08-08-2018 04:27 PM
We have a stack of unusable 16GB MLC SATA modules from various thin clients, mostly t510, t520, and so on. Many of them had Windows 7 Embedded on them, but I have been instructed to move to Thin OS. However, I can't seem to erase these SSDs. I've tried everything I can think of, even using Linux and GParted, it "looks" like it works, but seems to somehow "restores" itself back. I can't even erase anything off of it, it looks like it disappears but when I remount it everything shows back up again.
fdisk /dev/sdb does the same thing, and then it says the device is "busy". Sometimes it says that the partitions have been erased (yes I w to write), it says a single new one is made, but it still restores / copies / magicaly heals back to what it was. I even ran through hdparm and it said it is not locked, frozen, or expired. So just what is going on here?
08-09-2018 11:45 PM
on which system are you erasing the SSD and on which system are you reading said SSD after erase
i would try "DBAN" it can/will remove just about anything from a storage device
08-10-2018 02:13 PM
Three different operating systems. One is Debian linux, specifically Kali 2018, Windows 10, and the t510 itself wth the ThinClient on a USB key. The SSDs are from t510s, some were running ThinPro 5.X, some running Windows 7 Embedded, all have the same end result.
Since that's what my "red team" laptop is running, and I thought I would have a better chance at it on Linux; I've tried fdisk from CLI, gparted from the GUI, hdparm to make sure the ssd isn't "locked" or "frozen". With hdparm it threw an -s error, "--yes-i-know-what-i-am-doing" flag, and so on. Gparted made it LOOK like it was successful, until I refreshed, and then the original files showed up again. Even just deleting a few files off an SSD is impossible. Gparted had a "note" at the bottom one time about "btrfs-tools" but Kali's repo apt-get is messed up so I would need to put together a different linux system to actually install anything that doesn't come default.
On the t510 itself, it also acted like it was working. I do a "secure erase", then reformate, then install. After the reboot, it comes back up exactly the way it was. Even if I went into 5.2 normally, updated Easy Tools, changed the DNS, updated freeRDP, after a reboot it was back to the way it was. I tried fsunlock, updating easy update, then fslock...after reboot the same thing.
On Windows it thinks it is always "in use". It just throws various errors in Disk Management. HDDErase also acts like it's working, but the drive is still the same.
I think BTRFS is the root cause of all of this, I found http://manu.agat.net/dotclear/index.php/post/2016/02/17/HP-Thinpro-update that talks a bit about it but it still doesn't make for one of the Win 7 CE SSDs.
08-10-2018 07:09 PM
I’ve found DBAN a great tool for performing a low level wipe of HDD’s but didn’t think it handled SSD’s (last I checked) so this tool may nor help you with your SSD issues (unless it’s been updated since I last downloaded it).
Thing is, I’ve come across drives, usually USB, that have a portion of the storage defined as a read only CD where auto run can come into play and thus do unexpected things. So make sure CD/DVD auto run is disabled before you connect your SSD so you may have a fighting chance. Only then connect the problem SSD to a laptop via a USB adapter and look at what is shown. Hopefully you won’t see a CD being connected along with the problematic SSD data partition and if so it won’t autorun the CD contents giving you a fighting chance to low level wipe the SSD.
But to be clear, you’ve connected the SSD to your Linux laptop and wiped it with gparted but after a refresh (not sure what you mean, i’d disconnect then reconnect the drive or reboot) the SSD still has the original files visible on the laptop? Or do you mean after the wipe on the laptop you reinstall the SSD within the t510 and then the files reaper on the t510?
The reason I ask the above is I read some time ago that MS developed a mechanism where firmware can contain o/s executable objects that are immune to HDD wipes and are executed during o/s start. Such mechanisms can be used to ensure laptop anti-theft location services can not be removed with simple HDD formats but such mechanisms can also be used for any ‘feature’... possibly with other than windows o/s... And it also wouldn’t surprise me if storage firmware has similar capabilities...
Failing this, i’d look to the SSD manufacturer from a downloadable tool to wipe this specific SSD