igaw
commented
1 week ago nvme-cli implements the NVMe specification. There are plenty of tools already available such as wipe, shred or scrub besides dd and friends. So I think we should stick to what the spec gives us for this tool. If we can improve that part, sure I am glad to look into it. But a general sanitize command is out of scope IMO.
To allow a safe and secure decommissioning of drives the current sanitize command should be extended to effectively:
Currently sanitize is an optional command in the nvme interface standard. As a result support varies significantly and history has shown that the reliability of sanitize commands can vary due to firmware bugs or incomplete implementation.
Given the importance of sanitization commands for the safe disposal of used media the current implementation might be insufficient to warrant the destruction of the data contained inside the media. The expected lifespan of the NVME interface this might result in media still be operational way beyond a date in which the security of the encryption used might be warranted. The respective standard bodies have written extensively about the possibility that AES256 might be obsolete by 2050 given the advances in computing.
If NVME matches the lifetime of SAS (initial release 2004) or SATA (initial release 2000) we can expect used drives sold this year to still be on the second hand market by 2050, also because plenty of consumer technologies requiring large amounts of space and high performance seem to have reached a peak in development given that no more disrupting advantages can be drawn from further development (for example end user video storage does not benefit from file sizes larger than 8K as human perceivable limit in image quality is already achieved for the existing consumer TV screen sizes) or being substituted by the cloud. The usage of used enterprise drives will be significantly higher compared to previous technologies such as SAS given the compatibility of enterprise media with consumer devices supporting NVME.