I keep hearing how you can't securely wipe flash media like USB drives and NVME SSD's because of "wear leveling", but why does that matter? If I just write a file 64GB large on a 64GB flash drive isn't the data entirely wiped? It doesn't matter what order the data is written on the sectors as long as all of them get written to.

Why is this wrong? What is the proper way to securely wipe or 0 out a flash drive / ssd? Yeah yeah i know I should have been using full disk encryption but I didn't learn that until now, and I still have some HDD's/NVME's/Flash drives I want to use but want to wipe.

>>105964240 (OP)
If your 64GB flash drive isn't chink ewaste, it will actually have more than 64GB of physical flash memory on it and use the extra space to move things around so that filling it with 60 GB of stuff and then writing and erasing the remaining 4 GB a few times doesn't cause those cells to fail.

just running trim/discard over the whole drive is enough for most purposes. technically if the drive is nearly worn out and it starts reallocating sectors, the reallocated sectors may contain old data, it'd be useless if it's the kind of drive which has internal encryption, plus you can just destroy a drive that has reallocated sectors if you're worried about that since they only happen once the drive is nearly worn out anyway

>>105964240 (OP)
>how to wipe an ssd
Use secure erase.
>ssd doesn't support secure erase
Use a hammer.

>>105964240 (OP)
You have to nuke twice with 0s. Interestingly this also "defrags" them.

stop watching child porn

>security experts say use shred instead of dd on SSDs because <reasons>
>check shred source code
>it's just dd
lmao

SSDs in a nutshell: You can't be sure you're really writing anything to them because of the firmware. The only way to "securely erase" the entire thing is relying on said firmware's option to do so. In other words you can't trust the hardware. But don't feel too bad because any HDD made after about 1995 has the same problem.

In practice:
>use multiple passes of dd to write data from /dev/urandom to entire drive (at least 3 times)
>use full disk encryption
>do not use trim/discard when using full disk encryption
Done. You've done the best you can to wipe the drive and the entire thing looks like random data now. Giving you plausible deniability about its contents. Go a step further if you want and store the headers for your FDE on another external device (most people use a usb flash drive) along with the key to open them which is useless without the password you've set.

You now have something that is probably useless to anyone that isn't a state level actor.
>but how do I prevent the glow niggers from finding my collection of cute anime girls?
You don't. The device is backdoor'd multiple ways at the factory to prevent you from ever being able to do this. Also they'll just claim they found pizza on said drive and throw you in prison forever if they really want to. Or put you on indefinite hold until you fork over the password to open the encrypted drive. The law doesn't apply to them.

>>105964240 (OP)
you just format it, all the bits get zeroed on flash storage

They are over provisioned with extra space that you don't have direct access to, the wear leveling firmware will use the extra storage for continued resiliency even as some flash cells start to fail. You have no insight into how the firmware uses this unseen storage so technically you cannot be sure the data is erased, even after multiple passes.

>>105964782
Have there been any examples of data recovered from flash storage despite multiple overwrites?

If the drive is encrypted with something modern and sensible then properly deleting the partition header keys is enough to make it entirely unrecoverable

>>105964240 (OP)
Why not just full disk encrypt it now and use a hammer?

>>105964857
Full disk encryption isn't magic. If you employ it on a drive that's already had data on it. Or a drive that's never had data written to it (thus all 0s) it's very easy to see where the real data is stored, that it's encrypted data and determine various other things about the data.

Which is why you want to attempt to write randomized data to the entire drive multiple times. It hides the location, the time it was written to and makes it much harder to see if there is real data on it at all.

>>105964912
>it's very easy to see where the real data is stored, that it's encrypted data and determine various other things about the data

who cares it’s encrypted

>>105964969
>it's encrypted
No its not
>who cares
Anyone crossing a border that doesn't want to be hassled by the local glow nigger. It's the difference between
>hand over the keys and password or we'll beat you with a wrench
and
>it could just be a wiped drive best not to risk an international incident

>>105964988
>No its not
It literally is you dumb nigger, stop schooling about glowies and learn how technology works

>>105965047
>learn how technology works
Yeah your backdoor'd CPU is producing totally random data for /dev/urandom. That's why any script you write that references it will pull the same result over and over again. Not that it matters if the thing is truly encrypted or not. Considering the hardware level backdoor and the firmware you can't audit is sending anything it wants over the network at all times.

It is not like their is an entire OS you don't control running below Ring 0 or anything. Oh wait...

>>105965139
>suddenly a full-schizo scenario
I accept your concession

>>105965170
Yeah yeah just call anyone you can't argue against crazy. We know. You're paid to be here.

Can anyone explain why doing a full disk encryption then formatting wouldn't work

>>105965139
All these schizo memes but a single 0-pass was able to save tranny manning

>>105964267
>he thinks that those cheap chink USB sticks support TRIM

>>105966333
op wasn't only talking about those

>>105965248
Your first OS was Windows 10 wasn't it?
Actually scratch that, a kids Android tablet.

I physically destroy all my old storage media. Problem solved.

