Re-use SSD

Re-use SSD

[Paul van der Vlis]

Hello,

I have bought many laptops with privacy-sensitive data on /home in
ecryptfs on the SSD. And I have promised to carefull remove the data
before re-using.

What would you advice to do? Is it possible to overwrite the master key
for example? Or is it a good idea to change the passphrase in a very
long one?

With regards,
Paul van der Vlis


-- 
Paul van der Vlis Linux systeembeheer Groningen
https://www.vandervlis.nl/

Re: Re-use SSD

[Paul van der Vlis]

Hello Aron and others,

Your information is about wiping like there was no encryption, what
takes much time.

In many cases I use encryption so I don't have to wipe the disks when
they are old! But I don't know so much about ecryptfs, normally I use
dmcrypt/LUKS, where I can overwrite the volume header.

With regards,
Paul van der Vlis


Op 14-09-17 om 14:47 schreef Aron Szabo:
> Hi!
> 
> Take a look at this presentation:
> http://cseweb.ucsd.edu/~m3wei/assets/pdf/FMS-2010-Secure-Erase.pdf
> 
> And here: https://wiki.archlinux.org/index.php/Securely_wipe_disk
> 
> I would sleep well after doing this two times:
> 
>     dd if=/dev/urandom of=/dev/<drive> status=progress
> 
> After that zeroing out:
> 
>     dd if=/dev/zero of=/dev/<drive> status=progress
> 
> Yours:
> Aron
> 
> On 09/14/2017 02:32 PM, Paul van der Vlis wrote:
>> Hello,
>>
>> I have bought many laptops with privacy-sensitive data on /home in
>> ecryptfs on the SSD. And I have promised to carefull remove the data
>> before re-using.
>>
>> What would you advice to do? Is it possible to overwrite the master key
>> for example? Or is it a good idea to change the passphrase in a very
>> long one?
>>
>> With regards,
>> Paul van der Vlis
>>
>>
> 



-- 
Paul van der Vlis Linux systeembeheer Groningen
https://www.vandervlis.nl/

Re: Re-use SSD

[Martin Steigerwald]

Hello Paul.

Paul van der Vlis - 14.09.17, 14:32:
> I have bought many laptops with privacy-sensitive data on /home in
> ecryptfs on the SSD. And I have promised to carefull remove the data
> before re-using.
> 
> What would you advice to do? Is it possible to overwrite the master key
> for example? Or is it a good idea to change the passphrase in a very
> long one?

Technically you can´t really overwrite it. SSDs use Copy on Write.

Also I think the passphrase in Ecryptfs just encrypts a key used to encrypt 
the data… not the data itself.


Generic hint for securely erasing SSDs.

https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase

You rely on the SSD firmware tough. But I am not aware of another way to 
securely delete data of an SSD other than ATA Secure Erase. However ATA Secure 
Erase only is really safe for SSDs that use encryption like Intel SSD 320 (and 
many newer SSDs) as the SSD will overwrite the encryption keys. Many SSDs use 
encryption by default, without change using some default key (ideally randomly 
generated key that the manufacture then forgets… but manufacturers may just 
use same key for all SSDs with a certain firmware) key and no password for it.

Just deleting files doesn´t do much. At least run fstrim after deleting files. 
Thats still not as safe as Secure Erasing the whole device tough.

Thanks,
-- 
Martin

Re: Re-use SSD

[Martin Steigerwald]

Martin Steigerwald - 14.09.17, 15:21:
> Generic hint for securely erasing SSDs.
> 
> https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase
> 
> You rely on the SSD firmware tough. But I am not aware of another way to 
> securely delete data of an SSD other than ATA Secure Erase. However ATA
> Secure  Erase only is really safe for SSDs that use encryption like Intel
> SSD 320 (and many newer SSDs) as the SSD will overwrite the encryption
> keys. Many SSDs use encryption by default, without change using some

Hmmm, thinking about this: I am not sure about this.

Secure Erase should also safely, securely delete the device on drives that do 
not use encryptions, but it would take much longer as the individual sectors 
need to be wiped. With a drive with encryption by firmware, the firmware will 
just delete the key. With the Intel SSD 320 this took… hmm a few seconds, 
definately less than a minute.

It of course always wipes the complete device.

Thanks,
-- 
Martin

Re: Re-use SSD

[Paul van der Vlis]

Op 14-09-17 om 15:21 schreef Martin Steigerwald:
> Hello Paul.
> 
> Paul van der Vlis - 14.09.17, 14:32:
>> I have bought many laptops with privacy-sensitive data on /home in
>> ecryptfs on the SSD. And I have promised to carefull remove the data
>> before re-using.
>>
>> What would you advice to do? Is it possible to overwrite the master key
>> for example? Or is it a good idea to change the passphrase in a very
>> long one?
> 
> Technically you can´t really overwrite it. SSDs use Copy on Write.
> 
> Also I think the passphrase in Ecryptfs just encrypts a key used to encrypt 
> the data… not the data itself.
> 
> 
> Generic hint for securely erasing SSDs.
> 
> https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase

This is what I am doing now. The SSD's I've tried are normally freezed,
but after awaking from suspend-to-ram not anymore.

It looks complex, but it's fast and doable. But indeed not nice to rely
on the firmware of the SSD...

What I would like are stupid-SSD's without a controller, where the
filesystem does everything. Or a SSD with open source controller firmware.

With regards,
Paul





-- 
Paul van der Vlis Linux systeembeheer Groningen
https://www.vandervlis.nl/

Re: Re-use SSD

[Martin Steigerwald]

Paul van der Vlis - 22.09.17, 12:43:
> Op 14-09-17 om 15:21 schreef Martin Steigerwald:
> > Hello Paul.
> > 
> > Paul van der Vlis - 14.09.17, 14:32:
> >> I have bought many laptops with privacy-sensitive data on /home in
> >> ecryptfs on the SSD. And I have promised to carefull remove the data
> >> before re-using.
> >> 
> >> What would you advice to do? Is it possible to overwrite the master key
> >> for example? Or is it a good idea to change the passphrase in a very
> >> long one?
> > 
> > Technically you can´t really overwrite it. SSDs use Copy on Write.
> > 
> > Also I think the passphrase in Ecryptfs just encrypts a key used to
> > encrypt
> > the data… not the data itself.
> > 
> > 
> > Generic hint for securely erasing SSDs.
> > 
> > https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase
> 
> This is what I am doing now. The SSD's I've tried are normally freezed,
> but after awaking from suspend-to-ram not anymore.
> 
> It looks complex, but it's fast and doable. But indeed not nice to rely
> on the firmware of the SSD...
> 
> What I would like are stupid-SSD's without a controller, where the
> filesystem does everything. Or a SSD with open source controller firmware.

Yep.

Open Channel SSDs. But well, I never seen anything like that for laptops or 
other kind of consumer hardware.

Then add to it Coreboot or even Libreboot.

This ThinkPad T520 still has Intel Crapware^W Management Engine on it. I 
disabled it in the firmware settings… but… I know it can be removed meanwhile… 
but as it is not my laptop, I just update the BIOS/UEFI firmware once in a 
while. But there are rarely any new updates. So I bet that TCP/IP stack in IME 
has a ton of unfixed security issues by now.

Free hardware… thats the next revolution!

Thanks,
-- 
Martin