Troubleshoot How do I securely wipe data on a laptop with a SSD ?

jetman

Level 10
Thread author
Verified
Well-known
Jun 6, 2017
470
Hi-

I have purchased a second hand laptop on ebay which has a SSD. I would like to make sure that the SSD is securely wiped clean before re-installing Windows 10.

The main reason I want to do this is in case the previous owner used it for criminal activities or had illegal photographs on the laptop. I'm sure they are an honest person but its better to be safe than sorry !

Usually I would use DBAN or ccleaner and do multiple over-writes of the disk. However, I understand that SSDs work differently and this method is not advised. Therefore, please could someone recommend a way in which I could ensure the previous owner's data is thoroughly erased ?

Thanks.
 

SHvFl

Level 35
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Nov 19, 2014
2,342
Dban is for hdd and not designed for an ssd. Easier way to do it is encrypt the drive with bitlocker or whatever else you wish with a random big password. When that is done boot with a windows dvd and format. Everything will be lost forever.
 
Upvote 0

bribon77

Level 35
Verified
Top Poster
Well-known
Jul 6, 2017
2,392
If you do not want to use that disk. And erase the data you might have, the best is aside from what your colleagues have told you ..
It's a drill and make a couple of holes in the middle of the disk
 
  • Like
Reactions: Sunshine-boy
Upvote 0

jetman

Level 10
Thread author
Verified
Well-known
Jun 6, 2017
470
I don't want to destroy the SSD within the laptop- I just want to make sure it is securely wiped.
Then I want to re-install Windows 10 and carry on using the laptop.

Best suggestion so far is to encrypt the drive then format it !
 
Upvote 0

codswollip

Level 23
Content Creator
Well-known
Jan 29, 2017
1,201
I would like to make sure that the SSD is securely wiped clean
It is not possible to forensically erase an SSD beyond recovery (unless it is a hardware encrypted SSD equipped compatible with secure erase... and that with caveats).
 
Upvote 0

Digerati

Level 7
Verified
Well-known
Mar 2, 2017
318
You do not "wipe" a SSD. Wear-leveling, a SSD feature to extend the lifespan of SSDs, prevents wipe programs like DBAN from effectively deleting (overwriting) every storage location. So you can wipe a hard drive and be sure every storage location is touched and overwritten, but not a SSD.

Drilling holes works for a hard drive too, but not a SSD - though admittedly, a bad guy (or government spy or law enforcement agency) would have to be REALLY REALLY interested in learning what's on that drive to spend the time and money to see what's left.

It is not possible to forensically erase an SSD beyond recovery
Sure you can - you just can't with methods used for hard drives. Parted Magic Secure Erase works on SSDs - even if not encrypted. There is also a version specifically for NVMe devices.

The fact is, ATA Secure Erase is part of the ANSI ATA specification and is built into most modern SSDs. Check your SSD maker's website.

For more info on Secure Erase, see ATA Secure Erase, this Crucial article, and this Kingston white paper.
 
  • Like
Reactions: RoboMan
Upvote 0

RoboMan

Level 34
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,399
Anything that writes unnecessary numbers on a SSD is not healthy. To start with, i'd recommend you: do not "secure wipe" or alternatives. You're gonna damage the disk, even more knowing that it's already used. Best option is: either buy a new SSD or just clean format with Windows CD/USB.

Truth is: with this normal clean format everything will be gone, and if somebody wants to recover those files he should get to you, meaning he should first have reached the previous owner, meaning you are not gonna be the one in trouble.
 
  • Like
Reactions: tonibalas
Upvote 0

Digerati

Level 7
Verified
Well-known
Mar 2, 2017
318
Anything that writes unnecessary numbers on a SSD is not healthy. To start with, i'd recommend you: do not "secure wipe" or alternatives. You're gonna damage the disk,
Do not confuse "secure wipe" with Secure Erase. As I noted above, you do not "wipe" SSDs. While unnecessary writes is not really a problem with modern SSDs, they are still unnecessary but will NOT damage the disk! The real reason you don't "wipe" a SSD is wear-leveling prevents the wipe program from touching every single storage location. Therefore you cannot be certain any previously saved data is destroyed. That's why you use a "Secure Erase" program on SSDs.
Truth is: with this normal clean format everything will be gone
Sorry, but that is totally false - especially with SSDs due to that same wear-leveling feature which will prevent unnecessary writes. Formatting simply marks spaces as available in the file tables.
 
Upvote 0

RoboMan

Level 34
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,399
Sorry, but that is totally false - especially with SSDs due to that same wear-leveling feature which will prevent unnecessary writes. Formatting simply marks spaces as available in the file tables.

