How To Securely Erase Your SSD Without Destroying It
Solid state drives are frequently referred to as the best upgrade you can make to your PC. Trading off disk space for speed is an increasingly popular option, but just like USB sticks and SD memory cards, SSDs can only be written to a limited number of times.
This presents some interesting problems, particularly when it comes to erasing data (and doing so securely). Tools like Darik’s Boot and Nuke are not only ineffective, their write-intensive nature can vastly reduce performance and shorten SSD drive life.
Don’t get it wrong, securely erase your SSD the right way (if you even need to at all).
Only Do This If You Have To
Generally speaking, you should never have to perform any maintenance on your solid state drive. Such storage media has been designed with self-sufficiency in mind, using a series of algorithms and failsafes put in place to both maximise drive life and ensure data is properly discarded. The first protection comes in the form of wear levelling, designed to evenly distribute stored data between SSD blocks to ensure even wear.
As a reminder, traditional hard drives store files in physical locations on a magnetic platter, which is then indexed in the file system and accessed using a mechanical arm – a very linear way of doing things. While SSDs also use file systems to communicate data storage locations to the host system, they independently re-shuffle data for wear levelling. Those changes are recorded on a separate map. In other words, SSDs do not use any physically indexable locations, and software cannot specifically target sectors on the disk. Basically, your computer has no way of telling “where” that information was just copied to.
To comply with wear levelling, the SSD must constantly move data around the drive to ensure all blocks are worn at an equal rate. Using a secure “file shredder” to overwrite a specific file or folder many numbers of times is not going to work, because the drive writes all new incoming data to various different blocks, depending on its needs. Only the drive knows where this data is written, so secure deletion tools actually harm SSDs by performing an unnecessary number of additional writes.
You’re probably wondering how data is ever deleted from an SSD, particularly if data is constantly moved. Thankfully the TRIM command is designed to solve such a conundrum by marking blocks of data the drive no longer considers in use to be wiped internally. Simply put, your discarded data will eventually vanish into thin nothing and be irretrievable, but only your drive really knows when that will be.
For a much more detailed look at TRIM and garbage collection you should read Matt Smith’s article exploring the usefulness of TRIM on modern SSDs.
It’s also worth remembering that these drives often use a small amount of unallocated space as a buffer for moving data around, which you’re very unlikely to be able to access. This would technically mean data remains on a drive even after it has been securely erased.
Securely Erasing An SSD
Fortunately it is possible to erase most SSDs, though this is closer to a “reset” than a wipe. The “ATA Secure Erase” command instructs the drive to flush all stored electrons, forcing the drive to “forget” all stored data. This command essentially resets all available blocks to the “erase” state, which is what TRIM uses for garbage collection purposes.
This command does not actually write anything to the drive. Instead it causes the SSD to apply a voltage spike to all available NAND in unison, resetting every available block of space in one operation. By doing this, you will use one whole program-erase cycle for your drive – a small dent in drive life, but still unnecessary unless you’re troubleshooting.
Secure Erase Using Manufacturer Software
Most manufacturers supply software for their solid state drives in order to update firmware and perform tasks like secure erase. While it’s impossible for us to check every manufacturer, we’ve made a list of available downloads for major brands below.
While this is the first place we’d recommend you go, this won’t always work as you’ll often need to run the software in Windows (and you probably installed Windows to your SSD). You might also find that your manufacturer hasn’t implemented the “ATA Secure Erase” command into their software, yet. In this case, try the next step.
Secure Erase Using Parted Magic
We’ve covered Parted Magic in the past – it’s a veritable box of tricks. Before it was swallowed up by Symantec, Partition Magic made all kinds of functions that previously required long command lines easy. Parted Magic does the same, except it’s a whole Linux distribution and it now costs $4.99.
The project was free in the past, but users selling pre-loaded USB sticks on eBay and dwindling donations prompted the project’s leader to place the files behind a paywall. Still, $5 to restore your SSD to “factory fresh” levels of performance isn’t a huge ask:
- Download Parted Magic and create a mountable USB drive using Unetbootin.
- Boot the drive and choose option 1, Default Settings.
- Once booted head to Start (bottom left) > System Tools > Erase Disk.
- Choose the “Internal:Secure Erase command writes zeroes to entire data area” option, then confirm the drive you want to erase on the next screen.
- If you are told your drive is “frozen”, you will need to click the Sleep button and repeat this process until you can proceed further. If your drive indicates a password requirement, leave the password as “NULL”.
- Confirm that you have read and understand the risks, hit Yes to erase your drive.
The erase process takes a matter of seconds, then you’re done.
A Word For Mac Users
According to forum chatter, Parted Magic works just fine on a Mac – provided you can get it to boot in the first place. While Macs can boot operating systems from USB drive, it’s notoriously difficult to get right. If your Mac SSD has a problem and it’s under warranty, it’s much easier to let Apple deal with it – even if it’s just a software problem.