crwdns2936637:0crwdne2936637:0 crwdns2853008:0crwdne2853008:0 crwdns2918746:0crwdne2918746:0

crwdns2944351:0crwdnd2944351:0How to safely and securely destroy data on SSDs and memory stickscrwdnd2944351:0crwdne2944351:0

crwdns2933797:0Servausecrwdnd2933797:0crwdne2933797:0

crwdns2936043:0crwdne2936043:0 crwdns2933505:0crwdne2933505:0 Servause

crwdns2933769:0crwdne2933769:0
crwdns2933771:0crwdne2933771:0
crwdns2933801:0crwdne2933801:0
Introduction
Data destruction on hard drives is comparatively easy, either by overwriting (though this may take a long time) or more securely by physical destruction. However, with solid state disks (SSDs) and memory sticks, physical destruction is the only safe method.
Unlike a hard disk, an SSD cannot overwrite data without first erasing any previously written data - a comparitively slow process which can only be applied to quite large blocks of memmorymemory at a time. So to achieve an acceptable speed, new data is written to a fresh data block, the SSD controller keeping an index of where it has stored what data. The old data remains until the SSD has determined that none of the data in the data block (perhaps parts of several different files) is still required. Only then is the entire block erased and released for reuse.
As a result, old copies of data are likely to persist in memory cells that you can’t directly access, except with forensic tools. At some time this old data will be cleared and the memory cells made available for reuse, though heavily used and no longer reliable data blocks will eventually be permanently retired and never cleared.
You can use the ATA Secure Erase command (implemented by the freeware [link|https://cmrr.ucsd.edu/resources/secure-erase.html|Secure Erase|new_window=true] utility) to securely erase data on an SSD. This tells the SSD to erase all the data on the drive, including any data that may be hidden or inaccessible, such as in retired blocks. However, there have been suggestions from government security agencies that ATA Secure Erase is not properly implemeted on all hard disks and SSDs, and there's no easy way to tell.
The smart thing to do is to enable encryption before you write any sensitive data, then all you have to do is change the key to something totally random and destroy any record of it, and no one will be able to recover your data. On Windows, you can use Bitlocker, or FileVault on Macs. You can use either of those on memory sticks, or Veracrypt, which also works on Linux. You should always encrypt your memory sticks as they are so easily lost.
If you were looking to destroy data on a HDD, take a look at my companion guide here [guide|140673]