Please quote the whole phrase "Truth is: with this normal clean format everything will be gone, and if somebody wants to recover those files he should get to you, meaning he should first have reached the previous owner, meaning you are not gonna be the one in trouble."

What i mean is that data will be gone on the first level. Recovery is possible but secure erase is unnecessary since the data will not be "user visible" and if anything happens he will not be the one in trouble.

As referring to the first quote you made, wear leveling is what makes sure all the drive's memory chips are used up, cell by cell, before the first cell can be written to again. This means, that on modern SSD's, larger SSD will probably last longer than smaller ones. (terms of capacity). I certainly do not understand how "modern SSD's" have no issues with unnecessary writes, since the write count is finite.
 
Upvote 0

Digerati

Level 7
Verified
Well-known
Mar 2, 2017
318
It does not change anything. With a clean format, everything will NOT be gone as you claimed - regardless who owns the drive now, or before.

If the idea is to prevent the next user from "accidentally" stumbling on any of your old data with File Explorer, a simple delete or even a format will prevent that. But if the new user attempts to "recover" any previously deleted data, or wants to see if there is anything on a "formatted" SSD, this can easily be done with any number of readily available programs. EaseUS Data Recovery is excellent for that. Remo Recover works too.

Of course, the more the new user uses the drive (HD or SSD) the less chances there will be to recover any previously stored data. But not the point here. The idea is to stop a malicious personal intentionally looking for any previously saved data.

I certainly do not understand how "modern SSD's" have no issues with unnecessary writes, since the write count is finite.
It is finite but with modern SSDs (compared to first generation SSDs) the numbers are so large, it is highly unlikely any "normal" user will ever reach that number for it will take many years to get there. This is exactly why more and more data centers are using SSDs.
 
Upvote 0

tonibalas

Level 40
Verified
Honorary Member
Top Poster
Well-known
Sep 26, 2014
2,973
Best option is: either buy a new SSD or just clean format with Windows CD/USB
These my recommendations too.
You don't have the money to buy a new ssd then just format it and you will be ok.
If you format the ssd one time it doesn't reduces the lifespan so much.
I have an ssd for 2 1/2 years and i install and uninstall software all the time.
My ssd health is 97% ;)
 
Upvote 0

Digerati

Level 7
Verified
Well-known
Mar 2, 2017
318
These my recommendations too.
Well, again, a clean format does not delete data previously saved to the disk, regardless if SSD or HD.

If you are buying a disk, what's the worry? There is none. If you are getting rid of and don't want any one else to discover any previously saved data, then you need to do a Secure Erase to be 100% certain none of your sensitive data can be recovered.

Since this thread is about receiving a second hand notebook, other than scanning for malware, I would not worry about any previously saved data.
 
Upvote 0

RoboMan

Level 34
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,399
Well, again, a clean format does not delete data previously saved to the disk, regardless if SSD or HD.

If you are buying a disk, what's the worry? There is none. If you are getting rid of and don't want any one else to discover any previously saved data, then you need to do a Secure Erase to be 100% certain none of your sensitive data can be recovered.

Since this thread is about receiving a second hand notebook, other than scanning for malware, I would not worry about any previously saved data.
That's what i've been saying since posts ago, he's recieving the disk and he's not gonna try recover any data. Plus, there are high chances that the previous owner was a cool guy, not a drug dealer. As well, if he was a drug dealer or whatsoever, he would have erased the data himself.
 
Upvote 0

NikolayfromRussia

Level 16
Verified
Top Poster
Jul 3, 2014
750
What about east-tec DisposeSecure? They say:

,,Erase hard disk data using methods that meet US Department of Defense 5220.22-M data destruction standards, but also all major military, government and industrial data destruction standards. This way, you can securely erase computer disks. You can choose from other several wiping methods that are used worldwide, such as Peter Gutmann (35 passes), Bruce Schneier, US Naval Information Systems Management Center: NAVSO P-5239-26 (RLL) US Naval Information Systems Management Center: NAVSO P-5239-26 (MFM), US Air Force System Security Instruction 5020: AFSSI-5020, Russian Federation – Federal Agency on Technical Regulating and Metrology: GOST P50739-95, The German Federal office for IT Security: German VSITR, etc.,,

I used this program about 7 years ago to wipe my hard disk. I liked a program called AdminStudio (s a single solution for application packaging, application virtualization) they granted me a 30 day full functional trial but after a trial period I wanted to use it again. But it showed me a message like ,,Your trial period expired,,. Reinstalling OS didn't fix it. I realized that a simple reinstalling OS wouldn't help me. I found a east-tec DisposeSecure program, created a bootable CD to wipe a hdd. And yes, I could use admin studio again for 30 days. But wiping process can take much time depending on wiping standard and passes used. This program is also not free but Google can help to activate it.
 
