Backblaze Dispels SSD Recycling and Disposal Myths

Megalith

24-bit/48kHz
Staff member
Joined
Aug 20, 2006
Messages
13,000
The backup company is offering advice on how to securely recycle or dispose of your old SSDs. There is certainly nothing too mind-blowing here—as you may have already guessed, physical destruction by means of shredding or encrypting the entire drive works great. I found it interesting that they advised against zeroing out a drive, however.

Physically destroying the SSD by shredding it into small particles is the absolutely safest, most foolproof method for safe and secure disposal. Unfortunately, it’s also the most expensive. Prices on devices designed for SSD shredding start in the thousands. If your business has the budget, a number of companies make shredding devices especially designed to physically destroy SSDs. Security Engineered Machinery, Phiston, and Garner are popular SSD shredder makers. It’s important to check the specs of any potential shredder to make sure the shred size is small enough to actually destroy the memory chips on your SSD, however. The shred width should be 1/2 inch or less if you want to make sure the chips get properly mashed up.
 
Zeroing works fine*

*The devil is in the details- if a block gets desginated as bad (failed checksum/write) then that block will not get zero'd unless you use specially designed software specific to that drive. And that is very hard to get a hold of. But chances are the data in those "bad blocks" is corrupt and incomplete already. But all it takes is a few bytes sometimes for your competition to get what they need. So it's a risk. But a small one.
 
I have told my lawyer friends that the only way to be sure on spinning disks is to melt the platters and stir the results. Given enough money and time, data could be recovered even from a platter full of holes. See nothing here that indicates that melting a SSD won't achieve the same result. Just don't inhale the vapors generated during the process.
 
I have told my lawyer friends that the only way to be sure on spinning disks is to melt the platters and stir the results.

That was one thing I liked about the old IBM Deathstar drives, the platters would shatter immediately when drilling through the drive.
 
I have told my lawyer friends that the only way to be sure on spinning disks is to melt the platters and stir the results. Given enough money and time, data could be recovered even from a platter full of holes. See nothing here that indicates that melting a SSD won't achieve the same result. Just don't inhale the vapors generated during the process.
I worked for HGST for a couple of years, so I have some experience in this area. I can tell you that if you put holes in the platters and/or warp them, it will be very difficult to recover any useful data from them. I'm not saying that bits couldn't still be recovered, but with how close the tracks are and all the ECC and other encoding, it would take a massive (very expensive) effort to recover data sectors on the undamaged parts. Then you would still have to sort out what that data belongs to, which would be difficult given that the file system would be damaged as well. As a practical matter, only governments and maybe a few large corporations, have the resources to mount such a project, and they wouldn't do that unless they knew the data was worth it. For the data from the average person or business, it is just not worth it.
 
Still perplexed at how anyone cares what Backblaze thinks, or how they've become any kind of authority on storage when their business sits atop a landfill of shucked external cases.

I guess perception really is reality.
 
Zeroing works fine*

*The devil is in the details- if a block gets desginated as bad (failed checksum/write) then that block will not get zero'd unless you use specially designed software specific to that drive. And that is very hard to get a hold of. But chances are the data in those "bad blocks" is corrupt and incomplete already. But all it takes is a few bytes sometimes for your competition to get what they need. So it's a risk. But a small one.

That's a possibility, but the real problem is wear leveling. There's always going to be blocks that won't be written to if you fill the drive to allow the chips to all be worn to a consistent state. Unless whatever you are using is smart enough to advise the firmware to clear the excess space you have no idea what's left on the drive and is likely readable.
 
Just pull the circuit board out and hit each chip with a hammer until it breaks.

If that's not secure enough, then the drive should have been encrypted to protect the data.
 
That's a possibility, but the real problem is wear leveling. There's always going to be blocks that won't be written to if you fill the drive to allow the chips to all be worn to a consistent state. Unless whatever you are using is smart enough to advise the firmware to clear the excess space you have no idea what's left on the drive and is likely readable.

Correct. What the drives present to the OS and what really happens are quite different things. Writing "all zeros" has no assurance the drive is all zeros.

