Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sun 21 Sep 2014, 04:23
All times are UTC - 4
 Forum index » Off-Topic Area » Security
The security limitations of solid-state drives
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [9 Posts]  
Author Message
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11068
Location: Arizona USA

PostPosted: Tue 08 Mar 2011, 00:54    Post subject:  The security limitations of solid-state drives  

http://www.techrepublic.com/blog/security/the-security-limitations-of-solid-state-drives/5154?tag=nl.e040

Quote:
Takeaway: SSDs can offer substantial benefits in performance and reliability for at least some purposes, but encrypting data and secure data deletion are problems


Skip the first half, which is mostly regurgitated junk, some of which may even be wrong. For instance, this paragraph offers no data at all to back up its vague language:
Quote:
SSDs are subject to hard limits on how many write operations may be performed before they cease working correctly. Their capacity for longer life is constantly growing, and this will surely become (mostly) a thing of the past within the next few years, but for now use cases that require heavy writing activity may prove problematic for the lifespan of these storage devices. Some claim these days are already behind us.


Start with The security limitations of SSDs.
Back to top
View user's profile Send private message 
efiguy


Joined: 06 Sep 2006
Posts: 169

PostPosted: Wed 09 Mar 2011, 17:13    Post subject: The security limitations of solid-state drives
Subject description: wipe and r/w life
 

Hi,

- I've had great success using USB drives in the 128Mb-8Gb range,
because of the Fat system, only put dir's in the drive root, failures being mechanical in nature (clumsy).

- Two seperate security systems (memorex & Imation) have run 4 years with usb drives taking 350 average 85kb jpg snapshots over 24x7 (black roof summers-0deg winters) - reading, transfer delete selected w/verify and delete rest. Rough calculations place them at 850000 writes with as many extra reads.

- There is an interesting phenomena - many times shadows and clouds will cause the security systems to write something like +5000 files, they all appear in explorer, but only 500 or so will have data. The excess must be erased before the drive will accept new data. I am not sure if this is an XP artifact or a potential usb security risk as file name might be important clues during an undelete process, even without data.

- another 8gb (pny) runs as 8-10 webservers (avg 700mb per) has ran for 2 yrs (24x7)

- For wiping - I use an 8Gb loaded to the brim with Puppy ISO's and transfer it into the (one to be cleaned)

Puppy Power,
jay
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Wed 09 Mar 2011, 17:19    Post subject:  

Here in Sweden but most likely just rewriting stuff from Pcworld Mag or IDG News media.

They claim that the greatest security risk for firms with secret processes and company trade secrets to keep from the competitions and the industry spies are that a SSD are almost impossible to safely overwrite the info on it.

If important I can try to find the text but it is in Swedish but hopefully with names of where they got that info should I? Most likely it is the same text?
Late at nigh so maybe me turn in

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
Bruce B


Joined: 18 May 2005
Posts: 11108
Location: The Peoples Republic of California

PostPosted: Fri 11 Mar 2011, 05:16    Post subject:  

Flash,

There are people who talk about problems and problems.

I want to be informed about the problem and know the solutions.

    This leads directly to the second major security issue afflicting SSDs:
    secure deletion. Standard secure deletion software such as the Unix utility
    shred is sufficient for secure deletion on modern HDDs, but largely
    ineffective for consumer flash media storage devices.


This solution is mistaken. Shred doesn't work well when the data
won't stay still. This happens with our journaled format systems.

It it is an ext3, force mount the partition as ext2, then shred.

If you have sensitive data, copy the encrypted file to a RAM disk. Decrypt
it, use it, modify it or whatever, then encrypt it back to permanent
storage.

To wipe and restore an SSD

cfdisk /dev/foobar
note the partition structure, write down the CHS factory values

dd if=/dev/zero of=/dev/foobar
or
dd if=/dev/random of=/dev/foobar

cfdisk the device as it was from the factory

format the partition(s)

~

_________________
New! Puppy Linux Links Page
Back to top
View user's profile Send private message 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11068
Location: Arizona USA

PostPosted: Wed 30 Mar 2011, 12:11    Post subject: SSD security: the worst of all worlds  

Here is another take on SSDs and security.
Quote:
Data security on SSDs is a mess. Good luck removing data! Preserve it for digital forensics? Uh-oh. Secure erase might work, but it that good enough?

