Do secure erase technologies available on different types of media set a status or verification flag?
Is there a industry standard to verify when a drive has gone through the process?
1
-
No, to these questions AFAIK.– Joep van SteenCommented Sep 26, 2023 at 21:43
Add a comment
|
2 Answers
First question: YES and NO
- Depending on the specifications of your device (whether it has an SSD or HDD), you may have access to different erase methods (or sanitization methods). These methods can include write verification, multiple passes, and even the application of specific patterns (such as all 00s) during the final pass. An example of a sanitization method is DoD 5220.22-M and its variants. For more information on some of these sanitization methods, you can refer to: https://www.lifewire.com/data-sanitization-methods-2626133.
- Using a method that appends a distinctive pattern (such as 00 or any other chosen pattern) during the final pass is highly advantageous when desiring additional "manual" confirmation of the successful completion of secure erase (SE) process. This could be easy done via command line ( assuming a Linux shell and a SATA disk):
dd if=/dev/sda bs=1M | tr -d '\0' | read -r -d '' && echo "Disk contains non-zero data" || echo "Disk only contains zeros"
Second question: MORE or LESS (ahah sorry for that^^)
No "industry standards", but rather a NIST "guideline" (which could potentially become a standard if mandated by your specific industry). Please refer to the NIST publication at this link: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-88r1.pdf
On page 20 (of NIST SP 800-88r1 document),you will find the guideline concerning the "verification of sanitization results" which explains the principles and requirements of erasure verification. This requirement can be easily satisfied by utilizing a known simple pattern for verification (refer to point 2).
However, it is worth noting the presence of CE (cryptographic erasure), another erasure technique that proves highly effective for modern SSDs featuring internal encryption mechanisms. However, it is important to consider the pros and cons of CE, as its suitability may not be readily apparent in certain cases (e.g critical industries and cybersecurity concerns), as extensively explained in the NIST SP 800-88r1 guidelines.
Hope it helps.
-
You don't want to be wiping SSDs by writing a lot of data to them. If they're encrypted, all that's needed is to remove the encryption keys. The DoD methods apply to HDDs.– TetsujinCommented Sep 27, 2023 at 8:09
-
hi Tetsujin. I understand your point, but your comment is wrong and off topic (i'm saying it friendly). The question was EXPLICITELY related to the "secure erase" functionality. Moreover, a lot of SSD secure erase functionalities do actually implements DoD methods (in SSD). Commented Sep 27, 2023 at 12:29
-
Your first link is entirely about HDDs. your second link won't open. Aside from the pointless waste of write cycles, a regular 'overwrite' strategy won't touch the overprovisioning on an SSD. Really, all you need to do is wipe the encryption keys & the data is gone forever.– TetsujinCommented Sep 27, 2023 at 13:27
-
I shared the first link because it gives good details about sanitization methods and their principles. Second link is working in my side...weird (in all case it is easy to google for the NIST SP-800-88r1. The concept you are talking about is the CE (cryptographic Erase), and is not the subject of this question here. CE and SE are available on both SSD and HDD (depending of specs), because it is devices firmware callable ATA functions (when implemented). Moreover, if you read the NIST spec (again), you would see that choosing between CE and SE method is not as obvious as you believe. Commented Sep 27, 2023 at 15:38
-
There are pro and cons using CE methods. Moreover, BoB R seems to be interested by the industrial "constraints" involving risks scenarios slightly different than a student in his garage. Thus, making the CE method not 100% safe and even less safer than SE (yes yes, it is explicitely written in the NIST document). In an other side i agree with you that SE may have much more impact on SSD life and health. Commented Sep 27, 2023 at 15:50
NVMe base spec does define a field in the Sanitize Status Log which indicates whether the drive has ever been sanitized. Look for SSTAT in the spec file which is publicly available.
With that said, the Sanitize command is just one of the commands defined in the spec that can be used to wipe a drive. Another example would be the Format NVM command, in which a Secure Erase Settings (SES) field is defined for the user to request a desired Secure Erase operation. The SSTAT field is most likely not changed if the drive was wiped with this command instead, regardless of the value set in the SES field. (Btw, I am not so sure in most consumer grade drive, value of the SES field actually makes a difference behind the scene.)
The Sanitize feaure set introduced in more recent ATA/ACS spec also seem to have a field in its command output to indicate whether a sanitize operation has been completed without error (i.e., it is not clearly defined whether a new drive should have the bit set).
