Page 1 of 2 12 LastLast
Results 1 to 15 of 20

Thread: Fastest way to wipe SSD and HDD?

  1. #1
    Elite Master Razor's Avatar
    Join Date
    21.07.08
    Location
    Bucharest, Romania
    Posts
    1,393
    Activity Longevity
    8/20 18/20
    Today Posts
    0/5 sssss1393

    Fastest way to wipe SSD and HDD?

    Hello,

    How would you wipe a SSD or HDD quickly, without the data being fully recoverable? I know some files will be recovered, and I'm fine with that as long as you cannot recover 100% of the drive.

    Thank you!
    Reply With QuoteReply With Quote
    Thanks

  2. #2
    illusive's Avatar
    Join Date
    24.10.10
    P2P Client
    What ?! That's Private!
    Posts
    319
    Activity Longevity
    2/20 14/20
    Today Posts
    0/5 ssssss319
    Normal quick format would wipe and NOT 100% recoverable. Actually no guarantee at all that any would be recoverable. Non-quick format would be even with less chance of recovering, I guess !!
    Reply With QuoteReply With Quote
    Thanks

  3. Who Said Thanks:

    Master Razor (10.03.17)

  4. #3
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    33,387
    Activity Longevity
    12/20 19/20
    Today Posts
    1/5 ssss33387
    For mechanical HDDs manufactured after 2001, which is essentially any one you find nowadays, the built-in ATA Secure Erase command is all you need. It will wipe everything, including reallocated and hidden sectors, and since it's run by the firmware, it'll be as fast as possible. I use HDAT2 to send it, but if you can't or don't want to hotplug disks to get rid of frozen status, try Parted Magic. Any other Linux distribution that includes hdparm will also work, just make sure you disable power savings and sleep mode everywhere, because you don't want to computer going into standby in the middle of the process.

    But if that's not quick enough for you, I guess you can delete the first 10% of each disk and/or partition.

    For SSDs, things are more complicated. I encourage you to read the attached papers, but here are the key points:
    • Traditional overwriting techniques are ineffective because of how flash memory works.
    • You rely exclusively on a good implementation of the ATA Secure Erase command, but sadly that's delivered by few manufacturers; two particularly egregious cases had the drives reporting success, when only the first few sectors (or none at all) had been erased.
    • Speed is a non-issue when the command does work effectively, it runs in less than a minute on even the highest-capacity drives.
    • The only 100% effective way to sanitize information in any solid-state storage medium is to use full disk encryption from day zero, and discard the key(s) when you need to "erase" it.
    Attached Files Attached Files
    "I've seen the future and I leave it all behind."
    Reply With QuoteReply With Quote
    Thanks

  5. Who Said Thanks:

    Codec (10.03.17) , Lucius (10.03.17) , Master Razor (10.03.17)

  6. #4
    Elite Master Razor's Avatar
    Join Date
    21.07.08
    Location
    Bucharest, Romania
    Posts
    1,393
    Activity Longevity
    8/20 18/20
    Today Posts
    0/5 sssss1393
    The only 100% effective way to sanitize information in any solid-state storage medium is to use full disk encryption from day zero, and discard the key(s) when you need to "erase" it.
    This is good. I'll keep this in mind the next time I buy USB-SSD drives.

    But for now, for an SSD, what would be best? Should I use:
    diskpart
    clean
    format fs=ntfs quick
    or
    diskpart
    clean all
    format fs=ntfs
    Reply With QuoteReply With Quote
    Thanks

  7. #5
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    33,387
    Activity Longevity
    12/20 19/20
    Today Posts
    1/5 ssss33387
    I would run clean all, which is equivalent to zero-filling. The full implications of that are described in the papers, but essentially, it'll stop any adversary that can't disassemble the disk and read the flash chips directly. Under Windows 8 and above, you'll want to run defrag x: /o after recreating the partition, to send the TRIM command and restore writing performance; for Windows 7 and below, there's this.

    Both of your examples are missing create partition primary, by the way. Can't format something that doesn't exist anymore
    "I've seen the future and I leave it all behind."
    Reply With QuoteReply With Quote
    Thanks

  8. Who Said Thanks:

    Lucius (10.03.17) , Master Razor (10.03.17)

  9. #6
    Moderator
    Instab's Avatar
    Join Date
    17.09.09
    Posts
    6,500
    Activity Longevity
    5/20 16/20
    Today Posts
    0/5 sssss6500
    Quote Originally Posted by anon View Post
    The only 100% effective way to sanitize information in any solid-state storage medium is to use full disk encryption
    this is a bad idea because by doing so you completely rely on the quality of whatever encryption you used.
    Your account has been disabled.
    Reply With QuoteReply With Quote
    Thanks

  10. Who Said Thanks:

    Master Razor (10.03.17)

  11. #7
    Elite Master Razor's Avatar
    Join Date
    21.07.08
    Location
    Bucharest, Romania
    Posts
    1,393
    Activity Longevity
    8/20 18/20
    Today Posts
    0/5 sssss1393
    @anon

    Fully automated code.

