Drive Rescue at Embedded World 2018, Nuremburg, Germany.

Last week Drive Rescue was in Nuremburg, Germany for Embedded World 2018. The Embedded World exhibition and conference covers a lot of areas including IoT, defence, aviation, automotive and industrial electronics. It is also one of the largest gatherings of global hard disk manufacturers in Europe, where they display their wares and discuss their future roadmaps. It was fascinating to see the latest in the world of storage devices and interesting to speak to the hard disk manufacturers’ first hand.

A number of themes emerged at this year’s exhibition and conference, including the focus which disk manufacturers are placing on data security (no doubt spurred by the impending GDPR legislation) and the emergence of SSD technology as de facto standard for many industrial and consumer-level devices.

Disk Manufacturers taking the GDPR to Heart

Disk manufacturers, especially European-based ones, seemed to have taken GDPR legislation to heart with companies such as Integral (UK) and SwissBit (Switzerland) now offering an extensive range of SSD disks and USB memory devices equipped with hardware-level AES encryption. For example, Swissbit have now introduced a USB memory stick (PU-50n DP) which uses native AES-256 encryption and which is also capable of storing an audit trail. It’s audit trail functionality is enabled by storing WORM (Write Once Read Multiple) data on a cleverly located hidden partition. To counter any brute-force hacking attempts, the PU-50n DP comes equipped with a hardware retry counter which limits the number of passwords which can be inputted within a set time frame.

Integral also displayed a range of AES-256 encrypted USB memory drives which are FIPS 140-2 approved and employ a dual-password system. So, if the user does forget their password, their IT administrator can regain access using a master password. But, pity the poor user who does decides to go it alone, because only after six failed access attempts the data and the encryption keys are all destroyed. Crikey, only step away from the device spontaneously combusting…

Integral were also displaying their range of AES-256 “Crypto” SSDs. Like their USB drives, they are FIPS 140-2 approved and if the number of password attempts is exceeded the encryption keys and data gets destroyed. A “high strength” 8-16 character alphanumeric password must be set which presumably precludes users inputting “PaSSwoRd” or “fluffy123” as their password. According to the Integral marketing bumf, their encryption is compatible with most endpoint security applications as it uses a configurable “hardware ID” for compatibility. In the next couple of months, it will be interesting to see if hardware SSD encryption schemes such as this pose a challenge to the hegemony of McAfee, Symantec, Sophos et al in the full disk encryption arena.

And speaking of McAfee, Hagiwara Solutions (Japan) have brought out this AES-256 encrypted USB stick which also contains anti-virus detection powered by McAfee software. Virus propagation prevention and encryption all in the same package!


The Last Hurrah of S-ATA

The venerable S-ATA bus interface has served the IT world exceedingly well over the last fifteen years. It liberated many an IT administrator from the tyranny of jumper settings and compared to its P-ATA predecessor, introduced a seismic leap in faster I/O disk operations. But even though S-ATA has progressed to its third iteration (SATA 3.0), for most solid-state disks, this bus standard and its command protocol AHCI has now become a data bottleneck. For example, most NVMe solid-state disks can handle 65536 parallel I/O requests compared with only 32 I/O requests processible by S-ATA 3.0.

And while S-ATA III and AHCI will probably be around for legacy applications for quite some time yet, its days of being the primary interface for internal storage devices are probably numbered. So, if S-ATA is on the way out, what is going to replace it? Enter PCIe and NVMe.


All aboard the NVMe bus

NVMe (Non-Volatile Memory) is a protocol designed by a consortium of hard disk and NAND manufacturers including Western Digital, Samsung, Toshiba, Intel and Micron to standardise the interface and interoperability of PCIe. In essence, the NVMe standard allows disk manufacturers fully exploit the parallelism afforded by PCIe when interfacing with host systems. Operating systems need only one driver for NVMe compatibility. This driver has been included in Windows OS, from version 8.1 upwards and in Apple’s OSX from version 10.10.3 (Yosemite).


An Apacer M.2 (B+M) keyed SSD with TSOP mounted NAND

The rise of the M.2 Form Factor

There were plenty of SSD disks at Embedded World 2018 still using variants of the S-ATA connector such as mSATA (52pins split into 16 pin and 36 pin sections) and Slim SATA (22 pins standard S-ATA connector). However, the M.2 form factor (pronounced m dot two) was by far the most common on display. The first generation of this form factor came in the guise of NGFF (Next Generation Form Factor) which is rarely seen these days. The present-day M.2 form factor uses three socket types including; “B key” edge connector, “M key” edge connector and “B and M” key connector. A “B key” uses up to two PCIe lanes whereas an “M key” can use up to four. A substantial number of SSDs use the “B and M” key connector so they can connect to any socket. Each connector pin is rated for 50V and 0.5A. Using PCIe x4 the M.2 standard allows for blisteringly fast data throughput speeds of up to 31.5Gb/s compared to 4.8Gb/s offered by SATA 3.0.

