Thursday, January 04, 2007
Can you read old data from overwritten flash memory?
It's actually analog in the sense that hard disks are analog: the physical layer stores a bunch of electrons that can vary continuously. So maybe overwrites leave you with something like 0.1s and 0.9s instead of 0s and 1s?
According to this Cambridge paper about whether you can sanitize flash memory to purge overwritten data, the answer varies wildly depending on who makes the device. Most of the attacks involved taking the chip out of the packaging. Some were easier timing or power-glitch attacks. All the attacks are getting more difficult to carry out with each new generation of flash chips.
If you're seriously worried about having old data recovered by someone you don't like, the preventive measures are way different from those you'd use on a hard disk. For example, you should write to cells before the erase cycle rather than depending on repeated erase cycles. The paper warns "From some samples, information can still be recovered after 100 erase cycles.".
It's a highly technical paper, unless you already know what Fowler-Nordheim tunneling is.
According to this Cambridge paper about whether you can sanitize flash memory to purge overwritten data, the answer varies wildly depending on who makes the device. Most of the attacks involved taking the chip out of the packaging. Some were easier timing or power-glitch attacks. All the attacks are getting more difficult to carry out with each new generation of flash chips.
If you're seriously worried about having old data recovered by someone you don't like, the preventive measures are way different from those you'd use on a hard disk. For example, you should write to cells before the erase cycle rather than depending on repeated erase cycles. The paper warns "From some samples, information can still be recovered after 100 erase cycles.".
It's a highly technical paper, unless you already know what Fowler-Nordheim tunneling is.
