You can't secure what you don't acknowledge.SM

Friday, September 16, 2011

I love solid state drives but I'm no fan of OCZ

I tweeted about this the other day but though it deserved a longer post. If you do anything with IT/security tools such as vulnerability scanners, network analyzers and the like you HAVE to get a solid state drive.

Hands down, installing solid state drives in my laptops has been the best computer upgrade I have ever made in 22 years of using computers. Better than doubling my RAM, better than upgrading the CPU...whatever. I wish I would've moved to SSDs sooner. I didn't know it was going to be the case but my SSDs are faster than the 10,000 rpm drive I use in my desktop (which was a huge improvement over the 7,200 rpm drive I used to have). Amazing.

Two words of caution:

1) Know that if your drive fails - especially under warranty and you need to return it - that you have no way of knowing what is recoverable by some yahoo engineer in the manufacturer's lab who has nothing better to do. Based on my limited knowledge of how SSDs work and backed by a forensics expert I work with, even if the drive is dead, it's still possible that data can be extracted from the chips on the drive. This is something you wouldn't have to worry about with traditional platter-based drives because you could give them a good bath with a powerful magnet and you'd know your information is safe.

SSDs just aren't the same, at least based on what I know about them. That combined with the fact that I had encrypted the drive with BitLocker I had no way of knowing what was recoverable when doing that, especially using this tool.

2) Stay away from OCZ Technology SSDs. I bought one knowing that the Amazon reviews weren't great. But it was available at a nice price at my local MicroCenter and figured I had nothing to lose. Plus, like many in management treat information security, I figured nothing bad would happen to me - surely my drive wouldn't fail. ;-)

Well, silly me. Something did happen. My drive died within 3 weeks of purchasing it. Nice. I wrote to OCZ and told them my situation about the nature of the work I do and that I've got potentially sensitive information on it that I cannot afford to have recovered. Per my forensics colleague's suggestion (apparently, the large hard drive makers do this), I asked OCZ if I could return the cover of the drive in hopes that rendering it mostly useless would be enough for me to get a replacement.

OCZ's Technology Forum Support Manager promptly replied: no can do. They needed the drive back to replace it or refund my money. So, I ended up losing close to $200 plus a good 5-6 hours worth of my time buying a new SSD drive and rebuilding my system. Tough lesson learned.

FYI, I bought a Samsung SSD (love it!) and suggest you do the same.

No comments:

Post a Comment