[Freedombox-discuss] Secure erasure of flash drives - NOT!

John Gilmore gnu at toad.com
Tue Apr 19 17:14:47 UTC 2011

> Could you provide a link to this study?  I believe some SSD devices do
> offer the ATA Secure Erase command these days.  It would be good to have
> a pointer to a concrete demonstration that this is unreliable, if that's
> the case.

Sure!  Best source was a talk at the 2010 USENIX FAST (File and
Storage Technologies) conference.  From this link you can get the
abstract, full paper, and the video of their presentation:


Here are the slides for the presentation:


They tried 14 different popular ways to securely erase individual
files.  All failed, leaving large parts of the data accessible in the
flash chips!

Some SSD drives supported the whole-drive secure erase command; some
didn't; and some that did were buggy and didn't actually erase
everything.  One that didn't support it, claimed support but was
a no-op!

The problem is much worse on USB flash drives, because there isn't
even a Secure Erase command defined to erase the entire drive.  (Let
alone any command to securely erase a portion of the drive, such as a
single file.)

Here's contact info for the professor involved:

  Dr. Steven Swanson  <swanson at cs.ucsd.edu>
  Assistant Professor
  Computer Science & Engineering
  University of California, San Diego
  9500 Gilman Drive #0404
  La Jolla CA 92093-0404

	John Gilmore

More information about the Freedombox-discuss mailing list