Prevent RMA-ing a dead SSD with sensitive data

Expansion

n00b
Joined
Apr 2, 2011
Messages
20
Is there a way to prevent sending to RMA a dead SSD with personal/sensitive data?
Besides encrypting the drive, which would decrease the speed and would lower your chances of self data recovery in case of minor SSD damages/corruption.
 
Depends how dead it is. Probably not though - although I really doubt if anyone at Crucial, etc, is going to take the time to try to read your data. They'll just wipe the drive and move on.
 
Well, don't send it !

What would you do if it was a hard drive, and the problem was the electronics (or just a bricked drive) ? Everything is "easily" recoverable if someone wants to and has the equipment.
 
Well, don't send it !

What would you do if it was a hard drive, and the problem was the electronics (or just a bricked drive) ? Everything is "easily" recoverable if someone wants to and has the equipment.

This.
 
As Aesma said, if the drive has sensitive information that was not encrypted then RMA isn't really an option. Just smash the drive to pieces and buy a new (more reliable) one and move on.
 
If you are working with such sensitive materials that if somebody saw it, it would results in severe damage to the company/person...YOU DON'T RMA.
 
Is there a way to prevent sending to RMA a dead SSD with personal/sensitive data?
Besides encrypting the drive, which would decrease the speed and would lower your chances of self data recovery in case of minor SSD damages/corruption.

I use two drives, 50% of the size I need and I run them in RAID 0.

If a drive dies, there's no complete data since it was all striped between two drives.

I still do backups so I have it if "I" need it.
 
although I really doubt if anyone at Crucial, etc, is going to take the time to try to read your data. They'll just wipe the drive and move on
+1

I seriously doubt the techs doing RMAs have the time or inclination to recover any data.
 
I use two drives, 50% of the size I need and I run them in RAID 0.

If a drive dies, there's no complete data since it was all striped between two drives.

I still do backups so I have it if "I" need it.

Still if your sensitive file is less than the stripe size (64K, 128K, 256K ...) a complete file may be on a single drive of the raid.
 
Sometimes I have read that a buyer gets a new computer, but it turns out that the computer is refurbished and the install is from the earlier customer. So the buyer can see family photos, etc.

Maybe your disk will be sold to another person. Maybe your disk will not be erased, by mistake (forgetting). etc

If you have valuable data and can not take this risk, break it and buy a new.
 
How sensitive is the data? If it's such that'll cost you a loss of more than what the SSD is worth, then don't send it in...
 
Encryption is really the only way; either that or not store any sensitive data on the SSD (or hard drive) that you may need to RMA.
 
I don't want to sound snippy at all, but if you're asking a question like this I really doubt the data on the drive is THAT valuable.
 
I don't want to sound snippy at all, but if you're asking a question like this I really doubt the data on the drive is THAT valuable.
IMHO the media has many people much more paranoid than they need to be.

While it's possible for these RMA centers to harvest data I'm sure the over-worked, under-paid employees don't bother to even check if the drive's empty or not.
 
While it's possible for these RMA centers to harvest data I'm sure the over-worked, under-paid employees don't bother to even check if the drive's empty or not.

I'm inclined to agree, but then I'm also inclined to think that the same penny-pinching drive manufacturers, who will view the whole warranty/RMA thing as just a cost that they would like to get as low as possible, will also consider the saving on electricity etc they can make by not bothering to run a full erase... with SSDs I guess this is less of a problem, as they can be wiped extremely quickly.

Maybe this is wishful thinking, but there should be an industry standard or even a law for this sort of thing. Any refurbed drive should be guaranteed to be clean of old data.
 
I have never ever seen any data on a hard drive that I received via RMA (out of 75+ at work). The partition tables are always wiped / zeroed. However I have never tried to undelete them or used any recovery tools.
 
