I have, for many years, used "Darik's Boot and Nuke" on a USB stick to securely wipe spinning hard disks. It takes a long time, but I mostly understand and trust the process. I'm now at the point that I have to wipe and dispose of SSDs, and I'm feeling a bit shaky on the methodology. Here's what I did: # hdparm -I /dev/sdX Looked for enabled/locked/frozen in the output ... I won't go into making sure those are toggled correctly, but that appears to be needed. This also lists what appears to be info about doing a wipe on the drive: 6min for SECURITY ERASE UNIT, 60min for ENHANCED SECURITY ERASE UNIT Then, set a password (why? but seems to be needed): # hdparm --user-master u --security-set-pass foobar /dev/sdX Last, run the wipe: # hdparm --user-master u --security-erase-enhanced foobar /dev/sdX Doing something like `dd if=/dev/sdX bs=5M count=5 | strings` (or sending it to `less`) definitely shows that it's changed from something organized to something full of identical characters. But I've never seen this wipe process take more than 60 seconds, which makes me wonder about the `hdparm` declaration about the time required for a secure wipe. So I guess the big question is: should I trust this process? Do we really think it's securely wiped? Or should I be taking a hammer to the chips on the SSD because that's the only way to ensure it's fully wiped? -- Giles https://www.gilesorr.com/ gilesorr@gmail.com