I’m not sure if filling up the entire drive is necessary. Nothing wrong with doing a ddif=/dev/urandom of=/dev/nvme1 to randomise the drive itself, but I don’t think most people are affected by the kind of information you can derive from what sectors are/aren’t written to.
Writing zeroes to every bit is useless because of the automatic remapping; it mostly serves to wear down the device if you use decent encryption. There are only so many write+erase cycles each cell can go through before it breaks, so I try to avoid doing large writes on purpose. Try a secure erase from either your UEFI GUI, but good encryption prevents the need for a full format.
Personally, I let my drives fill up over time. I trust LUKS enough to handle the encryption, and I don’t think anyone who’s going to be buying this SSD off me is going to send it off to a forensic data lab to analyse what the average size of the files I worked on was. So, my personal approach:
Buy a drive from a reputable brand with no known obvious firmware bugs (Sandstorm, anyone?)
“Best” depends on your needs.
I’m not sure if filling up the entire drive is necessary. Nothing wrong with doing a
dd if=/dev/urandom of=/dev/nvme1
to randomise the drive itself, but I don’t think most people are affected by the kind of information you can derive from what sectors are/aren’t written to.Writing zeroes to every bit is useless because of the automatic remapping; it mostly serves to wear down the device if you use decent encryption. There are only so many write+erase cycles each cell can go through before it breaks, so I try to avoid doing large writes on purpose. Try a secure erase from either your UEFI GUI, but good encryption prevents the need for a full format.
Personally, I let my drives fill up over time. I trust LUKS enough to handle the encryption, and I don’t think anyone who’s going to be buying this SSD off me is going to send it off to a forensic data lab to analyse what the average size of the files I worked on was. So, my personal approach:
That makes sense. Thank you!