• 6

A PHP Error was encountered

Severity: Notice

Message: Undefined index: userid

Filename: views/question.php

Line Number: 191


File: /home/prodcxja/public_html/questions/application/views/question.php
Line: 191
Function: _error_handler

File: /home/prodcxja/public_html/questions/application/controllers/Questions.php
Line: 433
Function: view

File: /home/prodcxja/public_html/questions/index.php
Line: 315
Function: require_once

name Punditsdkoslkdosdkoskdo

dd vs. secure-erase for reconditiong SSDs

Does writing zeros to an entire ssd (dd if=/dev/zero of/dev/sdX) give the same performance restoring effect that you get from a "secure erase", or does secure erase do something else as well?

==EDIT== To clarify slightly; I don't care about securely destroying the data, I just want to take this drive (which has had a lot of filling/deleting done on it) and restore the SSD performance loss that occurs over time.

If I recall correctly, I'm not sure you can do that to securely erase it. The controller electronics that take instruction from the OS internally implement routines for properly wearing the SSD cells evenly; they have a finite write/read cycle, and if you keep writing them over and over they "die", and so the internal system distributes write instructions to prevent issues with the drive. Your best bet would be to write data to completely then erase the file(s) and do it over again. You'd then shorten its life in the process, and even then there may be space that isn't overwritten in the process as I believe there may be some excess space saved for other data and/or backup space for found bad cells.

If you have security requirements for eliminating data on old storage media, you may not want to use SSD's or you might want to look into something more old fashioned, like shotguns or metal shredders.

If you want to restore performance, you need the drive to support TRIM; most manufacturers are coming out with utilities for their own drives that will refresh the drive. As time goes on operating systems are coming with TRIM support built in.

In a few years you probably won't have to do anything to maintain the drives. It's much like defragmenting a drive. OS X already defragments files that are less than 20 meg. Most Linux filesystems are pretty good at keeping fragmentation down. It seems NTFS still has issues with it, but I think at some point it'll be reduced as the file-within-a-file concept gets more popular in Windows (think ISO images and VM drives).

So to answer the question...zeroing out the drive will not restore performance the way TRIM support and manufacturer utilities will.

  • 8
Reply Report

Despite the fact that Secure Erase is functionally a single pass process, it differs in many ways from writing a single pass overwrite as an externally executed process. let's consider the following, SE is initiated as an internal process controlled by the device resident controller. The fact that it is initiated as an internal process affords SE the ability to benefit from privileged device controls. These would include the ability to, when properly executed in a favorable environment, to process the Host Protected Area (the system partition usually reserved for OS images), and system files, the G-List, and elimination of the Device Control overlay (the table that defines a virtual device geometry to the host). Essentially, SE has the ability to process all writable data storage regions of the media surface, a feat that no Externally controlled process is capable of under any circumstance on ATA devices (due to controller media region access restrictions), this includes SSD devices as well as magnetic storage devices.

If you are interested in a detailed guide on The Best Practices for the Destruction of Digital Data, I am happy to provide a free personal use copy of the guide authored by myself and Gordon Hughes of the Center for Magnetic Recording Research at the UCSD just for asking. Please go to http://www.cicadasecurity.com.guide.html to access the request form for the guide.

Oh... almost forgot... to regain performance loss caused by wear leveling on SSD's Secure Erase is the answer. externally executed overwrite of the entire drive will be handled as a regular write cycle and will be subject to wear leveling.. Go with SE... for more information on SSD performance and how to regain performance go to Anand LaShimpi's site at anandtech dot com and search for paper 2738 titled 'The SSD Anthology: Understanding SSDs and New Drives from OCZ' for his excellent discussion of SSD performance.

  • 4
Reply Report

No, it seems not to: according to here, secure erase also resets the drive and marks all blocks as available. Now zeroing can and does clearly not mark a block as available, because it is filled with data, albeit zeroes.

The link also relinks to some tool for that.

  • 1
Reply Report

If You have any security concerns, I would just zero the drive once completely because AFAIK every flash cell can only hold one state and if You zero it, You determine the last state. Then I would use the secure erase tool for performance reclaim.

Shouldn't be a noticeable hit on the drive lifetime, because every cell should only be used one time in each step and you have thousands of write cycles.

(I wrote another answer because i wanted to keep the answer to the question and further suggestions apart for easier peruse.)

  • 0
Reply Report
      • 1
    • This belongs as a comment, not a separate answer since it it not actually an answer to a question.
    • When you write to an ssd you do not write directly to a block so you can not do this. That is why secure erase tools exist for them.
      • 2
    • because of wearing on the drive. The cells have a finite r/w life. Electronics in the drive take instructions and lie back to the controller about how/where data is written and then turns around to place data where it is optimal to evenly distribute data on the drive cells, keeping them from prematurely erroring out and becoming useless. Essentially it's a black box that you as a user can't control how data storage is implemented inside the drive, and attempting to "zero" the data like a normal media will ruin the drive more quickly.
      • 2
    • Guys, thanks but the device will have at least 10000 write cycles. I don't think that 2 or 3 write cycles will leave considerable wear compared to real use. Get real. Also this is an add on besides secure erase. Had You guys read my comment thoroughly,You would have understood that I suggested completely filling the drive.I didn't write about blocks because they can't be adressed.But If the drive gets completely filled with zeroes one time,every block except wear leveling blocks gets zeroed.Then You need a second pass and this time the spare blocks will be zeroed because of the wear leveling

Trending Tags