Let's assume I store sensitive information on a SSD and I want to erase it without secure erasing the whole drive. I erase or overwrite the file. The OS supports TRIM, so the block containing the sensitive information is marked for the garbage collector to erase.
How long can I expect the garbage collector to take to actually erase the block? Seconds? Hours? Never if the disk does not contain enough data yet? I understand this will vary depending on the SSD controller, but I don't even have an idea of the figures to expect. Any information or references to technical papers would be much appreciated.
Best Answer
For keeping "sensitive information" you should consider the time to be "Never". Not only do you have TRIM to be concerned about, but if a cell is swapped out for "wearing out" that the data in that cell can never be erased as worn out cells in SSD drives do not loose their data but become read-only.
If you have sensitive information it must stored inside a encrypted container and a unencrypted version must never reside on the hard drive. Due to how modern software and operating systems work, quite often using temporary files that could contain a copy of the data you are working with, the only safe way to do this is do full drive encryption on the drive so there is no space for temporary files to be stored that is not encryptied.
(P.S. If the sensitive data was already on the drive unencrypted but then you encrypt the drive with full drive encryption you still must treat the drive as if it had unencrypted text on it. This is because some of the sensitive information could be sitting in one of those read-only worn out sectors and enabling full drive encryption can't overwrite those read-only cells. The only "safe" way to do it is encrypt a drive that has no sensitive information on it then start using it to store sensitive information only after full drive encryption has been performed.)