Quickly Wipe an SD Card with ESP8266
In a previous story, I have written about connecting an SD Card to an ESP8266. During my adventures, I have discovered some interesting tidbits.
One thing is that SD cards support what is called “CMD38” which tell the SD card to erase certain blocks without actually writing zeros to the location.
The use case is as follows. Suppose you want to prepare to throw away or give an SD card to someone else, you do not want other people to be able to recover your data as it would be possible with a normal quick format. Your SD card has the capacity of 32 GB and can write at 10 MB/s. Doing a full erase of writing zero to every block would take around 1 hour. It would also unnecessarily wear out the flash memory if it you plan to re-use it.
The alternative, using “CMD38”, you can quickly tell the SD card to just erase everything rather than telling it to write zeros everywhere. Of course, this is faster because the controller doesn’t actually erase the blocks but just remembers that if the user request those block, zero should be returned instead (i.e. a “logical” erase). It is still possible to recover data if the attacker is sophisticated enough to read the flash directly bypassing the controller, but involves opening up the card using expensive equipment. I’m content with preventing opportunistic attackers from being able to read the SD card by plugging it into their computer.
Next is how to send “CMD38”. On a PC, most card readers try to emulate USB storage device (e.g. visible as /dev/sdX) rather than presenting the SD card directly to the OS (e.g. /dev/mmcblkX). If your card-reader presents the SD card as /dev/mmcblkX, then you’re in luck. Simply run “blkdiscard /dev/mmcblkX” and the entire card will be quickly erased.
The second option is to use a digital camera or other devices taking SD card which supports the “low level format”. This sends “CMD38” to the SD card to perform a full erase.
The third option, and the main point of this story, is to use the ESP8266 to do a “CMD38” erase. In Arduino IDE, load up the “SdFormatter” example inside “SdFat” and upload it to your ESP8266. Then open the serial monitor and follow the on-screen instruction to erase the SD card. This takes only a few seconds.
P.S. If you read the spec or do some research you might be confused what is the difference between ERASE, DISCARD and TRIM in the context of SD/MMC cards.
For SD cards, the supported commands are ERASE and DISCARD. ERASE sets the block to zero while DISCARD tells the controller that the data can be overwritten without setting it to a specific value.
On MMC cards, the supported commands are ERASE and TRIM. On ERASE works on “erase group” while TRIM works on single sectors. In other words, ERASE is very coarse and is useful only for erasing an entire partition while TRIM can be used to delete individual files. (On SD cards, whether ERASE can work on a sector or an erase group is defined by the ERASE_BLK_EN CSD bit.)