Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 21 Mar 2022 21:39:05 -0400
From:      grarpamp <grarpamp@gmail.com>
To:        freebsd-security@freebsd.org
Cc:        freebsd-questions@freebsd.org
Subject:   Re: SSD erase question
Message-ID:  <CAD2Ti2-_oh_bvkntiPJLDk-Xhu1t%2BxRU7kSHGPu7H-YbPQfELw@mail.gmail.com>
In-Reply-To: <274c8cca-80b0-9460-6754-6bb77efbb4dd@htwsaar.de>
References:  <274c8cca-80b0-9460-6754-6bb77efbb4dd@htwsaar.de>

next in thread | previous in thread | raw e-mail | index | archive | help
On 3/21/22, Damian Weber <dweber@htwsaar.de> wrote:
> https://lists.freebsd.org/archives/freebsd-security/2022-March/000022.html
> I'd like to have an answer on a secure FreeBSD way to erase
> SSDs before giving these away to someone for reusing it.

https://lists.freebsd.org/archives/freebsd-security/2022-January/000013.html

All data storage devices are completely untrustworthy
closed source opaque black box blobs, nor will any
insurer write a policy over, nor any manufacturer indemnify,
those products keying / erasure / inaccessibility claims.

If you want at least some level of opensource verifiable
independent "secure erase" function you have to
integrate the crypto of 4 below before using the drive...

1) Buy drive [1]
2) Apply drive hardware based encryption
3) dd if=/dev/random of=drive bs=1m
4) Apply OS based full disk encryption
5) Use drive
6) Destroy OS FDE keys
7) dd if=/dev/random of=drive bs=1m
8) Run drive hardware based blackening and/or sanitization
9) Reuse, or destroy, or release if desired

2,8) Many storage devices do not offer embedded
hardware encryption, and many users don't use it, some
users use it in composition with the OS FDE (4) since
OS's are unaudited and change, nor are opensource
crypto algos guaranteed either. And there have been
some news of instances where hardware crypto and/or
wipe were broken thus recoverable. Defense in depth.

As always... not your keys, not your crypto...
https://www.youtube.com/watch?v=IwP1DOHYLaE  nyknyc

[1] Via secure and/or anon channels as desired to
avoid interception backdooring by various actors,
this is realworld and in the news since years.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAD2Ti2-_oh_bvkntiPJLDk-Xhu1t%2BxRU7kSHGPu7H-YbPQfELw>