Last edited:
It is very difficult to recover data from SSDs, period. It's just the way they work. You can't count on recovering much of anything if a file has been deleted. I assume that it holds true if the drive's FW is factory reflashed, as I believe that most factory reflashes are destructive in nature. Milliseconds after data becomes invalidated on an SSD it starts getting erased. I believe that newer drives are more slack in this regard due to trim (some Indilinx FW was/is really, really aggressive at GC). If you were to delete the drive's partition, then immediately unplug the drive most of the data would still be there. But you'd have to desolder the NAND from the PCB and make your own FTL layer to retrieve it. If the drive were to have power for very short periods of time it would render most of the data completely irrecoverable and fragmented.

So I would gauge how "private" the data is and how much damage it would do if it got out. But I also believe that it's highly unlikely that a drive could be fixed without wiping the drive as well. Firmware updates are non-destructive as they update the FW in place. What they do at an RMA center is probably throw the drive in a commercial machine that destructively flashes the FW, doing a factory re-burn in. Most of the RMAs for SSDs are caused by FW problems, so they probably just put it in a device that either wipes the data as part of the process, or intentionally SEs the drive for distribution. I'd say that unless you were looking at 25 years jail time for the drive's contents, you're probably safe from an RMA. I think it's highly unlikely that an RMAd drive will end up in an actual system in front of a tech. Rather, one guy probably straps 10 drives at a time into a diagnostic bay or something.

Encryption doesn't slow down the drive per se; unless it's SandForce, then it's always running at incompressible speeds. But FDE will use every LBA, so the drive will be running just on spare area. Most drives' encryption is pretty good though.
 
If RMA technicians had to hook every drive up to a desktop PC individually, they'd never get anything done. Also, if the RMA center had access to customer data, it would actually expose them to quite a bit of liability -- after all, if you were to RMA a drive that could implicate your involvement in a serious crime, and the RMA center personnel had access to it and knowledge of, but didn't do anything, the company could be liable at least on a civil basis. Either way, it's good to not just assume that your data is irrecoverable, but it could only be recovered under very specific circumstances. After all, most data on the drive is really spread out over every NAND device where possible. So a larger file might exist in 16 to 64 or more pieces -- though if there was one place where it could be recovered, it's the factory. If it were easy to do, they could make a good chunk of money just recovering data from dead drives for a lot more money than the drive cost in the first place. But they don't, because it's difficult and time consuming. It's hard enough on a HDD, but far more difficult on an SSD. Recovering data from an SSD is nothing like a HDD (because of the dynamic nature of the SSD itself, most notable wear leveling and garbage collection). HDDs are fairly easy to recover data from if it's not been physically damaged or securely/sanitary erasure.

If you were to delete some files on an SSD, you'd have almost no time to recover them. Most of the time all that's left are some fragments that may exist in a couple different places -- but just fragments. There are a couple of interesting papers on forensic data recovery that were linked here. They're well worth a read.
 
When you RMA your drive, no one will be looking at your data, even the drive if it is dead already can't be repaired so I assume they just test it out with their specialised software and if it not pass it is basically thrown out and you get replacement. Nothing to worry about.
 
I don't think you have anything to worry about, but I wouldn't risk jail time or even getting fired. Unless maybe it's a really, really expensive SSD.

Or a SandForce. The chances of getting data recovered from a SF are pretty much nil. Even if you wanted to, much less if you were just RMAing the drive. Most data recovery centers can't recover data from SF drives that aren't working, and it the drive was working you wouldn't need to recover the data.
 
Last edited:
This is exactly why my government customers pay extra for "disk retention" when they buy new EMC arrays. When hard drives go bad, they keep them.
 
Send it via FedEx and it might get there in unrecognizable shape, pull shipping insurance and both you and your SSD manufacturer wins!
 
"Fed Ex -- when it absolutely, positively has to be broken when it gets there, but still has to be on time"
 
"Fed Ex -- when it absolutely, positively has to be broken when it gets there, but still has to be on time"

haha made my day. Just came from what should've been 5 minutes in walmart, turned out to be 1 hour+.
 
Back
Top