Solid State Drives File Deletion

Forums: 

Hello.

Can the BleachBit software be used on Solid State Drives?

Thank You,

TheRube

Brooklyn, NY USA

Yes and no. The assumptions BleachBit uses to for overwriting files (and free disk space) are intended primarily for hard disk drives—which are popular, well researched, and well understood. Solid State Drives, on the other hand, are relatively new and seem to be evolving rapidly: that is, even if overwriting were proven on a single brand and model of Solid State Drive (SSD), this effectiveness may not necessarily translate to all SSDs.

SSDs are prone to wear-out, so overwriting (especially for free disk space) may reduce the life of the device. If data sanitation is a primary concern, consider using an encrypted volume. If that is not possible, read the link and consider the potential threat. If it is is a casual, non-sophisticated threat, then try using an undelete tool after using BleachBit: the files will probably be totally inaccessible (with the overwrite files option enabled and not using overwrite free disk space).

If data remanence is not a large concern, use BleachBit normally—probably without the option for overwriting files.

---
Andrew, lead developer

The article "SSD firmware destroys digital evidence, researchers find" (March 2011) shows how SSDs are harder for forensic analysis.

A technology built into many new solid state drives (SSDs) to improve their storage efficiency could inadvertently be making forensic analysis at a later date by police forces and intelligence agencies almost impossible to carry out to legally safe standards, researchers have discovered.
[...]
After conducting a series of experiments comparing a sample Corsair 64GB SSD with a conventional Hitachi 80GB magnetic hard drive (HDD), the team found a layer cake of data recovery problems caused by the ‘garbage collection’ or purging algorithms used in SSDs to keep them at peak performance.

After examining an SSD for traces of data after it had been quick formatted, the team expected the purging routines to kick in around 30-60 minutes later, a process that must happen on SSDs before new data can be written to those blocks. To their surprise, this happened in only three minutes, after which only 1,064 out of 316,666 evidence files were recoverable from the drive.

However just two weeks ago I saw an article with the opposite view: Reliably Erasing Data From Flash-Based Solid State Drives (Michael Wei).

I haven't had time to study these yet, but keep in mind these articles probably refer to wiping the entire drive (not individual files or the free disk space).

---
Andrew, lead developer