Wednesday, February 23, 2011

Problems to erase data from a DSS

Researchers at the University of California San Diego published a study explaining the methods used to erase data on a hard drive does not work on SSD. On magnetic media that we all know, put a paper in the trash and then empty it does not mean that data is lost forever. The system simply changes the allocation table and releases the occupied blocks still contain the information, until they have been rewritten.

There are better ways to erase their files so that it is not recoverable. This is mainly useful for businesses and individuals wishing to protect their confidential data. The problem raised by researchers is that the methods used to secure erase hard drives do not work on the SSD. The most obvious example is on Mac OS X.

Go through the command "Empty Trash in safe mode" still allows to recover 67% of supposedly erased data from flash memory. The problem is that operating systems do not distinguish between the functioning of SSD and hard drives while they are two very different technologies. Roughly, the Flash media controllers have a system reflecting the orders received to make them compatible with the structure (or FTL Flash Translation Layer).

For more information on the operation of the SSD, we invite you to read or reread our file SSDs, the end of hard drives and more particularly the chapter "The NAND flash and the organization blocks. Unlike a hard disk, data from a DSS are constantly moving. This is because the organization of data grouped in blocks per page.

However, when the operating system request to make a secure erase, which usually involves writing a random data block on the location information that you want to erase, rewrite the FTL is going on the last block where find the file. However, there are great chances that the information has been written on other blocks still contain the data.

In practice, information retrieval, open access to the SSD and the Flash chip. The scope of the problem remains very limited. Nevertheless, it shows that software vendors have not adapted to new formats and can provide false hope to professionals who rely on these technologies. The researchers also analyzed the secure deletion of data by several methods.

The results are encouraging, but in fact, any protocol could not completely erase data on an SSD.

No comments:

Post a Comment