I guess that this boils down to "always use full-disk encryption". Just remember to benchmark your CPU to make sure you're using hardware-accelerated AES or you're going to lose a lot of performance from this SSD...
TRIM is not meant to be a security feature. It is optimized for reducing write amplification and improving performance. It could have been implemented to be more secure while trading off on performance.
More SSD drives appear to follow the Deterministic Read After Trim (DRAT) approach defined in the SATA standard a long time ago. This in turn means that a quick format is likely to instantly render deleted evidence inaccessible to standard read operations, even if the drive is acquired with a forensic write-blocking imaging hardware immediately after.
I guess that this boils down to "always use full-disk encryption". Just remember to benchmark your CPU to make sure you're using hardware-accelerated AES or you're going to lose a lot of performance from this SSD...
TRIM is not meant to be a security feature. It is optimized for reducing write amplification and improving performance. It could have been implemented to be more secure while trading off on performance.
Quoted from the article:
More SSD drives appear to follow the Deterministic Read After Trim (DRAT) approach defined in the SATA standard a long time ago. This in turn means that a quick format is likely to instantly render deleted evidence inaccessible to standard read operations, even if the drive is acquired with a forensic write-blocking imaging hardware immediately after.