Solved: Re: Disk sanitize vs zeoring for SSD

DANIELLINDH · ‎2018-02-09

Hi, when throwing old SSDs in the bin, would you say zeroing would be enough or would you have to go with sanitize? I read some article (could not find it now) that with zeroing data could still be retrived. Is that true or just a theroretical possibility?

Kind Regards

Daniel

AlexDawson · ‎2018-02-11

Hi Daniel,

All SSDs include a layer that translates storage packet operations from the actual flash chips - this is called the Flash Translation Layer - FTL. This layer is responsible for wear leveling, and other operations such as compression, encryption and bad block/cell remapping. Many SSDs now encrypt and compress by default.

When there is a stream of zeros written to disk, it may be compressed, and/or the zeros may not overwrite all of the cells in the SSD, meaning some data may remain. There exist tools to take individual flash chips and read out the data.

To handle this risk, our SSDs (and many others) include support for a sanitize command, which instructs the SSD to ensure the data is gone by wiping all of the cells.

So in answer to your question - it is the responsibility of each user/admin to understand the risks and make decisions accordingly. I personally would sanitize the drives.

View solution in original post

AlexDawson · ‎2018-02-11

Hi Daniel,

All SSDs include a layer that translates storage packet operations from the actual flash chips - this is called the Flash Translation Layer - FTL. This layer is responsible for wear leveling, and other operations such as compression, encryption and bad block/cell remapping. Many SSDs now encrypt and compress by default.

When there is a stream of zeros written to disk, it may be compressed, and/or the zeros may not overwrite all of the cells in the SSD, meaning some data may remain. There exist tools to take individual flash chips and read out the data.

To handle this risk, our SSDs (and many others) include support for a sanitize command, which instructs the SSD to ensure the data is gone by wiping all of the cells.

So in answer to your question - it is the responsibility of each user/admin to understand the risks and make decisions accordingly. I personally would sanitize the drives.