Last edited:
Upvote 0

RoboMan

Level 34
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,399
What about east-tec DisposeSecure? They say:

,,Erase hard disk data using methods that meet US Department of Defense 5220.22-M data destruction standards, but also all major military, government and industrial data destruction standards. This way, you can securely erase computer disks. You can choose from other several wiping methods that are used worldwide, such as Peter Gutmann (35 passes), Bruce Schneier, US Naval Information Systems Management Center: NAVSO P-5239-26 (RLL) US Naval Information Systems Management Center: NAVSO P-5239-26 (MFM), US Air Force System Security Instruction 5020: AFSSI-5020, Russian Federation – Federal Agency on Technical Regulating and Metrology: GOST P50739-95, The German Federal office for IT Security: German VSITR, etc.,,

I used this program about 7 years ago to wipe my hard disk. I liked a program called AdminStudio (s a single solution for application packaging, application virtualization) they granted me a 30 day full functional trial but after a trial period I wanted to use it again. But it showed me a message like ,,Your trial period expired,,. Reinstalling OS didn't fix it. I realized that a simple reinstalling OS wouldn't help me. I found a east-tec DisposeSecure program, created a bootable CD to wipe a hdd. And yes, I could use admin studio again for 30 days. But wiping process can take much time depending on wiping standard and passes used. This program is also not free but Google can help to activate it.
On my HDD i always perform secure erases, but i really find Guttman algorithm or similar unnecessary. A couple of passes will make the data unrecoverable mostly. 35 passes is a waste of time and writes. Correct me if i'm wrong. I've even contacted Data Recovery Companies to prove my point and they told me that in most cases, after 2 passes they're not able to recover any data.

EDIT: i was able to find this quote on the web:

"Gutmann himself has responded to some of these criticisms and also criticized how his algorithm has been abused in an epilogue to his original paper, in which he states:[1][2]

In the time since this paper was published, some people have treated the 35-pass overwrite technique described in it more as a kind of voodoo incantation to banish evil spirits than the result of a technical analysis of drive encoding techniques. As a result, they advocate applying the voodoo to PRML and EPRML drives even though it will have no more effect than a simple scrubbing with random data. In fact performing the full 35-pass overwrite is pointless for any drive since it targets a blend of scenarios involving all types of (normally-used) encoding technology, which covers everything back to 30+-year-old MFM methods (if you don't understand that statement, re-read the paper). If you're using a drive which uses encoding technology X, you only need to perform the passes specific to X, and you never need to perform all 35 passes. For any modern PRML/EPRML drive, a few passes of random scrubbing is the best you can do. As the paper says, "A good scrubbing with random data will do about as well as can be expected". This was true in 1996, and is still true now.

— Peter Gutmann, Secure Deletion of Data from Magnetic and Solid-State Memory, University of Auckland Department of Computer Science."
 
  • Like
Reactions: NikolayfromRussia
Upvote 0

NikolayfromRussia

Level 16
Verified
Top Poster
Jul 3, 2014
750
On my HDD i always perform secure erases, but i really find Guttman algorithm or similar unnecessary. A couple of passes will make the data unrecoverable mostly. 35 passes is a waste of time and writes. Correct me if i'm wrong. I've even contacted Data Recovery Companies to prove my point and they told me that in most cases, after 2 passes they're not able to recover any data.

Yes, I agree with you that 35 passes is time wasting. I don't know how fast this program wipes SSD but to wipe a 500 Gb hdd with 3 passes it takes about 4 hours (it also depends on standard you want wipe with). It is better to use a hammer to destroy a hdd :)
 
Upvote 0

mlnevese

Level 26
Verified
Top Poster
Well-known
May 3, 2015
1,531
If anyone is so paranoid that they decide to make a 35 pass disk scrubbing let me just say that shooting the HD a few times with a shotgun then throwing the remains in a fire will be much faster, secure and fun. ;)

Regarding the OP just format the disk and keep proof of purchase of the computer. You're not responsible for what the previous owner downloaded or recorded on it as long as you're not recovering or using it yourself
 
Upvote 0

NikolayfromRussia

Level 16
Verified
Top Poster
Jul 3, 2014
750
WTF Surely he could be a terrorist who seeks to hide his activities.
35 passes to doing wash of disk is crazy. XD

It is really can be harmful for hdd wiping it for 35 passes. As I told in my previous comment to wipe a 500 Gb hdd for 3 passes took me about 4 hours. One more thing to add I am talking about hdd with 7200 rpm if it was 5400 rpm it could take even more time. So, to run 35 passes it will take about 48 hours if I am not wrong. It is a big stress for hdd. After such wash it can be damaged.
 
Upvote 0

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top