Secure Wiping of SSD Drives using Encryption & Formatting

SUBMITTED BY: pogue

DATE: Dec. 10, 2021, 9:34 p.m.

UPDATED: Dec. 29, 2021, 11:35 a.m.

FORMAT: Text only

SIZE: 2.2 kB

History Raw Download

HITS: 1523

Report
  1. I've been thinking of ways to be able to wipe or try the SSD drive. I've been recommending to people who need real opsec this device called USBKill - https://usbkill.com/products/usbkill-v4. You stick it in a random USB port and it will fry the circuitry on the whole computer. But I was reading the documentation and saw the following:
  3. When testing computer hardware, is data affected?
  4. When tested on computers, the device is not designed or intended to erase data. However, depending on the hardware configuration (SSD vs Platter HDD), the drive controllers may be damaged to the point that data retrieval is impractical.
  6. But, BlackBlaze: https://www.backblaze.com/blog/how-to-securely-recycle-or-dispose-of-your-ssd/ (an online cloud storage company) recommends encrypting the SSD with a random key and then formatting it.
  8. If you want to DIY it, just download a copy of VeryCrypt - https://www.veracrypt.fr/en/Downloads.html to encrypt the HDD, use a CPSNG (Cryptographically-secure pseudorandom number generator) to generate the password to encrypt the drive, and then run a full format on it. You can generate one here: https://www.mobilefish.com/services/pseudorandom_number_generator/pseudorandom_number_generator.php
  10. I'm not sure what the limit is for VeraCrypt password lengths off the top of my head, but if you dig through the documentation I'm sure you can find it. Otherwise, just start at intervals of 128, 256, 512, 1024, etc. and make that your password - or anywhere in that range. Don't save that password _anywhere_. Choose any encryption scheme you want. You don't have to make it super fancy or use any exotic cascading encryption engines that VeraCrypt offers, AES 256bits works fine. Then just encrypt the drive with VeraCrypt. If you need help with that, there's plenty of documentation on it: https://www.veracrypt.fr/en/Documentation.html
  12. Once it's completed encrypting the drive, simply format it (Full format not Quick). If there's any leftover data on the drive, it will be encrypted and thus no forensic software can access it.
  14. Originally posted for project https://github.com/PartialVolume/shredos.x86_64 shreddox.x86_64
comments powered by Disqus