>>105964240 (OP)
>>>Why is this wrong? What is the proper way to securely wipe or 0 out a flash drive / ssd?
TRIM/Secure erase
That is if you believe them
The US government even when it comes to HDDs destroys them
That shows how much faith they have in encryption and wiping drives

>>105964240 (OP)
>If I just write a file 64GB large on a 64GB flash drive isn't the data entirely wiped?
only if the drive does not have spare nand, usb dingdong usually don't.
>What is the proper way to securely wipe or 0 out a flash drive / ssd?
tell the firmware to do it but even then you have to trust the firmware, there are multiple papers about breaking hdd/ssd firmware so encryption should be done at the os level with software encryption.
>Yeah yeah i know I should have been using full disk encryption but I didn't learn that until now
it's not always possible and wanted for usb devices
>and I still have some HDD's/NVME's/Flash drives I want to use but want to wipe.
don't waste too much energy on this, do a single wipe using hdparm/nvme-cli and move on

the only way you can absolutely guarantee it is to not trust the drive at all.
do only encrypted writes, and use an external header (i.e. don't write the key to that drive, use something disposable for the key). this way, even if you have an NSA-tampered drive and you're a fugitive terrorist, you're still safe if someone gets a hold of it

>>105964240 (OP)
The only secure way of wiping data is to physically destroy the drive itself.
Back in 2007 I was at seminar with the techs from OnTrack.
I ended up having a personal conversation with one of the recovery agents, he pretty much told me that for HDDs, data recovery is still possible even after a 3x DoD wipe. He explained it like mowing a lawn, you can mow all you want, but the grass will always grow back. They had methods to "grow" the data back using some properties of magnetism where in some cases, certain disk sectors are more inclined to flip their bits to one position over another and with repeated writing attempts, some end up flipping one way over 60% of the time which is enough to recovery large amounts of data.
This is used more for data analysis rather than recovery. He stated that they were able to find incriminating evidence using this method, mostly documents and partial image reconstruction. You're not getting your photos back, but they will know if you had CP or national secretes on the drive.

I believe SSDs are even more suspectable to this method as they wear significantly faster, and their non-volatile memory can hold on to older data imprints even after being written over multiple times.

I used to work for a computer recycling center, we would do 6x DoD wipes on drives, and if the drive failed to wipe, we smashed them with a hammer. It was a lot of fun

>>105968071
Delusional. I securely wipe my data by using my SSD so much that whatever I wrote last year is already long gone, and no, it's not something that I'd care about not being destroyed even if it wasn't gone.

>>105968489
>Delusional.
Says the man that disagrees with the Government's opinion on the situation and every guide for retards posted on the internet since forever.

It's kind of funny that the only thing I agree with the Government on is wiping HDDs/SSDs. Since there is really no good way to do it and the ultimate solution is fun: bash with hammer and/or use for target practice. Then throw into fire. All of those are like my favorite things.

it's only legal when trump does it

>>105964498
This is not true.

>>105968578
Well I'm not a government, I have no cp to hide.

>>105964828
None reported. But I doubt the TLAs would report their success doing this. OP, nor anybody on 4chan, has any information that the TLAs would be interested in or couldn't get through other means.

Which leaves data you don't want discovered during some legal proceedings - divorce or lawsuit. OP nor anybody on 4chan is getting divorced - they'd have to be married first.

tl;dr - OP is theory crafting

>>105965313
>Can anyone explain why doing a full disk encryption then formatting wouldn't work
You encrypt the drive before writing data to it. So any vestigial data that wear leveling might leave exposed will be encrypted anyway.

>>105964483
>do not use trim/discard when using full disk encryption
huh

>>105964240 (OP)
Literally just destroy it and buy another one, are you stupid?

>>105968615
>I have nothing to hide. Therefor I'm okay with them having everything
People like this are why we're in such a bad situation

>>105968723
Who is they, schizo? Nobody has my files.

>>105968735
>nobody has my files
lol. Slave mentality and retarded. The perfect citizen.

>>105968743
Take your meds.

>>105968768
It's pathetic you've been reduced to that so fast and it took you so long to think of it. Maybe you should reduce the intake of medication you're taking.

>>105968772
I won't take mine though.

>>105968071
>I got shitted at by a random drunk idiot
>must be true
>happened exactly like that

>>105964240 (OP)
overwrite the luks header and call it a day

>>105968659
not him, but trim/discard will leave zeroed out sections based on the layout of your filesystem, which could leak some minor information like the fact there's something on there and possibly maybe what kind of filesystem it is and definitely how much space is being used, but this is only really an issue if you want to argue the randomness isn't data at all

>>105964424
>listening to """experts""" again
lol, lmao even

>>105968964
wear leveling means it may not actually overwrite the luks header until you've written a bunch more stuff to it

>>105964424
>experts
>look inside
>youtube men
AHAHAHAHA faggot

>>105968808
Drunk idiots are responsible for leaking many NSA secrets

>>105968653
So it does work?

>>105968071
>I ended up having a personal conversation with one of the recovery agents, he pretty much told me that for HDDs, data recovery is still possible even after a 3x DoD wipe. He explained it like mowing a lawn, you can mow all you want, but the grass will always grow back. They had methods to "grow" the data back using some properties of magnetism where in some cases, certain disk sectors are more inclined to flip their bits to one position over another and with repeated writing attempts, some end up flipping one way over 60% of the time which is enough to recovery large amounts of data.
This is used more for data analysis rather than recovery. He stated that they were able to find incriminating evidence using this method, mostly documents and partial image reconstruction. You're not getting your photos back, but they will know if you had CP or national secretes on the drive

retard FUD, no government has ever recovered data from even a single 0 pass.

>>105969926
>>retard FUD, no government has ever recovered data from even a single 0 pass.
>no one in my limited speck of knowledge fits this criteria, so since I've never heard of it, it cannot exist for I know all there is to know.
government no
state actor yes
if you don't know the difference, don't worry, you don't have to for it to work. :/

>>105965170
*clink clink*
ahem...
https://www.youtube.com/watch?v=XH0F9r0siTI

>>105964261
Write 256GB to /dev/null. Your move, cuckold.

>>105971458
>government no
>state actor yes
>synonym
please go back

>>105964240 (OP)
>securely wipe
You can’t
Governments and big technology firms universally use good old physical destruction for any sensitive data

I have that same pen drive in OP's picrel if that matters.