    Code:
    CLS
    ECHO.
    ECHO =============================
    ECHO Running Admin shell
    ECHO =============================
    
    :checkPrivileges
    NET FILE 1>NUL 2>NUL
    if '%errorlevel%' == '0' ( goto gotPrivileges ) else ( goto getPrivileges )
    
    :getPrivileges
    if '%1'=='ELEV' (shift & goto gotPrivileges)
    ECHO.
    ECHO **************************************
    ECHO Invoking UAC for Privilege Escalation
    ECHO **************************************
    
    setlocal DisableDelayedExpansion
    set "batchPath=%~0"
    setlocal EnableDelayedExpansion
    ECHO Set UAC = CreateObject^("Shell.Application"^) > "%temp%\OEgetPrivileges.vbs"
    ECHO UAC.ShellExecute "!batchPath!", "ELEV", "", "runas", 1 >> "%temp%\OEgetPrivileges.vbs"
    "%temp%\OEgetPrivileges.vbs"
    exit /B
    
    :gotPrivileges
    setlocal & pushd .
    
    
    set "psCommand=powershell -Command "(new-object -COM 'Shell.Application')^
    .BrowseForFolder(0,'Please choose a folder.',0,17).self.path""
    for /f "usebackq delims=" %%s in (`%psCommand%`) do set "SrcDrv=%%s"
    if "%SrcDrv:~3,1%"=="" (set SrcDrv=%SrcDrv:~0,-1%)
    
    (echo select disk %SrcDrv%
    echo clean all
    echo convert mbr
    echo create partition primary
    echo format quick fs=ntfs
    echo exit ) | diskpart.exe
    
    
    defrag %SrcDrv%: /o
    Reply With QuoteReply With Quote
    Thanks

  12. Who Said Thanks:

    anon (11.03.17)

  13. #8
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    33,387
    Activity Longevity
    12/20 19/20
    Today Posts
    1/5 ssss33387
    Quote Originally Posted by Instab View Post
    this is a bad idea because by doing so you completely rely on the quality of whatever encryption you used.
    A strong key, an algorithm with no known vulnerabilities and an audited open-source implementation of it should be assumed whenever encryption is used
    "I've seen the future and I leave it all behind."
    Reply With QuoteReply With Quote
    Thanks

  14. Who Said Thanks:

    Codec (11.03.17)

  15. #9
    Elite Master Razor's Avatar
    Join Date
    21.07.08
    Location
    Bucharest, Romania
    Posts
    1,393
    Activity Longevity
    8/20 18/20
    Today Posts
    0/5 sssss1393
    Quote Originally Posted by anon View Post
    A strong key, an algorithm with no known vulnerabilities and an audited open-source implementation of it should be assumed whenever encryption is used
    And what software would you recommend? I would use TrueCrypt but I'm not so sure anymore.
    Reply With QuoteReply With Quote
    Thanks

  16. #10
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    33,387
    Activity Longevity
    12/20 19/20
    Today Posts
    1/5 ssss33387
    TrueCrypt is okay. Even though its development ended under rather mysterious circumstances, the source code has been audited and confirmed to be safe.

    DiskCryptor is also good. When compared to TrueCrypt, it essentially trades container support for faster decryption speeds.
    "I've seen the future and I leave it all behind."
    Reply With QuoteReply With Quote
    Thanks

  17. #11
    Moderator
    Instab's Avatar
    Join Date
    17.09.09
    Posts
    6,500
    Activity Longevity
    5/20 16/20
    Today Posts
    0/5 sssss6500
    Quote Originally Posted by anon View Post
    A strong key, an algorithm with no known vulnerabilities and an audited open-source implementation of it should be assumed whenever encryption is used
    that's the wrong approach. the crucial part here is that you're preparing for the future i.e. the encryption you apply when you start using the disk is meant to keep you safe at some time in the future when you wanna sell it or something similar. and exactly that's the problem, what's considered safe today can be totally useless in let's say 3 years from now.
    unless you can see the future this method always is a gamble.

    don't get me wrong, for a little more privacy this is good enough but can obviously never be considered 100% (except for clairvoyants )
    Your account has been disabled.
    Reply With QuoteReply With Quote
    Thanks

  18. #12
    Advanced User
    slikrapid's Avatar
    Join Date
    22.06.08
    Location
    astral planes
    P2P Client
    sbi finest
    Posts
    2,511
    Activity Longevity
    8/20 18/20
    Today Posts
    0/5 sssss2511
    Quote Originally Posted by Instab
    this is a bad idea...
    that's the wrong approach...
    how about mentioning what would you consider 'a good idea' or 'a good approach'?

