From nobody Mon Mar 21 20:59:13 2022 X-Original-To: freebsd-security@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 0FEF01A1BAD0 for ; Mon, 21 Mar 2022 20:59:21 +0000 (UTC) (envelope-from dweber@htwsaar.de) Received: from thyone.hiz-saarland.de (thyone.hiz-saarland.de [134.96.7.232]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4KMn6c1VwGz4q1Q for ; Mon, 21 Mar 2022 20:59:20 +0000 (UTC) (envelope-from dweber@htwsaar.de) Received: from localhost (localhost [127.0.0.1]) by thyone.hiz-saarland.de (Postfix) with ESMTP id 192CA405FC88 for ; Mon, 21 Mar 2022 21:59:19 +0100 (CET) Received: from thyone.hiz-saarland.de ([127.0.0.1]) by localhost (thyone.hiz-saarland.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u7UIUhkXEMad for ; Mon, 21 Mar 2022 21:59:17 +0100 (CET) Received: from htw-mail.htwsaar.de (htw-mail.htw-saarland.de [134.96.210.140]) by thyone.hiz-saarland.de (Postfix) with ESMTPS for ; Mon, 21 Mar 2022 21:59:17 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by htw-mail.htwsaar.de (Postfix) with ESMTP id D60C08031DA for ; Mon, 21 Mar 2022 21:59:15 +0100 (CET) X-Quarantine-ID: X-Virus-Scanned: amavisd-new at htw-mail.htwsaar.de Received: from htw-mail.htwsaar.de ([127.0.0.1]) by localhost (htw-mail.htwsaar.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MCZAZhoUXasw for ; Mon, 21 Mar 2022 21:59:12 +0100 (CET) Received: from isl-dw.htw-saarland.de (isl-dw.htw-saarland.de [134.96.218.251]) by htw-mail.htwsaar.de (Postfix) with ESMTPS for ; Mon, 21 Mar 2022 21:59:12 +0100 (CET) Date: Mon, 21 Mar 2022 21:59:13 +0100 (CET) From: Damian Weber To: freebsd-security@freebsd.org Subject: Re: SSD erase question In-Reply-To: Message-ID: References: <274c8cca-80b0-9460-6754-6bb77efbb4dd@htwsaar.de> <1ACC7A67-BDBA-4CD3-87EC-822C38CD7CE7@gmail.com> List-Id: Security issues List-Archive: https://lists.freebsd.org/archives/freebsd-security List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="3258863753-675410087-1647896353=:58805" X-Rspamd-Queue-Id: 4KMn6c1VwGz4q1Q X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of dweber@htwsaar.de designates 134.96.7.232 as permitted sender) smtp.mailfrom=dweber@htwsaar.de X-Spamd-Result: default: False [-2.30 / 15.00]; RCVD_TLS_LAST(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:134.96.7.0/24]; MIME_GOOD(-0.10)[multipart/mixed,text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-security@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.00)[-1.000]; DMARC_NA(0.00)[htwsaar.de]; NEURAL_HAM_SHORT(-1.00)[-1.000]; CTYPE_MIXED_BOGUS(1.00)[]; MLMMJ_DEST(0.00)[freebsd-security]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+]; ASN(0.00)[asn:680, ipnet:134.96.0.0/16, country:DE]; RCVD_COUNT_SEVEN(0.00)[7]; MID_RHS_MATCH_FROM(0.00)[] X-ThisMailContainsUnwantedMimeParts: N This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --3258863753-675410087-1647896353=:58805 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8BIT > camcontrol security -s anypass -e anypass -y ada[X] Thanks to all who answered to my question, I'll stick with camcontrol, having dc3dd as a second option in mind. Best wishes, Damian On Mon, 21 Mar 2022, Royce Williams wrote: > Date: Mon, 21 Mar 2022 18:26:25 > From: Royce Williams > To: freebsd-security@freebsd.org > Subject: Re: SSD erase question > > Even multi-pass overwrite of SSDs is not a sufficient purge, due to how > writing is distributed / optimized on SSDs. So  dd / dc3dd is insufficient. > Only invoking the on-controller ATA Secure Erase / sanitize command (using > 'camcontrol security -e' as Eugene said elsewhere in the thread) is the > validated[1] method: > >     camcontrol security -s anypass -e anypass -y ada[X] > > This also happens to be much faster than an overwrite, because it's > implemented as "encrypt the entire medium with a random key, then discard > the key". > > 1. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-88r1.p > df, p. 36, Table A-8 > > --  > Royce > > > On Mon, Mar 21, 2022 at 7:19 AM Sam Ricchio wrote: > On and SSD if you have erased everything ssd ?garbage collection? > should help you if the drive it powered on. > But if you want to overwrite the drive > A simple overwrite with a text pattern with dc3dd. > dc3dd wipe=/dev/sdb tpat=nothingtoseehere > However if you are still worried that some controller optimization is > interfering > with and actual memory location overwrite.  Go old school with dd and > write > a file of random to the existing file system until it runs out of > space. > dd if=/dev/urandon of=garbagetxtfile.txt > > > > > On Mar 21, 2022, at 7:14 AM, Damian Weber wrote: > > > Hi all, > > I'd like to have an answer on a secure FreeBSD way to erase > SSDs before giving these away to someone for reusing it. > > Is the following enough to protect confidential data > previously stored there? > > 1)  dd : overwriting with random bits (complete capacity) > 2)  gpart create > 3)  gpart add > 4)  newfs > > Details for an example with /dev/ada1 see below. > > Thanks a lot, > >   Damian > > > # fdisk ada1 > ******* Working on device /dev/ada1 ******* > parameters extracted from in-core disklabel are: > cylinders=484521 heads=16 sectors/track=63 (1008 blks/cyl) > > Figures below won't work with BIOS for partitions not in cyl 1 > parameters to be used for BIOS calculations are: > cylinders=484521 heads=16 sectors/track=63 (1008 blks/cyl) > > Media sector size is 512 > Warning: BIOS sector numbering starts with sector 1 > Information from DOS bootblock is: > The data for partition 1 is: > sysid 238 (0xee),(EFI GPT) >    start 1, size 488397167 (238475 Meg), flag 0 >        beg: cyl 0/ head 0/ sector 2; >        end: cyl 1023/ head 255/ sector 63 > The data for partition 2 is: > > The data for partition 3 is: > > The data for partition 4 is: > > > # gpart show ada1 > =>       40  488397088  ada1  GPT  (233G) >         40       1024     1  freebsd-boot  (512K) >       1064  480246784     2  freebsd-ufs  [bootme]  (229G) >  480247848    8149280     3  freebsd-swap  (3.9G) > > # dd if=/dev/random of=/dev/ada1 bs=512 count=488397088 > > # gpart create -s gpt ada1 > > # gpart add -t freebsd-ufs ada1 > > # newfs -U /dev/ada1p1 > > > > > --3258863753-675410087-1647896353=:58805--