Because of wear management and the way flash storage works, overwriting disks is even more useless for wiping data than it was on hard drives. Even on spinning rust there were plenty of files in relocated sectors, but on SSDs you get relocation behaviour and copied files without any actual damage to the disk.
You can overwrite a file on your SSD with random numbers supposedly filling the entire file’s space, but under the hood the SSD could be like “erasing this block would wear down the disk too much, let’s just copy the block some place else and map the data offset to this new set of cells”. Modern SSDs also have extra storage capacity so that wear leveling can be done without reducing your storage space in the process, and cells the SSD deems to be too unstable will be copied and unmapped. Their data will still be there, but it won’t be accessible to the computer, even if you overwrite the entire drive.
If you want to erase data, physically destroy the disk. If you want to prevent having to erase data, encrypt it (it’s on by default in Windows, Mac, and most Linux distros) so you only need to destroy the encryption key to make the data unreadable.
You can’t fill the drive. The drive decides when to use its buffered free storage blocks. It’s at the hardware level and only the Secure Erase command will clear it.
a) why the fuck would they go to that effort for a filthy commoner like yourself, and b) what are the chances that 0.01% of recoverable data contains anything useful!?!
Nobody is gonna bother doing advanced forensics on 2nd hand storage, digging into megabytes of reallocated sectors on the off chance they to find something financially exploitable. That’s a level of paranoia no data supports.
My example applies to storage devices which don’t default to encryption (most non-OS external storage). It’s analogous to changing your existing encrypted disks password to a random-ass unrecoverable throwaway.
Because of wear management and the way flash storage works, overwriting disks is even more useless for wiping data than it was on hard drives. Even on spinning rust there were plenty of files in relocated sectors, but on SSDs you get relocation behaviour and copied files without any actual damage to the disk.
You can overwrite a file on your SSD with random numbers supposedly filling the entire file’s space, but under the hood the SSD could be like “erasing this block would wear down the disk too much, let’s just copy the block some place else and map the data offset to this new set of cells”. Modern SSDs also have extra storage capacity so that wear leveling can be done without reducing your storage space in the process, and cells the SSD deems to be too unstable will be copied and unmapped. Their data will still be there, but it won’t be accessible to the computer, even if you overwrite the entire drive.
If you want to erase data, physically destroy the disk. If you want to prevent having to erase data, encrypt it (it’s on by default in Windows, Mac, and most Linux distros) so you only need to destroy the encryption key to make the data unreadable.
If you want to keep/sell the drive…
Is that the best strategy? Or is anything outside of 2 and 3 redundant?
You can’t fill the drive. The drive decides when to use its buffered free storage blocks. It’s at the hardware level and only the Secure Erase command will clear it.
You fill up the usable space. Or the visible space. No one will disamble the device and read from the raw storage.
Then why do that when you can do a secure erase in seconds?
Right, I read some more of the comments and realized that’s what some of the “unreported space” is used for. Makes sense, thanks!
deleted by creator
That makes sense. Thank you!
Nobody is gonna bother doing advanced forensics on 2nd hand storage, digging into megabytes of reallocated sectors on the off chance they to find something financially exploitable. That’s a level of paranoia no data supports.
My example applies to storage devices which don’t default to encryption (most non-OS external storage). It’s analogous to changing your existing encrypted disks password to a random-ass unrecoverable throwaway.
deleted by creator