I don’t know what your particular situation is but if you’re just using it on computers you could use LUKS or BitLocker or FileVault. Then if you want to wipe it, you only need to destroy the key and the data is rendered effectively gone.
I assume you’re joking, but if not: the 4MB of flash you see is not mapped 1:1 with 4MB of actual flash on the SD card. Instead there might be something like 5MB, but your OS only sees 4MB of that.
The extra unallocated space is used as spare sectors (sectors degrade and must be swapped out) or even just randomly if it somehow increases IO performance (depending on the firmware).
Erasing the 4MB visible to your OS will not erase everything, there still may be whole files or fragments of your files sitting in the extra space. Drive-vendor specific commands can reliably access this space (if they exist and are available to you, which they mostly are not). Some secure erase commands may wipe the unallocated space but that’s vendor specific, not documented and I don’t think even supported over the SD interface (although I might be wrong on this last point).
Encryption and physical destruction are your best bets.
The file size discrepancy is usually due to 1000 vs 1024
No, that’s something else entirely. It doesn’t matter what measurement system you use, the drive juggles more sectors than your OS can see.
but filling the drive with random data until its full should wipe the drive.
Only if you assume people can’t access the reserved/unallocated/over-provisioned sectors. If you are only worried about small thieves then this might not be an issue. If you’re handling sensitive data (like medical records for other people or anything with sensitive passwords) then it’s completely inadequate to leave any form of data anywhere on the disk.
Meanwhile I’m struggling to find 4MB SD cards, so I can easily overwrite it with random data to securely wipe it between uses.
How the heck do people with 4TB SD cards do data hygiene wipes of their medium before crossing international borders? That would take days…
They don’t
I don’t know what your particular situation is but if you’re just using it on computers you could use LUKS or BitLocker or FileVault. Then if you want to wipe it, you only need to destroy the key and the data is rendered effectively gone.
Yeah that’s best for most things, but SD cards are generally used in situations where that’s not an option. Namely for use in (video) cameras.
The other situation is when I need to transfer a large file to someone else’s device where encryption isn’t an option (rare but happens)
I assume you’re joking, but if not: the 4MB of flash you see is not mapped 1:1 with 4MB of actual flash on the SD card. Instead there might be something like 5MB, but your OS only sees 4MB of that.
The extra unallocated space is used as spare sectors (sectors degrade and must be swapped out) or even just randomly if it somehow increases IO performance (depending on the firmware).
Erasing the 4MB visible to your OS will not erase everything, there still may be whole files or fragments of your files sitting in the extra space. Drive-vendor specific commands can reliably access this space (if they exist and are available to you, which they mostly are not). Some secure erase commands may wipe the unallocated space but that’s vendor specific, not documented and I don’t think even supported over the SD interface (although I might be wrong on this last point).
Encryption and physical destruction are your best bets.
Link to source? The file size discrepancy is usually due to 1000 vs 1024, but filling the drive with random data until its full should wipe the drive.
A good search term is “SSD over-provisioning”
No, that’s something else entirely. It doesn’t matter what measurement system you use, the drive juggles more sectors than your OS can see.
Only if you assume people can’t access the reserved/unallocated/over-provisioned sectors. If you are only worried about small thieves then this might not be an issue. If you’re handling sensitive data (like medical records for other people or anything with sensitive passwords) then it’s completely inadequate to leave any form of data anywhere on the disk.