Security Market Segment LS
Wednesday, 26 June 2013 15:39

SSD data recovery “Everything or nothing”

By

Data recovery has become harder with the advent of hardware encrypted, solid-state drives (SSD). The chances of recovery are far worse than playing Russian roulette.

Interview with Adrian Briscoe, general manager Kroll Ontrack for the Asia Pacific region

“SSD drives may be faster but they can be deadly if they are hardware encrypted and data is erased. iPhone 5 and iPad for example have encryption and the chance of recovery is almost nil,” he said.

Encrypted is the key word. There are two main types. The first is self-encrypting (SED) or AES hardware via an inline chip in the storage interface (like the iPhone). The other is software encrypted via a program like Truecrypt .

“For the hardware encryption, we have no way to recover data. For software encryption, we can usually access the key and that gives higher recovery odds. If you think you will need recovery do not use hardware encryption” he suggested.

Adrian told an interesting story “There are three main manufacturers of the traditional ‘SATA interface’ hard disk drives (HDD) – Western Digital, Seagate, and Toshiba. We can obtain spare parts to resurrect most of these in a cleanroom as they all conform to the universal standard. Even if a drive is non-functional, we can rebuild it and recover most, if not all data” he said.

“By comparison there are about 200 manufacturers of SSD drives. It is as simple as surface mounting flash memory on a controller card and the same equipment that makes toaster boards one day can be making SSD the next” Adrian said.

“The tried and true ATA standards don’t apply with each SSD manufacturer doing their own thing especially where SSD are surface mounted on the tablet and smartphone motherboards using a variety of interfaces and encryption.

Another issue is that data is not stored sequentially as it is on a HDD and SSD recovery is about painstakingly reassembling the data from millions of locations.

Adrian spoke about the vast difference between SSD memory chips in use. “Cheap SSD uses TLC (triple level cell), MLC (Multi level cell), eMLC (Enterprise MLC) but SLC (single level cell) is best and most expensive. Adrian points out that TLC based storage costs less than 25% of SLC but few consumers are aware of what they are buying.

“SLC has a theoretical endurance life of just over 6 years, eMLC about 2 years and MLC about 1 year. I won’t even predict the endurance life of TLC” he said. Adrian added that in data critical situations even traditional HDD’s must be replaced every few years despite having longer meantime between failure ratings.

Adrian’s advice is that if you use an SSD for mission critical purposes backup must be regular – the frequency of which depends on how it affects your business. “A financial company may need transactional level backup whereas a small business may get way with daily, weekly or even monthly backup” he said.

He was critical of the cost and speed of cloud backup but like all things admits it will get cheaper and ubiquitous. “I look forward to the day we don’t have to play ‘hero’ in recovering someone’s irreplaceable photos or corporate data – it will all be in the cloud” he said. In the meantime SSD has just made it that much harder.

While Kroll Ontrack is mainly concerned with data recovery, Adrian had some tales about sanitising HD and SSD especially if you are selling them or moving them on to other users.

 Kroll OnTrack bought a second-hand laptop, rack mount server, and iPhone from the internet. The vendors claimed each had been properly sanitised (wiped).

 “The iPhone contained personal text messages and images that had not been erased before it was offered online. While the server and laptop drives had been erased, the server had approximately 55GB of recoverable data in more than 70,000 files. It belonged to a financial services company” he said.

Kroll Ontrack perform secure erasure at a company’s premises or data centre and there is much more to it than deleting files and reformatting the drive. Adrian says that a HDD needs to be erased first using a certified program, then preferably degaussed (demagnetised) using special degaussing tool and in some case drill holes in the hard disk drive.

"SSD erasure will invariably leave about 10% of the data recoverable despite subjecting it to a DoD standard erasure” Adrian said. Format and deletion of the partition is no barrier to almost full recovery and currently most SSD’s require chips to be crushed to be sure.

Read 10688 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here

SONICWALL 2022 CYBER THREAT REPORT

The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Ransomware
Cryptojacking
Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.

GET REPORT!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments