I understand traditional methods don’t work with modern SSD, anyone knows any good way to do it?
deleted by creator
For all average user requirements that just involve backups, PII docs, your sex vids, etc (e.g. not someone who could be persecuted, prosecuted, or murdered for their data) your best bet (other than physical destruction) is to encrypt every usable bit in the drive.
- Download veracrypt
- Format the SSD as exFAT
- Create a new veracrypt volume on the mounted exFat partition that uses 100% of available space (any format).
- open up a notepad and type out a long random ass throwaway password e.g.
$-963,;@82??/@;!3?$.&$-,fysnvefeianbsTak62064$@/lsjgegelwidvwggagabanskhbwugVg, copy it, and close/delete without saving. - paste that password for the new veracrypt volume, and follow the prompts until it starts encrypting your SSD. It’ll take a while as it encrypts every available bit one-by-one.
Even if veracrypt hits a free space error at the end of the task, the job is done. Maybe not 100%, but 99.99+% of space on the SSD is overwritten with indecipherable gibberish. Maybe advanced forensics could recover some bits, but a) why the fuck would they go to that effort for a filthy commoner like yourself, and b) what are the chances that 0.01% of recoverable data contains anything useful!?! You don’t really need to bother destroying the header encryption key (as apple and android products do when you wipe a device) as you don’t know the password and there isn’t a chance in hell you or anyone else is gonna guess, nor brute force, it.
deleted by creator
a) why the fuck would they go to that effort for a filthy commoner like yourself, and b) what are the chances that 0.01% of recoverable data contains anything useful!?!
Nobody is gonna bother doing advanced forensics on 2nd hand storage, digging into megabytes of reallocated sectors on the off chance they to find something financially exploitable. That’s a level of paranoia no data supports.
My example applies to storage devices which don’t default to encryption (most non-OS external storage). It’s analogous to changing your existing encrypted disks password to a random-ass unrecoverable throwaway.
deleted by creator
If you want to keep/sell the drive…
- Fill up the rest of the usable space
- Encrypt the drive
- Throw away the encryption key/password
- Hard format (writing zeroes to every bit, sorry if that’s the wrong term
Is that the best strategy? Or is anything outside of 2 and 3 redundant?
deleted by creator
This article covers several methods. Personally, I’d look for a BIOS based tool first, as that would be free and easiest. After that, the Diskpart Clean All command is probably fine for anything other than Top Secret data which a government based threat actor would be willing to put a lot of resources into recovering. If it’s just your tax documents and porn archive, no one is going to care enough to dig out anything which that command might have left behind.
deleted by creator
If running linux, what command should be run? Shred isn’t viable on a SSD, as it will only tear them down. Shred was designed with HDD in mind.
deleted by creator
A special feature known as SSD secure erase. The easiest OS-independent way is probably via CMOS setup – modern BIOSes can send secure erase to NVM Express SSDs and possibly SATA SSDs.
Did this already, it took 1 second for a 2TB drive. Would you trust that?
deleted by creator
Thanks for this informative answer. Then it would make sense that it took only 1 second, then again, I have a modern Asus motherboard (AM5) with a Western Digital NVMe drive, and that drive isn’t listed as Secure Erase compatible on Asus motherboard. I will download the WD dashboard and do it that way, I didn’t know it existed before I posted this question.
deleted by creator
