Silk Road forums
Discussion => Security => Topic started by: 57 on August 29, 2013, 05:39 pm
-
hello
maybe i missed the thread, but i don't see anyone speaking to wear leveling and SSD drives. it seems impossible to securely erase any SSD or USB / Compact Flash drives due to this wear leveling technology. even writing 0's to a disk does not securely overwrite any datas. this seems to be a concern to truecrypt as well. from what i understand, this is the case and i would recommend using a spinning disk without wear leveling technology built in.
577
-
I think the main problem with TrueCrypt (or any encryption software) and SSD is that the device can't be securely wiped. If there was any sensitive data on the SSD before encryption there is no guarantee that you can get rid of it. As far as I remember it' may also easier to tell which parts of the drive are encrypted and which are not, which could make it easier to crack the encryption. It may also make plausible deniability impossible when using hidden volumes.
However even without encryption SSD's may be a pain in the ass for forensics, if the user did a simple quick format:
http://news.techworld.com/security/3263093/ssd-fimware-destroys-digital-evidence-researchers-find/-/
-
Some of the modern SSD can be secure wiped because they have built in encryption that is always used, even without password. Then you just need it to be able to wipe the encryption keys, which it seems to be able to do without worrying about wear leveling. So if you get a modern SSD it is possible that you can securely "wipe" it, but it is a different sort of wipe than a HD wipe. With HD you are actually overwriting the data so it is not there at all when you are done, with SSD you overwrite only a tiny bit string but once that is gone your data is impossible to access by someone who cannot break AES-256 with a 256 bit truly random key.
-
thanks for the comments, friends
it seems that anyone using an SSD should make sure not to write any sensitive data to the disk before creating an encrypted volume. even after encryption, if the keys are discovered, it would be possible to uncover an old version of the encrypted volume, so deleting data inside of an encrypted volume is also vulnerable
i've been reading a lot about poor implementation of the "secure wipe" function of SSDs and how it has not been implemented properly in most cases
it sounds to me that users should be discouraged from using SSD if they are storing sensitive data. i know i will stick to spinning disks.