Let me tell you, don't rely on flash for cold storage of important data. I learned it the hard way, despite knowing better.
A short thread. (1/n)
I kept my GPG key backups in different locations. I know that flash is unreliable, so I thought having backups on multiple SD cards and USB flash drives in cool places would be enough.
So, a while ago my Yubikey died physically and I wanted to retrieve my backups.
Turns out: They lost all data in only two years without power.
Please, create QR codes from your encrypted keys and print them on paper.
So, what happened?
(2/n)
The electrons in flash memory escape the cells over time. How fast that happens depends on the type of flash and the temperature it is stored in. To prevent that from happening proper flash controllers refresh the cells once in a while, similar to RAM.
So, without power the bits will gradually degrade till they can't be read anymore.
This not only applies to cheap SD cards or USB drives, but also to expensive SSDs.
I knew this, but I assumed this to not be a problem for storage <4 years.
(3/n)
Well, I wrong. And lost the data after only 2 years.
Now the interesting bit (hehe)
What is where my data used to be?
Let's fire up a hex editor and look at the data of one of the USB sticks.
There's a pattern repeating from 00 to FE. This goes on until 1 Megabyte and after that there are only zeroes. The others have slightly different, but similar content. One SD card even came with a partition table and exfat header, then such a pattern.
(4/n)
So, what's going on with the pattern?
I assume this to be a test pattern that the storage controller writes on the flash when it's empty to ensure it works properly. Pretty interesting!
I managed to recover almost all of my data and server access that was depending on the lost key. I was lucky.
Please take care of your backups and don't repeat my mistakes.
(5/5)
- replies
- 0
- announces
- 0
- likes
- 0