I don't understand what he's so excited about. As long as the limitations of SSDs and how they work are understood, so as not to use them inappropriately, they are superior to hard disk drives.
Back to top
View user's profile Send private message 
efiguy


Joined: 06 Sep 2006
Posts: 169

PostPosted: Wed 30 Mar 2011, 16:49    Post subject: The security limitations of solid-state drives
Subject description: The TR article
 

Hi,

- Thanks Flash, that article points (maybe) to what I've observed, that a somewhat small drive will continue to store file names, with "0" Kb data
"writing something like +5000 files" when it can only support 500
- This is hapening on a XP service pak 2 system

- Also I've used several file recover programs on solid state drives, if the drive has been used much at all, subsequently trying to recover files the luck is generally poor, not that parts can't be found, maybe some of a file.
- However, if one writes a 4Gb drive 3 times (1st half, 2nd half, midfls) from a 8Gb fully loaded drive with ISO's, only that ISO data remains (It's OK to rename them and reuse, a Max lenth file name is preferred to clear the naming database) . I keep a database of webpage random header numbers that can be "copy/paste" together for this kind of naming task.

J
Back to top
View user's profile Send private message 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15117
Location: Paradox Realm

PostPosted: Wed 30 Mar 2011, 21:58    Post subject:  

Flash as well as being Official Dog Handler
and maintaining this very forum is an advocate
of the multi-session option in Puppy.

Using a DVD as a HD gives you further security
Want to destroy your data?
Many shredders now mince DVD's.

Are solid-state drives as susceptible to electronic pulse
as normal magnetic hard drives? I should imagine so?
I hope not.

The point is that data security is often
about having and restricting access to the data
and having it in a cheap enough format to physically destroy
and having it survive unusual circumstances such as
cyber weaponry as used by super villains.
http://youtu.be/8LsxmQV8AXk

Think Puppy
Think Different

_________________
Puppy WIKI
Back to top
View user's profile Send private message Visit poster's website 
efiguy


Joined: 06 Sep 2006
Posts: 169

PostPosted: Thu 31 Mar 2011, 15:25    Post subject: The security limitations of solid-state drives
Subject description: SSD security: the worst of all worlds
 

Hi Lobster,
Flash explained his operating method within another link (Forgive me Flash as I have forgotten the link) and it is certainly a successful solution, if not an ultimate one. But you must have the equipment to do his technique.
- Here is a recent link that describes the general technique
http://www.murga-linux.com/puppy/viewtopic.php?t=65251

This is also an informative bit on (Free) "Sdelete" and general encrpytion pitfalls
http://technet.microsoft.com/en-us/sysinternals/bb897443

- For myself, when asked to do a website or security system cameras, it will generally wind up for the recipient on USB, linux or Windows. Most of my work is now developed and completed on low cost USB, and to avoid cross comtamination have developed the above procedures both to exercise new modules for early mortality and some simplistic security.

- Oh!!, BTW, enjoyed the post on special Puppies - please expand those as it really shows development "out of box" and gets folks thinking "What if??"

Have a great day
Jay
Back to top
View user's profile Send private message 
PaulBx1

Joined: 16 Jun 2006
Posts: 2308
Location: Wyoming, USA

PostPosted: Sun 24 Apr 2011, 00:27    Post subject:  

Seems like the security problems depend on there being a cleartext version of the data on the drive. Well, don't do that! Encrypt the whole drive, then there can be no cleartext there.

I have a flash drive with an encrypted pupsave and a truecrypt volume. Of course linux can't boot from a completely encrypted device, so about 1/8 of the drive is just normal ext2. Does puppy ever use this space for cleartext temp files? I'd guess no, and that if there are any temp files at all, they are in the pupsave or the truecrypt volume. Probably more likely in ram.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [9 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0759s ][ Queries: 12 (0.0082s) ][ GZIP on ]