Always strive to learn something useful. --Sophocles

I had heard that there were routines running in the background of SSD's to even out wear, apparently this can pretty much ruin a forensic examiner's attempt to capture a 'frozen in time' image of a drive's contents to be examined later and possibly be presented in court.

"After examining an SSD for traces of data after it had been quick formatted, the team expected the purging routines to kick in around 30-60 minutes later, a process that must happen on SSDs before new data can be written to those blocks. To their surprise, this happened in only three minutes, after which only 1,064 out of 316,666 evidence files were recoverable from the drive.

Going a stage further, they removed the drive from the PC and connected a ‘write blocker’, a piece of hardware designed to isolate the drive and stop any purging of its contents. Incredibly, after leaving this attached for only 20 minutes, almost 19 percent of its files had been wiped for good, a process the researchers put down the ability of SSDs to initiate certain routines independent of a computer."

There's several issues here. First, from a lawful citizen's perspective who wants privacy for his computer data, this could be good. If an unscrupulous government seized his equipment, the data might sufficiently self-destruct that it couldn't be used against him in court. The obverse of that is that criminals might walk. But, for a moment, let's forget the criminal aspects of this. On a magnetic hard drive, if you accidentally delete a file, it usually can be undeleted until the space is needed and the operating system overwrites it. Or, if it's a critical file, and the drive suffers an electronic or mechanical failure, there are data recovery specialists who can frequently get that information back. SSD's will make such undeletion and recovery much more likely to be unable to retrieve such information.

I worked at a place that suffered a major server crash, it had been configured by a previous generation of IT staff that were no longer there, and it was configured VERY badly (who puts high performance video cards in file servers anyway?!). It was configured with the data striped across three or four drives, in this configuration, if one drive fails, that drive's contents can usually be reconstructed by the system from the remaining drives. If more than one drive fails, you're totally screwed (usually). It seems to me that these auto-leveling SSD's, if you had them in a RAID 5/10/50 configuration, you'd be pretty much hosed in such a situation. Maybe mirroring is the way to go with them rather than striping with parity, can't say that I've stayed current on that tech.

http://news.techworld.com/security/3263093/ssd-fimware-destroys-digital-evidence-researchers-find/

http://hardware.slashdot.org/story/11/03/01/1740240/SSDs-Cause-Crisis-For-Digital-Forensics

(I have an above average interest in forensics as I was working for a fairly major police department when they set up their first computer forensics lab in the mid 90's. Fascinating stuff, and very serious and precise (and sometimes disgusting) work.)