Do file Shredders work on SSD's?

Discussion in 'Security and Anti-Virus Software' started by passive101, Apr 25, 2011.

Thread Status:
Not open for further replies.
  1. Hungry Man

    Hungry Man Notebook Virtuoso

    Reputations:
    661
    Messages:
    2,348
    Likes Received:
    0
    Trophy Points:
    55
    I've heard truecrypt has a larger performance hit. How has bitlocker been bypassed?
     
  2. erig007

    erig007 Notebook Evangelist

    Reputations:
    249
    Messages:
    318
    Likes Received:
    0
    Trophy Points:
    30
  3. isavetheday

    isavetheday Notebook Consultant

    Reputations:
    57
    Messages:
    216
    Likes Received:
    0
    Trophy Points:
    30
  4. woofer00

    woofer00 Wanderer

    Reputations:
    726
    Messages:
    1,086
    Likes Received:
    0
    Trophy Points:
    55
  5. passive101

    passive101 Notebook Deity

    Reputations:
    36
    Messages:
    1,548
    Likes Received:
    0
    Trophy Points:
    55
    I have a private practice and just need to keep files secured. I use my iPad when I'm with a client, mobile, and have a software program which is made more medical use that keeps files encrypted and the backup is encrypted on my computer (dr Chrono). Files are sent to be printed and I access the files, pictures, videos on the windows 7 computer. That's my current setup that I'm using. I'm still switching over from the filing cabinet though. Thankfully I'm new to the field and don't have hundreds of paper files yet!
     
  6. Christoph.krn

    Christoph.krn Notebook Evangelist

    Reputations:
    263
    Messages:
    423
    Likes Received:
    0
    Trophy Points:
    30
    No. In addition to the fact that the operating system can't be sure that it actually knows a particular file is located on an SSD, and thus software running on the operating system can't know how to shred files, SSDs typically have a so-called "spare area" of flash memory that is inaccessible to the user. This spare area is being used for management purposes such as wear leveling and may contain files that had already been deleted. Even if you completely overwrite your SSD, old files may persist in the spare area, which would be accessible by taking apart the SSD, reading out the NAND chips and potentially reconstructing files (though reconstruction may not be necessary for some files). (There are some additional considerations, such as potential data that has been stored in blocks which have since been marked as "bad" and thus wouldn't get overwritten.)

    Normally, there's the ATA Secure Erase command that can be sent to an HDD or SSD, which will then securely erase its contents (including the spare area on SSDs). However, currently the implementation of secure erase is flawed on many of those SSDs that support it.


    -----

    The techniques used to bypass BitLocker that are being used in the reports you linked to all derive from the same base problem, which is inherent to the design of low-level encryption software and also can be used to bypass TrueCrypt.

    This problem is that the information that is needed to decrypt the drive on-the-fly is stored in RAM.

    Unlike many people believe, the RAM won't be erased instantly as soon as you turn off a system, but rather the data will persist, typically for some seconds to minutes. Thus, the following attacks (there may be more) become possible:
    • An attacker could plug in a USB stick, so when you restart the computer it may (depending on its configuration) boot from the stick and into a system which could dump the contents of the RAM to the stick and then restart the computer. By breaking into your system via other vulnerabilities later and reading the stick out via software (which would mean that the attacker already got access at that point), or by retrieving the USB stick, the attacker could get the information needed to decrypt the disk.
    • An attacker could steal your system while it is running, open it up and literally freeze the RAM (which would increase the time span in which the data persists). By taking out the RAM modules and putting them into a system that would dump the RAM contents on boot, the attacker could get the information needed to decrypt the disk.

    Furthermore, the contents of the RAM can be read and modified via some ports such as Firewire, Cardbus, PCMCIA and ExpressCard while the system is running, so:


    -----

    In conclusion, there currently is no generally reliable way to erase SSDs. If you are storing really sensitive data on your SSD, you should physically destroy the disk if you don't need it any longer. Also, if possible you should put the sensitive information on a system that has no access to the internet and update the system manually. Furthermore, encrypting the disk(s) of that system is a very good idea because the system might get stolen, which is probably the biggest risk of all in your case.
     
  7. passive101

    passive101 Notebook Deity

    Reputations:
    36
    Messages:
    1,548
    Likes Received:
    0
    Trophy Points:
    55
    Stolen data would probably be the largest risk. I do of course follow all HIPAA guidelines which doesn't even include encryption, but I'd rather not take the risk to my clients or have a civil suit brought upon me.

    It sounds like I will encrypt the drive with trucrypt, but destroy the SSD before selling/disposing of the computer. I do have the original HDD that came with it and could easily just swap it out.
     
  8. passive101

    passive101 Notebook Deity

    Reputations:
    36
    Messages:
    1,548
    Likes Received:
    0
    Trophy Points:
    55
    Does anyone know if this problem can be fixed in the future? I can't imagine I am the only person concerned about this in this day of age.
     
  9. woofer00

    woofer00 Wanderer

    Reputations:
    726
    Messages:
    1,086
    Likes Received:
    0
    Trophy Points:
    55
    What counts as sufficient implementation of data security measures is between you and your malpractice insurer. Chances are, your current methods are probably above and beyond the industry standard. Loss of sensitive data is more likely to occur as a result of leaving your office door unlocked than having data copied and decrypted off a drive you threw out.

    To the best of my knowledge, the issue of data ghosts remaining after wipes has never really been entirely solved - hence, physical destruction by most financial and medical data IT security departments.
     
Loading...
Thread Status:
Not open for further replies.

Share This Page