It might be easy to dismiss the NVMe standard as just a marketing gimmick. After all, it is designed using PCIe architecture. But, the designers of this protocol appeared to have gone to great lengths to eke out every ounce of SSD I/O speed when interfacing with its host. The real-world throughput difference between an M.2 disk using PCIe x4 and MLC NAND using NVMe versus an M.2 disk of similar specification not using NVMe can be vast.

Goodbye SLC and hello pSLC

Pure SLC NAND was harder to find than hens teeth at Embedded World 2018. This is because it’s ten times more expensive to manufacture than MLC and many producers are unwilling to tie up their expensive fab (semiconductor fabrication) facilities for this niche product. So even industrial-class SSD manufacturers like Innodisk are now using pSLC (pseudo-SLC) as a happy medium between the reliability of SLC and the production costs of MLC. Pseudo-SLC (otherwise known as MLC+) uses MLC NAND but the memory cells are used in single-bit mode. Moreover, the voltage threshold is shifted for increased endurance, reduced error rates and better SSD longevity.

From 2D NAND to 3D NAND

Up until now, most SSD manufacturers have been using planar NAND. Typically, MLC (Multiple Level Cell) stores two bits-per-cell while TLC (Triple Level Cell) stores three bits-per cell.  But the quantum physics envelope can only be pushed so far. As die lithographies reduce in size to 19nm,15nm and 14nm issues like cell-to-cell interference and disturbance effects start to kick in. This results in un-correctable bit errors which even sophisticated ECC algorithms such as BCH or LDPC cannot fix. This results in lost or corrupted data. So NAND developers have responded by stacking their cells on top of each other instead of laying them out vertically. This is analogous to building a skyscraper instead of a building which extends over a wide surface area. Samsung were one of the first manufacturers to commercialise this type of NAND and named it “3D NAND”. Other manufacturers like SanDisk/WD, Crucial, Intel and Adata have followed suit. Today the widespread adoption of 3D NAND has been aided by controller designers like Phison and Silicon Motion. The latter having recently released their SM2262 PCIe 3.1 NVMe 1.3 compatible controller designed to work optimally with 64-layer 3D NAND. And Phison have recently released their PS5007-E7 controller optimised for 3D NAND and NVMe.

3D NAND – the floating gate versus charge trap debate


The Toshiba XG5 and XG5-P – both using 3D NAND and Charge Trap Transistors…nice!

While most SSD manufacturers share the consensus that 3D NAND is the best fit for consumer and enterprise-class disks. After this, however, agreement diverges. 3D NAND can be deployed using floating gate or charge trap transistors. Floating gate transistors use polycrystalline silicon whilst charge trap transistors use silicon nitride. Floating gate transistors have been around the 1970’s. Now remember the purpose of the transistor is to “trap” electrons. To put it in very simple terms, silicon nitride is like cheese, whereas polycrystalline is like water. Some NAND designers believe that electrons “leaking” is a problem with floating gate technology, whereas using charge trap transistors electrons are more likely to be held in place. Thus, your data might have more longevity when stored with 3D NAND using charge trap transistors. Intel is placing their bets on floating gates. Samsung, with their V-NAND technology and Toshiba with their BiCS technology are backing charge trap transistors.

Of course, Intel have got some critics in their choice of technology, namely – why are they deploying 1970’s technology for their 3D NAND solid state disks when an apparently “better” transistor design exists? Well, Intel say they are using “discretised floating gates” which they claim are more compartmentalised and better suited to preventing electron leakage. They also claim that floating gate transistors are a “tried and tested” technology, whereas charge trap flash transistors are not. It will be interesting to see the trajectory of 3D NAND over the coming months.


