Monkeys and Secure Erasure
Apr 13, 2010 by Ilya Levin
Recently, whenever there is a discussion about data secure erase on SSD/flash devices, I always think of the classic experiment from a psychology textbook. The one involves five monkeys in a cage and a banana.
In case, you have not heard about the experiment. It starts with five monkeys in a cage. A banana hung inside the cage with a ladder underneath. After a while, one of the monkeys will try to climb the ladder to get the banana. When it touches the ladder, all monkeys are sprayed with cold water. Next, another monkey will try to reach the banana with the same result. And so on until monkeys learn that the best way to stay dry is to prevent anyone from attempting to reach the banana.
The next stage is to exclude cold water and replace some monkey with a new one. Of course, the new monkey will try to get the banana, and the other monkeys will attack to prevent that. After few attempts, the new monkey will learn that touching the ladder is bad.
Next, replace another of the original five monkeys with a new one. The newcomer will go to the ladder and will be attacked by all the other monkeys, including the previous newcomer. Likewise, replace the original monkeys that left, one by one. Every time the newest monkey will take to the ladder and will be attacked.
After replacing the fifth monkey, none of the monkeys had ever been sprayed with cold water. They have no idea why they were not allowed climbing the ladder to get the banana. Still, no monkey ever again approaches the ladder. The reason is simple: as far as they knew, it was the way it had always been around here.
How is this relevant to secure erasure?
Well, most of so-called "security experts" are like that monkeys. They have no idea why exactly multi-pass overwrite procedures were introduced in a first place. They do not know process physics. They could not tell the difference between magnetic storage media and SSD/flash devices. They have no clue about blocks randomization. They are unaware of the limited number of writes. Yet they bluntly recommend using the same multi-pass secure erase methods for SSD/flash, just because it was the way it had always been around here.
Updated on Apr 29, 2010
Some people asked about any suitable methods for secure erasure of such devices after I posted this note. Here is one of my replies:
There is a set of SE commands for ATA devices. Send these to the device and hope the firmware shall do the rest.
If kiasu, you may first delete all files and fill the drive with a single huge file of ones before sending ATA SE commands. However, that wear levering thing makes this step 'so-so' useful. NTFS and small files make this even less useful.
Better yet, just use disk encryption. Then, whenever you want secure erase, just discard the encryption key and send ATA SE.
For a cheap flash device - just shred it and get a new one :)