Securely Delete Data on SSD and USB Sticks

Securely Delete Data on SSD and USB Sticks

To securely erase data on SSD, NVMe, SD cards, or USB sticks, tried and tested tools and procedures that work for conventional hard drives are not useful. SSD and NVMe work differently, and supposedly securely deleted data can be easily recovered. In this blog, we show how to securely delete data on SSDs & Co under Windows, macOS, and Linux!

First of all, very briefly: If you want to pass on an SSD, NVMe, or a computer with an SSD and securely delete your data, you need suitable tools and adapted procedures. Conventional tools, as used for normal hard disks (HDD), do not reliably delete the data on SSD! However, we show tools and procedures that work and can safely delete data on HDD and also on SSD.

Generally, erasing a complete SSD is not easy. In most cases, the SSD may not be mounted. Therefore, it is often best to boot the computer from a Linux live system and erase the SSD from there. We also show some tools in this article that can be used to erase individual files and directories even while the system is running. To delete the complete SSD, however, it is necessary to start with another operating system, but this is the same with HDD.

Conventional deletion and emptying of the recycle bin is not sufficient for SSD (and for HDD)

In this article, we show what options are available. If you delete data on storage devices using conventional methods, you only remove the address of the data in Windows. The data remains stored until the tools overwrite it, preferably several times. Simply removing files and emptying the Recycle Bin in Windows is not a safe deletion method for conventional HDDs either, and this is especially not true for SSDs.

READ:  What is Bitlocker Used For?

Deleting via the UEFI/BIOS of notebooks

A notebook manufacturer also offers the possibility to delete data in the UEFI/BIOS. These processes also work for SSD/NVMe. Dell, for example, offers this option in the “Date Wipe” section of the BIOS. However, this function is not available for all manufacturers and also not for all Dell devices.

Reliable deletion of data on SSD only works with the Secure Erase function

Securely Delete Data on SSD and USB Sticks

Besides the possibility of overwriting the data on an SSD completely multiple times, which is anything but ideal for the lifespan, data on SSDs can only(!) be reliably deleted when the SSD is reset to the factory state so to speak. The Secure Erase function, which has to be integrated in the firmware of all SSDs, ensures this. In addition to the manufacturer tools, other programs such as Parted Magic can also access this function.

In most cases, a Linux system is required for reliable SSD erasing. Here, care must be taken that the SSD to be erased is not mounted. After that, the Secure Erase function of SSD can also be accessed in Linux in the terminal via the “hdparm” tool. Connecting the SSD directly to the SATA port without any detours is also ideal. However, the tool requires some experience in Linux.

Securely erase NVMe disks on PCIe ports with nvme-cli

If disks are connected to PCIe, nvme-cli can also be used to configure and securely erase NVMe. However, this requires a current Linux distribution, for example Ubuntu 21.04 or newer.

READ:  What is WebAuthn?

SSDs protect themselves better against data deletion than HDDs – This can be a problem

The internal division of data storage is handled by the controller’s logic. In addition, there is the internal partitioning of flash storage such as SSD, USB sticks or SD cards, which do not allow direct access by the operating system, as is the case with conventional HDD. The logic tries to distribute the storage of data on SSD evenly among the memory cells. So, newly stored data does not end up where the original data was stored. Multiple overwriting does nothing and therefore does not reliably delete the data. Only the Secure Erae function is a really sensible way, but also more complex.

In some cases, SSDs also protect themselves from malware/ransomware attacks by actively preventing deletion and putting themselves into frozen mode. We have already discussed this in the previous sections. To disable the special protection mode, one of the things that help is removing the SSD’s cables and reconnecting them. Unfortunately, this doesn’t always help. Tools like “Parted Magic” can safely erase SSD and HDD. To do this, the computer is booted with a Linux system, from which data can be deleted.

However, there are more tools that can do this. In most cases, SSD manufacturers offer their own tools that can be used to customize and also optimize the SSD. These programs are also able to securely erase the data on SSD, because they have access to the Secure Erase function.

If there is an SSD installed in the system for which there is such a collection of tools, erasing the data with these tools is the easiest way. An example of this is Samsung Magician. The Kingston SSD Manager can also help, as well as the Western Digital Dashboard. For many SSDs, there are comparable tools from the manufacturer.

READ:  New Trend: Phishing via SMS

Bitraser File Eraser from Stellar for erasing SSD – also on Macs

Bitraser File Eraser from Stellar can be used to delete data on SSDs for a fee and also on Macs. The tool costs 30 euros and is available for Windows and macOS. The deletion is done via a menu, which can also securely delete data on SSD with different algorithms.

In macOS, it can also be useful to activate File Vault, then delete data, use File Vault to decrypt the disk again and then re-encrypt it. This is time-consuming but helps to securely delete data on a Mac so that it can no longer be recovered.

O&O SafeErase can also securely delete SSDs – SolidErase

The tool O&O SafeErase can also delete data for 20 Euros, even from SSD. When deleting data with O&O SafeErase, the tool also recognizes SSD and can delete individual folders and files in a resource-saving manner. For this purpose, SafeErase has the “SolidErase” function. From version 17 of O&O SafeErase, this feature can be used to apply a deletion method optimized for SSD.

Securely delete data on SSD free of charge with EaseUS Partition Master

EaseUS Partition Master is available free of charge and as a professional variant for just under 55 euros. This tool can also delete data on SSD, including the free variant. EaseUS Partition Master uses the Secure Erase function, which is included in the firmware of all SSDs. The same technique is also used by Parted Magic.

The erasing can be done in the management interface of the partition manager of EaseUS Partition Master via the context menu of a disk with “Erase data”. To safely erase the boot disk, it is necessary to remove it and connect it as an external disk or use it as another disk in another device.