Drive Rescue Data Recovery are based in Dublin, Ireland. We offer a data recovery service for most SSD disks including Samsung (750 Evo, 850 Evo, 860 Evo, MZ7TY256HDHP, MZNTY256HDHP, PM841, PM851) SanDisk (SSD Plus, Ultra II, Ultra III, X110, X400), Apacer (AST 280, AS220), Crucial (MX200, MX300,MX500, M500,M550)  Kingston SSD,  Toshiba SSD (Q200, Q300), Toshiba Apple SSD and Intel SSD (320, 530, 540S, S3520, S3700, S4500, S4600)  For more information:  Phone : 1890 571 571




Data Recovery from Transcend StoreJet external hard disk and the tale of the man on the train.

data recovery from dropped drives ireland
Commuting can provide an opportunity for catching up on some work but also poses risks for your data

While better known for their flash memory devices, the Taiwanese company storage company Transcend also makes a limited range of 2.5” external hard disks. Typically, they use Samsung Momentus disks – in 500GB (ST500LM012) or 1TB (ST1000LM024) sizes. As mechanical hard disks go, these are fairly robust models. Their head disk assembly is tried-and-tested and they use fairly stable firmware.

So, what could possibly go wrong? Well, there is the perennial problem of users dropping their disks. Often, accidentally dropped disks don’t happen out of carelessness just unexpected events. Like, for example, a customer who delivered a disk into our office recently. On his commute home, he had his Transcend external hard disk attached connected to his MacBook Air.  He was seated in an aisle seat. His fellow passenger in the window seat had dozed off. As the train was pulling into one of the stations his neighbouring traveller suddenly woke up, looked out the window and discovered to his horror that it was his stop. Our customer, being a gentleman, MacBook-Air-in-hand quickly jumped up from his seat only to suddenly hear the clatter of an object fall onto the aisle of the carriage. It was his external hard disk. His fellow traveller alighted successfully from the train. Our customer gingerly went back to his seat to re-connect the disk only to hear it clicking.

Transcend StoreJet external hard drive – disk removed

Luckily, only one disk head was damaged, but the head disk assembly still needed to be replaced in our clean-room. The platters had escaped damage. We were able to achieve a 99.5% recovery rate salvaging all of his PPJ (Adobe Premiere) files.

How to prevent this happening? Well, if you plug out an external disk quickly from an OS X (Apple) operating system without going through the “eject” procedure – you risk corrupting the “catalog” file of HFS+ (the file system) which can also lead to data loss. Or, you could use a “wireless hard disk” but I dread to think of the security implications of these especially when used in public places. So, it all goes back to having a robust back-up plan. Or, maybe just not sitting on an aisle seat on a train…

Drive Rescue Data Recovery are based in Dublin, Ireland. We recover data from all brands of dropped external hard disk including Transcend, Adata, Toshiba, Seagate and WD. Phone 1890 571 571



Data recovery from WD MyCloud NAS


western digital nas data recovery

Western Digital MyCloud NAS devices are popular in Ireland for their ease of setup, user-friendly OS. And unlike most NAS ranges from other manufacturers, the disks come pre-installed. This is probably not surprising given that WD (unlike Synology, Buffalo, Netgear et al.) manufacture hard disks.

The entry-level models in the WD MyCloud NAS range does not offer any redundancy – they are single-bay only. However, they do come with a USB 3.0 port for external backup which is better than nothing. Models further upstream in the range such as the MyCloud Mirror, MyCloud Gen 2, MyCloud EX2 and MyCloud EX4 offer mirroring with the more advanced models offering RAID 5 and RAID 10 redundancy.

Recently, we helped a customer with an entry-level WD MyCloud which was no longer showing up on his network. He could hear it spinning. But no data appeared when he logged into MyCloud OS. So, he updated the device’s OS to version 3. He removed the 4TB disk from its casing and attached it via USB dock to his Apple Mac. But no volume showed up. He ran some DIY data recovery software on it – but that too proved unfruitful.

He brought the disk (a WD40EFRX NASware 3.0 disk) to us. These “WD Red” (as they are commonly known) are generally reliable disks. A unique feature of them is their disk-to-parking zone timings.  Because they are designed for NAS usage their heads will not retreat to the disk’s parking zone until 300 seconds of inactivity compared to 8 seconds for a model from the “WD Green” range.

Our diagnostics revealed several of the firmware adaptive modules were corrupt. These modules are essential in “tuning” the disk heads to the disk platters and are used for the management of disk errors. Secondly, the disk had well over 12000 bad sectors.

The data recovery process went smoothly without any surprises. Over 3.2TB of ORF (Olympus Raw), PSD (Adobe PhotoShop) and .MOV files were all successfully recovered. Everything requested by the client. Every MyCloud does have a silver lining…


Drive Rescue Data Recovery is based in Dublin, Ireland. We recover data from all of the WD MyCloud range including MyCloud Gen 2, MyCloud Pro, MyCloud EX2, MyCloud EX2 Ultra, MyCloud EX4 and MyCloud Home Duo. Call us on 1890 571 571 or find out more at:

USB memory stick is not recognised by Windows?

