[liberationtech] secure wipe of flash memory

Chris Ball cjb at laptop.org
Mon Jul 16 09:24:07 PDT 2012 

Hi,

On Mon, Jul 16 2012, Michael Rogers wrote:
> I've heard that some Android devices use controller chips for their
> internal flash storage, making the storage appear as a block device
> from the kernel's point of view, while others allow the kernel to
> access the flash chips directly. In the former case the storage will
> contain an ordinary block-oriented filesystem like ext2, while in the
> latter case it will contain a flash-specific filesystem like YAFFS.
>
> I have no idea how common each case is, but it would be easy to find
> out by checking the contents of /etc/mtab on a sample of Android
> devices. Is anyone on the list in a position to do that?

Pretty much every Android device currently on the market is using an
eMMC (controller chip) now, not YAFFS.  (In an example of how the world
doesn't make sense, NAND flash plus a controller chip is much cheaper to
buy than the same NAND flash without a controller chip.  We used bare
NAND on the first OLPC laptop, but have since had to move to eMMC for
cost reasons.)

I agree with everything said in the thread so far.  You can't use a raw
NAND filesystem like YAFFS on an eMMC, and you can't perform secure
deletion on an eMMC yourself.

You can ask the eMMC's firmware to do it for you, though: there are
"secure erase" and "secure trim" commands, which the spec¹ mandates must
delete all copies of the data requested for deletion no matter where
they are on the media.

There's no good reason to trust this closed-source firmware to do the
right thing, though -- while I'm not aware of much testing on eMMC,
testing of a similar command on ATA SSD devices² found that most of the
devices left data still present after the command was completed, and one
device even reported a successful wipe while not erasing any data at all!

- Chris.

¹: http://www.jedec.org/sites/default/files/docs/JESD84-A441.pdf
²: http://static.usenix.org/events/fast11/tech/full_papers/Wei.pdf
-- 
Chris Ball   <cjb at laptop.org>   <http://printf.net/>
One Laptop Per Child

More information about the liberationtech mailing list