This is why the crypto approach works. Many drives do this invisibly. When you "secure erase" the drive, it regenerates its internal crypto key. All existing data is now gone because you no longer have the key.
 
I worked for HGST for a couple of years, so I have some experience in this area. I can tell you that if you put holes in the platters and/or warp them, it will be very difficult to recover any useful data from them. I'm not saying that bits couldn't still be recovered, but with how close the tracks are and all the ECC and other encoding, it would take a massive (very expensive) effort to recover data sectors on the undamaged parts. Then you would still have to sort out what that data belongs to, which would be difficult given that the file system would be damaged as well. As a practical matter, only governments and maybe a few large corporations, have the resources to mount such a project, and they wouldn't do that unless they knew the data was worth it. For the data from the average person or business, it is just not worth it.

Agreed, BUT when I was just starting in my IT career, back when 5.25" floppies were all the rage, I read a report about a suspected drug dealer who prior to having the search warrant executed on him, cut a floppy into a pile of small pieces. The investigators spent 6 months and several hundred thousand dollars recovering most of the data. They reconstructed the floppy to determine where each piece went, then put each piece on a clear plastic disk and hand turned the piece under a R/W head. The recovered bits were loaded into a database and sorted into the proper order. Enough data was recovered to make the case against the guy. Since then I have had a distrust of the effectiveness of incomplete destruction as a security measure. Especially for lawyers and others who may not know everything their clients are involved in and have a legal obligation to prevent disclosure.
 
That's a possibility, but the real problem is wear leveling. There's always going to be blocks that won't be written to if you fill the drive to allow the chips to all be worn to a consistent state. Unless whatever you are using is smart enough to advise the firmware to clear the excess space you have no idea what's left on the drive and is likely readable.
Doesn't quite work this way. All drives have a reserve capacity that is only used for bad cell blocks. That capacity is ONLY tapped into when a cell block fails. Wear leveling occurs across the active blocks, not the reserve blocks.

So an entire disk fill would do the job pretty nicely. But as I said, bad blocks would not be overwritten.
 
it's amazing to me that people still don't know things like this 6 years after the initial research about this was published. ah well

This research is based on deleting single files. If you fill the drive up with garbage, the file will have no option but to be erased (Provided it wasn't duplicated from a failed cell write) And SSD do garbage cleanup and wear leveling actions in the background. Given enough time the SSD might prepare the cell for another write by zeroing out contents. This enhances performance as all cells have to be rezero'd before write.
 
I worked for HGST for a couple of years, so I have some experience in this area. I can tell you that if you put holes in the platters and/or warp them, it will be very difficult to recover any useful data from them. I'm not saying that bits couldn't still be recovered, but with how close the tracks are and all the ECC and other encoding, it would take a massive (very expensive) effort to recover data sectors on the undamaged parts. Then you would still have to sort out what that data belongs to, which would be difficult given that the file system would be damaged as well. As a practical matter, only governments and maybe a few large corporations, have the resources to mount such a project, and they wouldn't do that unless they knew the data was worth it. For the data from the average person or business, it is just not worth it.

Yes, yes. But your even your most average person becomes super important after a few drinks so it would be worth it
 
seems little wasteful to destroy them (unless they are Not self encrypting drives but you should not be using them for sensitive data) , when a secure erase ATA command does the job perfectly fine assuming the SSD is a self encrypting drive, the keys are cleared and regenerated (that alone renders the data unrecoverable) and then it trims all flash blocks in one large wipe and page area is wiped as well (if you're paranoid use a intel SSD)

secure erase works fine mostly on non encrypted drives but there is a Very small risk of data retrieval (page area and NAND is reset so unlikely but not impossible)
 
I work for a public sector, we are supposed to try and sell off or donate as much of our old equipment as we can, what I have been doing for used but still functional drives is zero writing them then swapping the control cards on them with another identical model. They are then donated to build PC's for needy families, libraries, etc ... I have not yet had to donate off any of the SSD's so I don't know what I will do with them but they are so far outlasting the PC's they are being installed into so I have just been moving them from the Old Laptops to the New ones because nobody wants to go from an SSD back to a mechanical drive it and those who have always complain the new computer is slower than the old one.
 
I don't know about solid state drives, but here's the [ H ]ard way of disposing of [ H ]ard drives...

 
That was one thing I liked about the old IBM Deathstar drives, the platters would shatter immediately when drilling through the drive.

IBM only made glass HDs for a few years (1999-2003). Before that, they were all aluminum platters (I worked in the aluminum platter plating area in 99, and glass platters were still in the early-production stage at the time)

I worked for HGST for a couple of years, so I have some experience in this area.

Did you by any chance work in Rochester MN?
 
I would just remove the SSD cover and drill through each of the flash chips. Then could follow-up with a hammer smash for good measure.
 
seems little wasteful to destroy them (unless they are Not self encrypting drives but you should not be using them for sensitive data) , when a secure erase ATA command does the job perfectly fine assuming the SSD is a self encrypting drive, the keys are cleared and regenerated (that alone renders the data unrecoverable) and then it trims all flash blocks in one large wipe and page area is wiped as well (if you're paranoid use a intel SSD)

secure erase works fine mostly on non encrypted drives but there is a Very small risk of data retrieval (page area and NAND is reset so unlikely but not impossible)


Yeah, I remember when this came up ages ago for mechanical drives. 5 minutes of searching and reading showed that "Secure Erase" existed exactly for this reason, and it functioned perfectly, and yet people kept doing all their silly write 00 alternating with FF multiple times or other nonsense.

Secure erase and re-purpose. Done. If you are kind of paranoid, research if their any issues with SE on your particular drive.

If you are ultra paranoid about your sick porn collection, or illegal activities, I guess you can go all medieval and grind your drive to dust...

I usually use my HDD's till they fail, then take them apart for the Magnets. I don't bother doing any damage to the platters. I only have one SSD and it hasnt' failed yet...
 
I'd assume hitting it with a blowtorch would work. Most things don't like fire.
 
IBM only made glass HDs for a few years (1999-2003). Before that, they were all aluminum platters (I worked in the aluminum platter plating area in 99, and glass platters were still in the early-production stage at the time)

Ah, well that explains them then.
My boss at the time got tired of hearing me smashing old drives with a hammer and bought a degausser which he put several floors away in an empty office where facilities kept extra furniture (it was kinda loud).
 
At my old job's datacenter we had a hydraulic press that would punch a large hole in the drive. Man that thing was loud.

Seems so wasteful, I mean if you do a DBAN wipe off 1 drive out of a raid set, is anyone going to get anything usable off it? Nah.

Current job has just set policies in place for drive replacements..... no more RMA. I foresee a giant box of hard drives filling up waiting to be melted/shredded/exploderized. Where's the T2 metal melting pool when you need it?
 
$1000 for an SSD shredder? Hell, pop the board out and a good whack with a 20oz hammer at each of the chips will shred the drive just fine. Nobody's gonna be getting anything valuable off that.

It wasn't all that long ago you had to wear an anti-static strap when handling bare electronics to keep from frying them with the static electricity you get walking across a carpet.
 
All of this permanent damage is rather wasteful. SSDs do enough housecleaning that a standard reformat will make your data unrecoverable after a few minutes.
 
sudo hdparm --user-master dick --security-set-pass balls /dev/sda
sudo hdparm --user-master dick --security-erase balls /dev/sda

BAM! Done in under 5 minutes.

I do this for all my SSDs ~once a year just to refresh them.
 
sudo hdparm --user-master dick --security-set-pass balls /dev/sda
sudo hdparm --user-master dick --security-erase balls /dev/sda

BAM! Done in under 5 minutes.

I do this for all my SSDs ~once a year just to refresh them.
Ever accidentally get the wrong /dev? :D
 
The article contained good information. Backblaze is one of the companies I mention when people ask about backing up.

Their hdd reliability statistics, while not perfect, provide much needed insight into hdd failures and models you might want to avoid.
 
Ever accidentally get the wrong /dev? :D
Heh, never. To avoid any Mr Magoos, I unplug every other non-optical SATA device :D

37ad608ccda84f3809b95e182ea9bd7d.jpg
 
Back
Top