Here is a simple way to recover your data.

1) Connect your damaged USB memory stick to your Windows computer.

2) Navigate to the Device Manager. Click on the “plus” sign
beside “Disk Drives”.

3) Then right click on your damaged disk and click on “properties”.

4) Navigate to the “drivers” tab and click “disable”.

5) Insert your USB memory stick back into your Windows system. Go to “Device Manager” again and re-enable the device.

6) The volume containing your data should now appear under “My Computer”.

This is just one fix. Other more advanced problems such as a failed NAND controller can also cause your memory stick not to be recognised by Windows.

Drive Rescue (Dublin, Ireland) offer a complete data recovery service from USB memory stick brands such as PNY, SanDisk, Adata, Sony, Integral, Toshiba and Ativa. We also perform recovery from promotional USB memory sticks.

Data recovery of from Synology NAS (DS216)

Two disks taken from a Synology NAS DS216

NAS devices have never been so popular. They consume less power than a PC or server, they support RAID and their compactness means they can be stored in even the most space deprived homes or offices. While first generation NAS devices were basically conjoined hard disks with a built-in networking component, modern NAS devices are much more sophisticated. Most come equipped with their own operating system such as DSM (for Synology) or QTS as used by Qnap. Most NAS devices also support file sharing protocols such as SMB and NFS, which make them ideal for OS-agnostic environments.

Even though most NAS devices support RAID redundancy, it is surprising how many users forsake this safety net in lieu of performance by setting up their devices in a RAID 0 configuration.

Recently, we helped a user to recover files from his Synology NAS DS216 configured in RAID 0. Inside the array were two Western Digital Disks – a 1.5TB disk (WD15EARS) and a 2TB disk (WD20EZRX). Our diagnostics revealed that the latter disk had firmware issues. Once these were resolved, we imaged both disks. Using both disk images, we rebuilt the RAID 0 using its original parameters. The file system used was EXT4.
We recovered over 2TB of Final Cut Pro 9 (. fcp) files along with .MOV and.AVI files. – everything which the client needed.

In this case, the user made the mistake of using RAID 0 but can you spot the second mistake from the photo above? He also used two WD Green disks. For NAS devices, this is another common technical faux pas. “Eco-class” disks and many standard “desktop-class” disks do not support TLER (time limited error recovery) functionality needed to minimise errors on a RAID environment. “NAS-class” disks such as WD’s NASware disks or HGST’s Deskstar NAS disks are recommended. But perhaps the greatest step the user could have taken was to have his data backed up! Apps in Synology’s DSM facilitate this as well as third party apps such as BackBlaze B2 or using OS apps such as Resilio.

Recovering a corrupted Word or Excel document: an easy solution.

You have a Microsoft Office file (such as Word, Excel, etc) which you (or your user) have been working on all week. But now, for whatever reason, the file has either gone corrupt or been over-written.

Hours of work wasted? Maybe not. In Windows, the quickest recovery route possible is the much forgotten and underused feature called Shadow Copy. The steps to recovery are easy. 1) Right-click the overwritten or corrupted file and click ‘Properties’. 2) Select ‘Previous Versions’. 3) If you want to view the old version, click ‘View’. To copy the old version to another location, simply click ‘Copy’ and you’re done. The quickest data recovery ever!

Recover data from a CD-R, CD-RW, DVD-R or DVD-RW disc

Generally speaking good quality CD-R, CD-RW, DVD-R, DVD-RW are a fairly reliable backup medium. This is assuming, however, that they’re kept out of direct UV sunlight and are kept free from deep scratches. But, occasionally user error can result in data loss. Like a gentleman from Kildare we helped last week. He had an Outlook .PST file from his old workplace which he had stored on a Maxell DVD-RW. He inadvertently performed a “quick format” on the disc, erroneously thinking a different disc was in his DVD tray. His heart sunk as he thought that 9 years’ worth of emails and contacts we now gone into the ether. He contacted us.

The data recovery process for this type of data loss is cut and dry. Firstly, we configured the read-speed settings on our DVD reader to read at the slowest possible speed and then ran a utility IsoBuster called on his disc. This recovered his .PST file quickly. However, when this file imported into Outlook, it still would not read. The error “outlook.pst is not an outlook data file” appeared. So, we ran SCANPST on the folder and re-tried. (SCANPST is a utility built into Windows OS to repair minor errors in .PST files). The utility found some errors which it repaired. The second import of the .PST file worked with all the client’s contacts and old emails now appearing. A very quick data recovery case! I hope this post helps someone else who has experienced the same problem.

