So, this has potentially interesting value for implementing secure storage (assuming one can replace the whole firmware with something trusted).
I assume it would be possible to, for instance, make every "delete" operation a secure delete operation...wherein data gets overwritten a specified number of times. Shortening the useful life of the device, sure, but if security matters, that's a small price to pay.
Going further, what about a handler that serves out one set of data about what's on the device to any random person that plugs it in (like empty or with a few harmless photos or something), and another set of info to someone that has a key? Sure, for a high capability attacker, they might even know about this kind of firmware magic and know how to circumvent it, but it would make it very unlikely that some random person picking up your device would find anything that you want to keep secret.
Obviously, if your data is encrypted on the host system before writing to the card, that's reasonably safe...but for people in really dangerous situations, where torturing someone to obtain their key is not out of the question, making it seem like there's no data to obtain a key for is the best of all possible solutions.
Is there any reason to overwrite data multiple times on flash storage? I thought that the principle was due to head-alignment on spinning disks (and data theoretically being recoverable from the 'edge' of tracks). Even this is considered overkill for just about everyone. How does it make any sense on flash storage, which operates on completely different principles?
No, it wouldn't need to be overwritten, but you'd want to ensure that it was zeroed rather than just trimmed (marked as empty in the physical block allocation table).
I don't actually know much of anything about how flash memory works. I just read the bit about data sticking around in the article, and assumed there would need to be some special action to make it actually delete stuff. However it works, it seems like this would be useful to know about your flash storage...since nobody documents the behavior of their flash drives, having one with your own (or Open Source) firmware would allow you to know what it does in a given circumstance, which is the only way to securely use any tech.
With process sizes where they are today, there's basically going to be nothing remaining after one erase + program. Raw flash today is already struggling to hold the contents of one write cycle as it is, never mind remaneance from several...
But if you wrote sensitive data to a block that then went bad, then there's a good chance that a large fraction of your data is there and will never be erased, not matter what high-level commands you send the card.
I assume it would be possible to, for instance, make every "delete" operation a secure delete operation...wherein data gets overwritten a specified number of times. Shortening the useful life of the device, sure, but if security matters, that's a small price to pay.
Going further, what about a handler that serves out one set of data about what's on the device to any random person that plugs it in (like empty or with a few harmless photos or something), and another set of info to someone that has a key? Sure, for a high capability attacker, they might even know about this kind of firmware magic and know how to circumvent it, but it would make it very unlikely that some random person picking up your device would find anything that you want to keep secret.
Obviously, if your data is encrypted on the host system before writing to the card, that's reasonably safe...but for people in really dangerous situations, where torturing someone to obtain their key is not out of the question, making it seem like there's no data to obtain a key for is the best of all possible solutions.