whole Linux distribution featuring all manner of disk erasing and partition managing tools. The tool does cost $11, but you have access to the suite forever, whenever you need it.

Parted Magic is a bootable Linux environment, meaning you install it to a USB drive and boot from there. Here’s a quick list of exactly what you need to do:

  1. Download Parted Magic and create a mountable USB drive using Unetbootin.
  2. Boot the drive and choose option 1, Default Settings.
  3. Once booted head to Start (bottom-left) > System Tools > Erase Disk.
  4. Choose the Internal:Secure Erase command writes zeroes to entire data area option, then confirm the drive you want to erase on the next screen.
  5. If you are told the drive is “frozen,” you will need to click the Sleep button and repeat this process until you can proceed further. If your drive indicates a password requirement, leave the password as “NULL.”
  6. Confirm that you have read and understood the risks, then hit Yes to erase your drive.

Secure Erase Your SSD Using PSID Revert

There is a third method to erase your SSD securely. The Physical Security ID (PSID) revert effectively cryptographically erases the content of your SSD, then resets it to the erase state. However, this method only works if you cannot securely erase the drive due to full disk encryption.

samsung ssd with psid

A PSID Revert wipes the entire drive. This process also works if the drive is hardware encrypted but not encrypted using third-party software. Find out if your drive supports PSID Revert by completing an internet search for “[your drive name] PSID Revert.”

Securely Erasing an SSD for Mac Users

Attempting to boot Parted Magic on a Mac can cause some issues. The issues relate to the method you use to create the Parted Magic bootable USB drive. Some burning programs work fine, while other options never seem to work.

A forum post on the Apple Stack Exchange provides details on how to boot Parted Magic on a Mac, with some handy pictures, too. You should also check out our guide on how to create a bootable USB for a Mac—but remember, your mileage may vary!

Other forum posts advise that if you experience issues with your Mac SSD and it is still under warranty, you should let Apple take a look.

You Can Wipe Your SSD Clean

Wiping an SSD clean requires different tools to a regular hard drive. Now you know the options, you can securely erase your SSD before selling or donating it. Manufacturer secure erase options are handy, but the Parted Magic secure erase option is best.

Remember, if you’re not selling or donating the drive and just want to destroy the data, you can always smash it up with a giant hammer. Of course, this will obliterate your data, as well as the drive itself. But you will securely erase your data in the process.

There are other reasons for erasing your SSD, of course. Check out the most common warning signs that your SSD is about to break down and fail!

Read the full article: How to Securely Erase Your SSD Without Destroying It



from MakeUseOf https://ift.tt/2ULn6Nr

No comments:

Post a Comment