Drive Rescue Data Recovery are based in Dublin, Ireland. We recover data from most brands of hard disk including Seagate, Toshiba, WD, Samsung, Iomega, LaCie, Intenso, Adata and Transcend. Find out more on:

Giving Back @ Drive Rescue

Pictured: Robert Scanlon of Drive Rescue and Brother Sean Donohoe of the Capuchin Day Centre


Drive Rescue recently presented their annual donation to the Capuchin Day Centre in Dublin. The centre provides 800 meals a day to people who are homeless or in need. The centre also distributes 1400 food parcels in Dublin in 350 in Kilkenny for people on the poverty threshold. It receives only partial funding from the Irish government. The centre does not run PR or advertising campaigns. It generates most of its income from the goodwill and generosity of the Irish people. It was a pleasure being able to help them.  If you would like to help, you can make a donation here:


Data Recovery from Intel 5400s (Intel 540) Pro 240GB SSD

A customer recently dropped in an Intel 5400s Pro solid-state disk to us for data recovery. They first noticed a problem with the disk when, upon starting their Dell Inspiron laptop, they received the “no boot device found” error message.  They removed it from their laptop and connected to another computer using a USB dock – but the disk could still not be seen.

Disk architecture

The solid-state disk, an Intel 5400 (lately, this model has been marketed as the 540 as Intel has recently abandoned the four-digit naming convention for their SSDs) holds 240GB of data and uses a Silicon Motion 2258 controller. The PCB holds 8 x 30GB SK Hynix memory chips using TLC NAND and uses an S-ATA 3.0 interface.


Upon delivery of the disk, we connected it to a standard Windows PC. The make or model number was not detected by the BIOS. At this stage, we were beginning to suspect controller failure. But making assumptions in data recovery can easily set your recovery methodology on the wrong track – so more analysis was needed. Physical inspection of the PCB revealed dies tightly bonded to the board and no signs of thermal stress.  Using a multi-meter in voltage mode, readouts showed that all areas of the disk’s PCB were getting the correct voltage. So, we could safely eliminate a power issue as being the problem.

SSD data recovery process

We then put the disk into what is known as technological mode. This is a mode used by disk manufacturers themselves to perform diagnosis on disks which have been returned to them. It helps them spot design defects (with the disk controller, NAND, DRAM, etc.) which are then used by their R&D departments to (hopefully) make reliable disks. But technological mode also allows data recovery technicians to bypass the inbuilt controller and use an emulator. (I’m sure this “backdoor” access to a disk also comes in very handy for the NSA…). The controller plays a vital role in the operation of an SSD. It performs bad block management, logical block addressing, wear-leveling, error correction control and interleaving. We uploaded a Silicon Motion 2258 translator module to our recovery system. The disk successfully ID’ed. The NTFS volume finally appeared, but with errors.  We made an image of the volume and then using this image made reparations to the NTFS partitions.

The result

After several hours work, we now had the disk’s two NTFS partitions fully recovered. The files, mostly V3D (medical imagery) files and one gigantic 33GB PST (Outlook store folder) were extracted onto external USB 3.0 drive for the more-than-satisfied client.


Drive Rescue Data Recovery is based in Dublin, Ireland.  We perform SSD data recovery from most brands of SSD including Samsung Evo, Crucial, SanDisk, Toshiba OCZ, Integral, Adata and PNY. For more information log onto or phone us on: 1890 571 571

Don’t forget to check the “found.000” folder after running CheckDisk.

CheckDisk is a file system integrity checker built into Windows’ operating systems. (It runs a FS integrity check similar to the “verify” command in OS X‘s Disk Utility). For the most part, where small file system errors exist on FAT and NTFS volumes, CheckDisk does a reasonable job at repairing them.  However, occasionally it repairs the file system, but the volume will still be inaccessible to the user. This is because Checkdisk stores the recovered files in a newly created folder called “found.000”. Last week, a customer dropped in an NTFS formatted Samsung Momentus 2.5” disk to us. Another data recovery company in Dublin wanted to charge them hundreds of euro for recovery. But the files were already on the system in the folder found.000! This job took all but 10 minutes to diagnose and resolve. We did not charge anything to the delighted customer. It was a simple fix. Next time you run CheckDisk on a disk with small errors, don’t forget to check the folder “found.000”- you could end up saving yourself a lot of money.