Blog Blog

IDT911 is the nation’s premier consultative provider of identity and data risk management, resolution and education services.

Surprise! SSD Technology Has Antiforensic Features

Surprise! SSD Technology Has Antiforensic Features
May 12, 2011
Comments [0]

By Ondrej Krehel, Identity Theft 911

I’ve touted the benefits of fast, new solid-state drive technology (SSD) and the recent push toward hardware drive encryption more than once. Now, it seems, they might be making my job harder.

A group of Australian scientists discovered that the algorithms used to keep SSDs running in tip-top shape also destroy a host of hidden data—data that forensic investigators look for when researching drive usage and recovering forensic artifacts.

The team found that after a quick drive format the SSD began purging drive data almost immediately—a process of deep cleaning the disk or overwriting the old data with 1s and 0s. This is required for SSDs to write again, unlike magnetic media that can write new data on old data. In the researchers’ test case, only 1,064 evidence files were recoverable out of 316,666 files on the drive.

This raises a question of performance versus security. On one hand, the automatic disposal of electronic clutter could be a boon for some businesses. On the other hand, in the event of a digital attack, valuable forensic artifacts that could be used to detect computer crime could go the way of 1s and 0s.

Ultimately, you’d want both features—performance and auditable features that could help future forensic investigators. That will be the next design hurdle—build a drive system that with additional auditable features helpful in forensic investigations, or integrate them into SSD technology drivers.

I, for one, am curious to see what future might bring.

Ondrej Krehel, Chief Information Security Officer, Identity Theft 911

Ondrej has more than a decade of network and computer security experience. His expertise extends to investigations of intellectual property theft, massive deletions, defragmentation, anti-money laundering and computer hacking. He led U.S. computer security projects at Stroz Friedberg and worked in IT security at Loews Corp.

Offer 24/7 IDT911 Protection

IDT911's partnership options help you safeguard the identity and privacy of your policyholders, customers, members and employees. Discover how a customized program can help build brand loyalty, member retention, and quickly generate long-term recurring revenue.

Let's Get Started

Please complete the fields below.