Re: Re-use SSD

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


Hello Paul.

Paul van der Vlis - 14.09.17, 14:32:
> I have bought many laptops with privacy-sensitive data on /home in
> ecryptfs on the SSD. And I have promised to carefull remove the data
> before re-using.
> What would you advice to do? Is it possible to overwrite the master key
> for example? Or is it a good idea to change the passphrase in a very
> long one?

Technically you can´t really overwrite it. SSDs use Copy on Write.

Also I think the passphrase in Ecryptfs just encrypts a key used to encrypt 
the data… not the data itself.

Generic hint for securely erasing SSDs.

You rely on the SSD firmware tough. But I am not aware of another way to 
securely delete data of an SSD other than ATA Secure Erase. However ATA Secure 
Erase only is really safe for SSDs that use encryption like Intel SSD 320 (and 
many newer SSDs) as the SSD will overwrite the encryption keys. Many SSDs use 
encryption by default, without change using some default key (ideally randomly 
generated key that the manufacture then forgets… but manufacturers may just 
use same key for all SSDs with a certain firmware) key and no password for it.

Just deleting files doesn´t do much. At least run fstrim after deleting files. 
Thats still not as safe as Secure Erasing the whole device tough.

To unsubscribe from this list: send the line "unsubscribe ecryptfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at

[Index of Archives]     [Linux Crypto]     [Device Mapper Crypto]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux