Enhancement: Encrypt unencrypted volume or format SD card

[jans23]

Objectives:

1. Enable reliable wiping of data on the unencrypted volume
2. Prevent evil maid attacks which physically remove the SD card storage and write to the unencrypted volume.

Possible Solutions: a. Encrypt the "unencrypted" volume and unlock it when booting the device (without requiring a PIN). b. Add the SD Card Formatter functionality into the firmware. This would not achieve objective 2.

Further readings on SD cards:

• http://www.bunniestudios.com/blog/?p=3554
• http://flash-extractor.com/
• http://recoverfab.com/

[ghost]

This is a rather old issue, but I'd like to discuss the formatting part. According to SD CARD org, the overwrite function overwrites all the user data. Would this alone be reliable enough? Considering that it's flash storage after all, but sd cards seems to the simpler in terms of structure compared to SSDs (Correct me if I am wrong) Obviously encrypting it first and scrambling the key afterwards would ensure in a proper wipe, but it might take a toll on the performance of the micro controller in question.