|
|
|
|
|
|
by masklinn
3681 days ago
|
|
|
> Instead, use fstrim to have the disk reclaim all free space. After that it's supposed to be impossible to recover. That's not quite true. TRIM simply tells the SSD that the corresponding block is not in use anymore, it doesn't tell the SSD what to do with it. The controller will usually unmap the physical block and schedule it for erasure but usually not erase it immediately unless it doesn't have any free block to remap. And it will return zeroes if the block is read. The data is recoverable at that point (until the block is actually erased) and can remain so for a fairly long time[0] if the attacker can either bypass the SSD controller or can physically access the raw flash memory. [0] depending on storage pressure and the exact make and recycling strategy of the SSD |
|
|