ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

Why It Is Very Difficult to Delete Important Information From SSDs: Study Results

Updated on March 20, 2018

Even if new generation data storage devices indicate that files have been deleted, 75% of information stored on them can still be stored on flash-memory based storage devices - according to the study's results presented at the Usenix FAST 11 conference in California. In some cases SSD wrongly indicates that files were "deleted securely", although files' copies still remained in reserve archives.

Intel SSD 710 Series
Intel SSD 710 Series | Source

Causes of difficulties

It is difficult to securely delete data on SSD because of its absolutely different internal structure. Traditional ATA and SCSI hard drives use magnetic properties of materials to store data onto physical location, known as LBA, or mechanism of data block addressing and access. On the contrary, SSD uses computer chips to store information digitally, as well as FTL or flash translation later, used for data management. When information is modified, FTL frequently stores new files on various parts and updates the card to display the modification.

Within this process, the old file's data remanence, referred to as digital remanence, continues to remain on the storage device.

"These differences between the hard drive and SSD can potentially lead to substantial difference between user's expectations and real behavior of the storage device," - wrote the scientists from the University of California, San Diego in a 13 pages article. "The holder of SSD can apply "sanitary treatment" method of the hard drive, mistakenly thinking that it can help to irretrievably delete data. Truth be told, the data can still remain on a storage device and in order to delete it, you will need to use sophisticated methods".

Researchers revealed that 67% of data stored in a file still remains even after it was deleted from SSD using secure data delete option offered by Apple in their Mac OS X. Other data 'erasure' operations, which securely delete files through repeated rewriting of data stored in a particular place on the disk, proven to be useless with the same high indications during their use for deleting a separate file from SSD. For example, when performing pseudorandom data operations, 75% of information remained. At the same time, British HMG IS5 demonstrated slightly better results - 58%.

Samsung 850 PRO SSD
Samsung 850 PRO SSD | Source

Deleting data: search for solutions

Selection of one or more files for deletion is only a method of "sanitary treatment" enabling to continue to use the disk on which information was stored. Also, the researchers revealed that all data rewrite methods directed at one file failed to delete all digital remnants, although the procedure was followed by disk defragmentation rearranging residual information in the file system.

"Our data shows that rewriting is ineffective and 'data deletion methods offered by manufacturers' not always can work properly," - the article warns.

Disk cleaning methods are not much better with SSD. There was a case when one SSD model still had 1% out of 1 Gb of data and that was after 20 consecutive attempts to rewrite data on the device. Other devices were able to delete data securely after two attempts, but the majority of them required 58 to 121 hours to perform one pass, which makes the equipment nonviable in most of the cases.

Researchers also revealed serious failures when attempting to subject SSD-media to demagnetizing, during which occurs a destruction of storage devices low-level formatting. Since demagnetizing is dangerous only for magnetic disks, it is not effective when applied to the new generation of data storage devices. "Information remained undamaged in all cases," - the researchers wrote.

Seagate 1200 SSD
Seagate 1200 SSD | Source

What the most effective way to delete the data?

Researchers found the most effective way of deleting information from SSD by using data encryption devices. Data erasure occurs via deletion of encryption keys from so-called key storage. Therefore, it ensures that the information remains encrypted forever.

"Nevertheless, the danger here is that this method relies on the controller which is supposed to thoroughly clean internal storage containing encryption key and other valuable information, which can be useful during cryptanalysis," - the researchers wrote. "We found these bugs while executing some cleaning commands. It is too optimistic to think that the manufacturers of SSD will thoroughly clean the key storage. Moreover, there is no way to make sure that the cleaning was actually done (for example while deleting the storage device)".

The study was carried out by writing files with recognizable signatures on SSD and subsequent use of special devices which had to find signs of information remnants after use of secure file deletion methods. Research device's cost is approx. USD 1,000, but "the simple version on the basis of microcontroller would cost USD 200 and would require only a moderate level of technical expertise for creation", - they informed.


    0 of 8192 characters used
    Post Comment

    No comments yet.


    This website uses cookies

    As a user in the EEA, your approval is needed on a few things. To provide a better website experience, uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

    For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at:

    Show Details
    HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
    LoginThis is necessary to sign in to the HubPages Service.
    Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
    AkismetThis is used to detect comment spam. (Privacy Policy)
    HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
    HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
    Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
    CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
    Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the or domains, for performance and efficiency reasons. (Privacy Policy)
    Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
    Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
    Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
    Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
    Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
    VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
    PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
    Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
    MavenThis supports the Maven widget and search functionality. (Privacy Policy)
    Google AdSenseThis is an ad network. (Privacy Policy)
    Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
    Index ExchangeThis is an ad network. (Privacy Policy)
    SovrnThis is an ad network. (Privacy Policy)
    Facebook AdsThis is an ad network. (Privacy Policy)
    Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
    AppNexusThis is an ad network. (Privacy Policy)
    OpenxThis is an ad network. (Privacy Policy)
    Rubicon ProjectThis is an ad network. (Privacy Policy)
    TripleLiftThis is an ad network. (Privacy Policy)
    Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
    Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
    Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
    Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
    ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
    Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)