Author Topic: At what point would a flash storage chip data actually damaged beyond recovery?  (Read 1302 times)

0 Members and 1 Guest are viewing this topic.

Offline cejobaTopic starter

  • Regular Contributor
  • *
  • Posts: 85
  • Country: us
Hi friends.
Before I dispose an used phone or tablet, I always physically destroy the NAND chip inside it (If it don't have disk encryption). During the process I often wonder, do I actually need to hammer/cut it one more time?
For example, is there any difference in change of data recovery, if I only crack a corner, or cut it in half, or even shatter in pieces, or burn with fire?
Of course in any case it won't be possible to read the content in normal ways, but is it possible to read it using some special sensor... Maybe a electron microscope?
I'm not a mad man, just found this thing interesting to think about, so I want to hear your opinions.
Thanks.
 

Offline Ian.M

  • Super Contributor
  • ***
  • Posts: 13216
Its well known that if the die is intact or even in pieces big enough to piece back together like a jigsaw,  FLASH memory contents can be extracted by scanning electron microscopy.  Obviously anything that effectively discharges the memory cell gate oxide will prevent this.  However unless you are a person of interest to a three letter agency or hostile nation, the odds of anyone attacking your old device that way are minimal, due to the high costs and difficulty involved.
« Last Edit: June 04, 2022, 02:10:40 pm by Ian.M »
 

Offline tooki

  • Super Contributor
  • ***
  • Posts: 13157
  • Country: ch
FWIW, if you use a device with hardware-encrypted storage (or even just use software encryption), then formatting is extremely effective, because without the decryption key, it’s just random bits. Hardware-encrypted storage does just this: when you “reformat”, it just throws away the keys.
 

Offline Halcyon

  • Global Moderator
  • *****
  • Posts: 6126
  • Country: au
Part of my previous job was to recover data from damage chips (specifically phones) and we had quite a good success rate provided the chip wasn't completely mangled. Of course this requires special knowledge and equipment, not something your average person at home is going to be able to do.

I usually just format the device and then fill the memory with some useless crap (like the same image/video file over and over again) to overwrite as much of the user-accessible partition as possible. For the ultra paranoid, you could physically destroy the memory chip (a few goes with a hammer will do the trick).
 

Offline eti

  • Super Contributor
  • ***
  • !
  • Posts: 1801
  • Country: gb
  • MOD: a.k.a Unlokia, glossywhite, iamwhoiam etc
Pack the void space inside your SSD with a sealed sachet of thermite, and install a fuse which ignites it with a sequence of self-destruct codes. I had that idea many many years ago.
 

Online tom66

  • Super Contributor
  • ***
  • Posts: 7334
  • Country: gb
  • Electronics Hobbyist & FPGA/Embedded Systems EE
I'd imagine putting 20V DC across random pins is going to be reasonably effective at destroying the contents of the chip, more so than mechanical destruction, assuming that the destruction level is not total.  This is because it will superheat parts of the die and the cells nearby will lose charge quickly.

You would not need to do all that much to make flash memory unusable as flash controllers manage bad blocks using distributed error and counting tables.  Files and filesystems cannot be properly assembled if these are not correct.  Therefore destroying enough sectors would likely render the entire contents effectively unrecoverable.
 

Offline Ian.M

  • Super Contributor
  • ***
  • Posts: 13216
OTOH smaller files are likely to be contiguous if they are less than both the cluster size and the FLASH erase block size, so unless they are encrypted, their contents may be recovered by scanning the raw memory dump for file signatures.  Therefore corrupting/erasing part of the FLASH doesn't secure the rest of it - it just makes it more difficult and tedious to access. 
« Last Edit: June 06, 2022, 10:52:51 am by Ian.M »
 

Online Zero999

  • Super Contributor
  • ***
  • Posts: 20357
  • Country: gb
  • 0999
If you use a secure delete/format utility to overwrite all the data, it's virtually impossible to recover it, without destroying the hardware.
 

Offline Ian.M

  • Super Contributor
  • ***
  • Posts: 13216
The problem is residual data in blocks that have been mapped out as defective by the Flash controller of a non-encryption capable drive, which may well not implement a standardized secure erase command.  If any data that you *MUST* keep confidential was ever remapped due to the controller predicting failure, it could persist in defective blocks, and be accessed by any recovery method that bypasses the controller to read the flash array directly.  That's why the US DoD & NSA *REQUIRE* the total destruction of solid state media that (may) have been used for classified data, either by shredding/grinding into fine (sub 2mm) particles or by high temperature incineration to ash.
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf