[liberationtech] secure wipe of flash memory
Matt Mackall
mpm at selenic.com
Mon Jul 30 05:09:04 PDT 2012
On Mon, 2012-07-30 at 12:01 +0100, Michael Rogers wrote:
> On 21/07/12 18:02, Chris Ball wrote:
> > Hi,
> >
> > On Sat, Jul 21 2012, Michael Rogers wrote:
> >> Does anyone on the list know whether flash controller chips use
> >> journalling? I'm guessing they might because YAFFS does.
> >
> > I don't think so -- YAFFS is a filesystem, and the wear-leveling
> > algorithm on the controller only knows how to act on reads/writes
> > to individual blocks on the flash, so they're very different
> > layers. The flash controller isn't a replacement for a filesystem;
> > you still need to use one, and it may or may not be journaled.
> >
> > (Although the independence between wear-leveling algorithm and
> > filesystem isn't total; there's evidence that the vendors teach
> > their firmware how to handle writes to the Windows FAT cleanly.)
>
> Thanks for the information Chris. Perhaps journalling was the wrong
> word for me to use - what I'm interested in is whether a forensic
> investigator can (partially) reconstruct the order in which the
> logical blocks of a flash device were updated. If so, TrueCrypt hidden
> volumes could be exposed.
>
> Each time YAFFS updates a logical block, it stores a numbered mapping
> from the logical block to a physical block. The numbers reveal the
> order of the updates. Do you know whether controller chips do
> something similar?
Yes, they do. It's basically unavoidable if you want to simulate a
disk-like device with wear-leveling. You'll also get a per-block write
count, which is a proxy for "when was this block last used?"
Many embedded flash parts (as opposed to SSDs) come with controller and
flash chip(s) in a single IC package, which raises the question of
whether it's possible to bypass the controller and read the flash
directly. I suspect most controllers will have an undocumented back door
of some sort here for testing purposes.
In most cases, the controller and flash are separate pieces of silicon
still, so at worst, an investigator can dissolve the packaging and probe
the bare flash directly. Bare NAND flash is designed with standard
per-block "out-of-band" sections to facilitate storing wear-leveling
data that are straightforward to read out.
About the only way to mitigate this is software full-device encryption.
--
Mathematics is the supreme nostalgia of our time.
More information about the liberationtech
mailing list