    Quote Originally Posted by Instab
    unless you can see the future this method always is a gamble.
    this applies to any method or approach used, from private to corporate ones of any scale (in this era)

    Quote Originally Posted by Instab
    for a little more privacy this is good enough but can obviously never be considered 100%
    agreed, no materialistic method is 100% sure

    Quote Originally Posted by Instab
    except for clairvoyants
    not even for them as they can only see parts of the future, not the whole, not whatever they may want to see


    Parable of the Two Birds

    Two birds, beautiful of wings, close companions, cling to one common tree: of the two one eats the sweet fruit of that tree; the other eats not but watches his companion. The self is the bird that sits immersed on the common tree; but because he is not lord he is bewildered and has sorrow. But when he sees that other who is the Lord and the beloved, he knows that all is His greatness and his sorrow passes away from him...

    ...@ en.wikipedia.org Paramatman

    Reply With QuoteReply With Quote
    Thanks

  19. #13
    Moderator
    Instab's Avatar
    Join Date
    17.09.09
    Posts
    6,500
    Activity Longevity
    5/20 16/20
    Today Posts
    0/5 sssss6500
    Quote Originally Posted by slikrapid View Post
    how about mentioning what would you consider 'a good idea' or 'a good approach'?
    if it has to remain usable: none. ssds are only really wiped if you burn them.

    this applies to any method or approach used
    not at all, if you wipe a non-ssd before selling for example it it's fine.


    anyway since Master Razor said he'd be fine with having just most of the data wiped using any of the mentioned methods should do the job. i just jumped in to fix the 100% statement
    Your account has been disabled.
    Reply With QuoteReply With Quote
    Thanks

  20. #14
    Advanced User
    slikrapid's Avatar
    Join Date
    22.06.08
    Location
    astral planes
    P2P Client
    sbi finest
    Posts
    2,511
    Activity Longevity
    8/20 18/20
    Today Posts
    0/5 sssss2511
    Quote Originally Posted by Instab
    ssds are only really wiped if you burn them.
    and if the process of burning is successful, and if no method can retrieve such data and if no one can access your memory of the data and if no one can re-materialize the data and if no one already made a backup of that data, and, and,...

    Quote Originally Posted by Instab
    not at all, if you wipe a non-ssd before selling for example it it's fine.
    it may be fine, but you do realize that even a small chance that something may go wrong at any stage of the process is basically a gamble, ie. a 99,9% successful deletion rate leaves that 0,1% open to data retrieval

    in other words, whatever (materialistic) method anyone may suggest, with any level of technological abilities, it still does not guarantee 100% security... ever


    additionally, in the spiritual sense, if your karmic equation points to a failure in security, nothing you do will avoid that failure, on the contrary, whatever you do will lead towards the failure


    Parable of the Two Birds

    Two birds, beautiful of wings, close companions, cling to one common tree: of the two one eats the sweet fruit of that tree; the other eats not but watches his companion. The self is the bird that sits immersed on the common tree; but because he is not lord he is bewildered and has sorrow. But when he sees that other who is the Lord and the beloved, he knows that all is His greatness and his sorrow passes away from him...

    ...@ en.wikipedia.org Paramatman

    Reply With QuoteReply With Quote
    Thanks

  21. #15
    Moderator
    Instab's Avatar
    Join Date
    17.09.09
    Posts
    6,500
    Activity Longevity
    5/20 16/20
    Today Posts
    0/5 sssss6500
    Quote Originally Posted by slikrapid View Post
    and if the process of burning is successful, and if no method can retrieve such data and if no one can access your memory of the data and if no one can re-materialize the data and if no one already made a backup of that data, and, and,...
    --
    additionally, in the spiritual sense, if your karmic equation points to a failure in security, nothing you do will avoid that failure, on the contrary, whatever you do will lead towards the failure
    you might need a vacation
    Your account has been disabled.
    Reply With QuoteReply With Quote
    Thanks

Page 1 of 2 12 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188