From nobody Tue Mar 22 00:14:36 2022 X-Original-To: freebsd-security@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 282E81A08ED1 for ; Tue, 22 Mar 2022 00:14:44 +0000 (UTC) (envelope-from rfg@tristatelogic.com) Received: from outgoing.tristatelogic.com (segfault.tristatelogic.com [69.62.255.118]) by mx1.freebsd.org (Postfix) with ESMTP id 4KMsS30SqBz3wXs for ; Tue, 22 Mar 2022 00:14:43 +0000 (UTC) (envelope-from rfg@tristatelogic.com) Received: by segfault.tristatelogic.com (Postfix, from userid 1237) id 7F9874E6E5; Mon, 21 Mar 2022 17:14:36 -0700 (PDT) From: "Ronald F. Guilmette" To: Eugene Grosbein cc: Damian Weber , freebsd-security@freebsd.org Subject: Re: SSD erase question In-Reply-To: <12d76150-d3e8-a31b-c67d-c9c8e0a9bb12@grosbein.net> List-Id: Security issues List-Archive: https://lists.freebsd.org/archives/freebsd-security List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <40188.1647908076.1@segfault.tristatelogic.com> Content-Transfer-Encoding: quoted-printable Date: Mon, 21 Mar 2022 17:14:36 -0700 Message-ID: <40189.1647908076@segfault.tristatelogic.com> X-Rspamd-Queue-Id: 4KMsS30SqBz3wXs X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of rfg@tristatelogic.com designates 69.62.255.118 as permitted sender) smtp.mailfrom=rfg@tristatelogic.com X-Spamd-Result: default: False [-1.33 / 15.00]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[tristatelogic.com]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_SPAM_MEDIUM(0.24)[0.240]; TO_MATCH_ENVRCPT_SOME(0.00)[]; MID_RHS_MATCH_FROMTLD(0.00)[]; NEURAL_HAM_SHORT(-0.27)[-0.273]; MLMMJ_DEST(0.00)[freebsd-security]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:14051, ipnet:69.62.128.0/17, country:US] X-ThisMailContainsUnwantedMimeParts: N In message <12d76150-d3e8-a31b-c67d-c9c8e0a9bb12@grosbein.net>, you wrote: >First, there is a command trim(8) that is easier to use but it gives no g= uaran >tee of "secure erase" in TRIM. >Second, there is "camcontrol security -e" for secure erase, see camcontro= l(8) = >manual page, EXAMPLES section. This is the guide I follow when doing secure erase on drives generally under Linux: https://grok.lsu.edu/article.aspx?articleid=3D16716