Re: Re-use SSD - Paul van der Vlis

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Paul van der Vlis <paul@vandervlis.nl>
To: ecryptfs@vger.kernel.org
Subject: Re: Re-use SSD
Date: Fri, 22 Sep 2017 12:43:42 +0200	[thread overview]
Message-ID: <oq2pgm$jkv$1@blaine.gmane.org> (raw)
In-Reply-To: <1882558.NIKn6SUjoV@merkaba>

Op 14-09-17 om 15:21 schreef Martin Steigerwald:
> Hello Paul.
> 
> Paul van der Vlis - 14.09.17, 14:32:
>> I have bought many laptops with privacy-sensitive data on /home in
>> ecryptfs on the SSD. And I have promised to carefull remove the data
>> before re-using.
>>
>> What would you advice to do? Is it possible to overwrite the master key
>> for example? Or is it a good idea to change the passphrase in a very
>> long one?
> 
> Technically you can´t really overwrite it. SSDs use Copy on Write.
> 
> Also I think the passphrase in Ecryptfs just encrypts a key used to encrypt 
> the data… not the data itself.
> 
> 
> Generic hint for securely erasing SSDs.
> 
> https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase

This is what I am doing now. The SSD's I've tried are normally freezed,
but after awaking from suspend-to-ram not anymore.

It looks complex, but it's fast and doable. But indeed not nice to rely
on the firmware of the SSD...

What I would like are stupid-SSD's without a controller, where the
filesystem does everything. Or a SSD with open source controller firmware.

With regards,
Paul





-- 
Paul van der Vlis Linux systeembeheer Groningen
https://www.vandervlis.nl/

next prev parent reply	other threads:[~2017-09-22 10:43 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-09-14 12:32 Re-use SSD Paul van der Vlis
     [not found] ` <f34084a3-159d-e580-d199-ecf6acf345ff@aron.ws>
2017-09-14 13:03   ` Paul van der Vlis
2017-09-14 13:21 ` Martin Steigerwald
2017-09-14 13:38   ` Martin Steigerwald
2017-09-22 10:43   ` Paul van der Vlis [this message]
2017-09-22 11:27     ` Martin Steigerwald

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='oq2pgm$jkv$1@blaine.gmane.org' \
    --to=paul@vandervlis.nl \
    --cc=ecryptfs@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.