doing a quick reformat the same as secure erase on a ssd?

[Xodus01]

I think I remember seeing an article somewhere ( maybe on this site) that said doing a quick reformat is the same as booting into DOS and doing a secure erase. I was just wondering if that was correct. Thanks.

 

[Russwinters]

Nope, just like with HDD

Quick format only wiped MBR


Regular format wipes MBR + does CHKDSK (only reason why it takes longer)


Secure erase will write 00s to the entire disk, actually removing all the data.

 

[Nothinman]

Russwinters is right except for that the MBR isn't touched, just the filesystem. In the case of FAT it just erases the File Allocation Table and for NTFS it just erases the MFT. The file data itself is untouched.

 

[RebateMonger]

Wouldn't a "Full" format in Vista or Win7 write zeroes across the disk like it does with spindled drives?

 

[Russwinters]

As far as I know no version of windows actually does a REAL Format.

Even vista and 7


and i apologize for my mistake, it is the File allocation tables for FAT and the MFT for NTFS.



Regards,

 

[blackangst1]

Its my understanding once files are deleted by the SSD controller, they are gone and unrecoverable. As we know, flash memory is very different from platter storage.

From Gizmodo:

morcheeba
Wed, 10 Mar 2010 20:19:00
Your verification strategy for flash memory is flawed. Sure, the data may not be visible from the computer's side, but it may still reside on the memory chip. Flash controllers perform wear-leveling, and, just like deleting files, you could have some sectors marked by the controller as "deleted" but not really erased yet.

So, I did a test (with recovery expert Scott Moulton) on some USB flash drives a few years ago -- we erased the drives & found that our secret files were no longer contained on the flash chips (I desoldered them and read them at the lowest level)... so those memory sticks were safe.

But, with the more-sophisticated algorithms in SSDs, this is a test that needs to be run again (it may have; I didn't check).

The shredder is still the best option for flash. You could probably still read the data from memory chip shards (very expensive), so I'd recommend either grinding in to a fine dust (a.l.a. will it blend), or scattering the debris over a wide area/number of trash cans.

(credentials: I reverse-engineered devices for fun by desoldering the flash chips and reading areas that weren't accessible via usb)

And here's another page on the topic: http://www.computerworld.com/s/arti...s_offer_fast_erase_features?intsrc=hm_ts_head

A few excerpts:

the system's manufacturers simply took advantage of a key property of the flash memory chips that make up solid-state disks: Data can be erased much more quickly and thoroughly than it can with a magnetic, spinning hard disk. Solid-state disks, or SSDs, don't require six or seven passes to erase all traces of the bits on every track and sector. Once the bits have been reset in every flash memory cell, that data is gone forever, although meeting the most stringent government disk-sanitization requirements may still involve two or more passes.
The process is quick and efficient. "You're talking about seconds," says Gary Drossel, vice president of marketing at SiliconSystems Inc., a manufacturer of SSDs used in government systems. With a typical hard disk, just the process of getting every block on a drive of that size to spin under the read/write head would take almost an hour and a half, and the entire process could take three to four hours on a fast eSATA drive, according to experts at Texas Memory Systems Inc. and Kroll Ontrack Inc.

"With NAND [flash], you're storing a full amount of electrons on a floating gate, so there's no real way of telling what the value of that transistor used to be. Once you fully erase the drive, there is no ability to recreate the data," says Drossel.

But, there isnt alot of anything except speculation at this point, as evidenced by this comment in the same article:

But every flash chip must be destroyed, and existing shredders may not be up to the job. "Shredders for disk drives might not be adequate for SSDs because the chips are so much smaller [than disk drive platters]," says Bowen. SSDs have arrays of tiny flash chips -- anywhere from eight to 30 per device. Any that are missed by the shredder would still be readable by data-recovery specialists such as Barry.

There's quite a bit of talk about this over on Wilder's boards, and so far the concensus is...once the SSD drive actually erases, or electronically blanks cells, its unrecoverable.

 

[taltamir]

Wouldn't a "Full" format in Vista or Win7 write zeroes across the disk like it does with spindled drives?

no it would not.
if a full / quick format from windows would have done the trick, nobody would be booting into dos with obscure programs to do it.
Russwinters is right except for the thing which Nothinman corrected him about.

Its my understanding once files are deleted by the SSD controller, they are gone and unrecoverable. As we know, flash memory is very different from platter storage.

this kind of deletion only occurs on trim, on overwrite, or if you write zeroes (actually, in SSDs its better to write all ones; and if you use the dos tool that is what it does).
with a platter drive, once you write zeroes (or ones) or do an overwrite the data is also gone forever... platter drives don't have trim though. Everyone who has trim on has the data gone forever as soon as it is deleted. This is actually a good thing... I like that emptying the trash actually permanently deletes the data without me having to get a special 3rd party tool to write 0s all over it.

 

[hanspeter]

It has been said a couple of times in here. Beginning with Vista, a full format writes zeroes all over.

 

[drizek]

AFAIK, it writes 1s all over

 

[taltamir]

interesting...
http://support.microsoft.com/kb/941961

apparently it does.
this is a problem because to erase an SSD you need to write 1s all over it, not 0.

do note that writing 0s or 1s is not enough for an SSD, you must inform it to purge the enteries from the table it uses to resolve physical space and actual space (due to wear leveling).

 

[RebateMonger]

AFAIK, it writes 1s all over

http://support.microsoft.com/kb/941961

"The format command behavior has changed in Windows Vista. By default in Windows Vista, the format command writes zeros to the whole disk when a full format is performed."

It wouldn't think it'd make any difference if it wrote zeros or ones. Apparently SSDs have something called "Mark as Empty". But is that the same thing as a string of zeros? In the PC world, those usually have two different meanings. A string of zeros isn't normally the same thing as an empty field. But I know little about SSDs.

A "Full" format would presumably keep writing until the disk (or partiton, at least) says there's no more space available. At that point, I'd think it would get everything with zeros except for areas that the SSD says are no longer usable.

 

[drizek]

well, afaik, "empty" on an SSD is a 1. So when WIndows writes a bunch of 0s, it is actually writing a bunch of 1s.