Documentation: Sata and SAS SSD support
Opened this issue · 1 comments
Issue
The current documentation does not outline the state of features regarding the process of sanitising SSDs (neither SAS / SCSI nor Sata). Information is scattered across multiple issues leaving a lot of unclarity.
Therefor I pose following questions to later on produce a merge request against the current documentation and where necessary and (if desired) evaluate the sponsoring for the closing eventual gaps in functionality by our organisation.
- Can SSDs currently be wiped with the same degree of security as rotating disks?
- If not, what are the information lacking?
- Plenty of manufacturers offer Linux Tools for sanitisation of SSDs, are those currently utilized?
- Should manufacturer tools be implemented if the are provided in a Linux version?
- If manufacturer tools should not be implemented what is the reasoning behind it?
Background
SSDs have been a dramatically growing segment within the storage technology space posing new challenges to the sanitisation of storage media when reaching end of life events. Particular challenges are caused by the fact that control over data allocation on the disk is left to intransparent controllers and / or firmwares. Some manufacturers do provide sanitisation tools for linux, while others do not.
By 2022 the situation was following:
| Manufacturer | Marketshare | Wipe Tool |
|---|---|---|
| Samsung | 53.60% | Samsung DC Toolkit 2.1 |
| Intel | 15.20% | Solidigm™ Storage Tool |
| Western Digital / Sandisk | 7.30% | N/A (supports SAS / SCSI format unit command) |
| SK Hynix | 8.60% | Unconfirmed for Linux |
| Kioxia | 7.10% | Unconfirmed for Linux |
| Micron | 5.60% | Unconfirmed for Linux |
| Kingston | 0.20% | Unconfirmed for Linux |
| Others | 2.40% | N/A |
The increase of usage of directly PCI attached storage technologies such as NVME and the growing market share of large size SSD s make lack of documentation and control over sanitisation an ever increasing vector of attack for data theft. Many companies rely therefor on physical destruction (eg shredding) to avoid missuse, but plenty are not sufficiently informed about the neccessaty to approach data sanitisation differently on solid state disks.
Notes
This issue has been crossposted to nwipe.
Anybody that would like to add to this discussion, please can you comment on the nwipe issue linked below, so we can keep the comments in the same thread. Thanks.