On Thu, Jan 29, 2015 at 8:54 AM, Richard Stovall <[email protected]> wrote: > I recently had to return a personal laptop for replacement and could not > find a method for securely erasing its SSD.
Define "secure". Personally, for most data, I'd be content with executing a TRIM command over the entire disk. > I came upon the idea of encrypting the entire drive as one way of virtually > guaranteeing that data could not be recovered. This is the preferred approach in general. By encrypting all your data up-front, before it's ever written to disk, all you need to do is destroy the key, and now the blocks on disk cannot be recovered. (Or, more precisely, they're as safe as the encryption implementation makes them.) However, this is only full-proof if you do it in advance. Doing it after the fact is the same as doing any other kind of overwrite -- it may leave data behind in relocated sectors, protected areas, or other magic locations. > What are others doing in this regard? DoD still says disks with classified information must by physically destroyed. > PS Steve Gibson is good for something after all! > https://www.grc.com/misc/truecrypt/truecrypt.htm The fact that Gibson says TrueCrypt is still trustworthy makes me trust it less. -- Ben
