Slashdot Mirror

← Back to Stories (view on slashdot.org)

Secure Hard Drive Deletion Appliance?

Posted by timothy on from the write-a-lot-of-xs-and-os dept.

An anonymous reader asks "I am searching for a box into which I can plug a hard drive (IDE or SCSI of various flavors) and automatically begin a secure deletion process (DoD 2250 compliant or the like would be good). This is normally for dead drives which need to be RMA-ed. Because of various regulations (HIPAA for starters), we need to at least attempt to do a good job clearing the disk. I've heard from a number of places, including this Slashdot story, that degaussing isn't great. There are software solutions out there, but in general, I want to toss a replacement hard drive in and not have to hunt around for hardware to put the bad drive in in order to run the software. Given the right case, a solid state drive, some SCSI cards and one of various pieces of software, I can imagine such a beast. Has anyone seen someone selling something like this?" No case-opening is necessary to use a USB/IDE converter, which might be a good middle ground. Any other ideas?

14 of 573 comments (clear)

  1. dban.sourceforge.net by Anonymous Coward · · Score: 5, Informative

    dban.sourceforge.net

  2. DBAN - Darik's Boot and Nuke by slashjames · · Score: 4, Informative

    http://dban.sourceforge.net/
    Good hardware detection, GPL.

    1. Re:DBAN - Darik's Boot and Nuke by ErnieD · · Score: 5, Informative

      I'll second that, I've used DBAN a few times just in the last few days on old drives we're preparing to toss (finally retiring very old hardware).

      I run it from the Ultimate Boot CD, http://www.ultimatebootcd.com, which has a ton of other diagnostic utilities on it, including the drive diag tools from all the major manufacturers. Extremely handy little CD to have around.

  3. Unscrewed segment covered topic by wherley · · Score: 4, Informative

    See http://www.g4tv.com/unscrewed/features/45707/Dark_ Tip_Destroy_All_Data.html
    have a few pieces of s/w and h/w mentioned there. use the floppy method on a standalone machine to plug your disk into and wipe it. try Darik's Boot and Nuke method: http://dban.sourceforge.net/

  4. Re:You could have... by Rei · · Score: 4, Informative

    It basically means that everyone who works in the medical industry has to jump through hoops to make sure that anything that could compromise your privacy doesn't get out without your permission. This goes to the extent that when working with MRI images for cross-site study, we have to use custom face-removing software so that someone can't reconstruct what your face looks like from the 3d data. And even then, there are debates about how much skull needs to be removed...

    --
    sed "s/SJW.*$/... never mind. I was about to say something stupid, and also, I'm a troglodyte./Ig"
  5. Drive Duplicator... by hated · · Score: 5, Informative

    http://www.driveduplicators.com/124.html

    Its primarily a hard drive duplicator but it also has DoD 5220.22-M level wipe. Sorry to plug a specific product :)

  6. Re:You could have... by Ingolfke · · Score: 4, Informative

    what the heck is HIPAA?

    Try the Health & Human Services - Office for Civil Right - HIPAA for some information. HIPAA is relevant to the article because it strengthened medical privacy laws.

  7. No RMAs are the cost of doing business by metoc · · Score: 4, Informative

    The general rule of thumb for data security sensitive industries is to never return the platters.

    Most governments have arrangements to either get a discount up front, or to get the manufacturer to accept the top cover as proof the drive is destroyed, and then provide a warranty replacement.

    For everyone else it is the cost of doing business. Depending on your business the risk is measured in years in court, 7+ digit claims and real impacts on stock price. Replacing failed harddrives out of pocket is cheap.

    Best thing to do is remove the platters and store them as they take up less space, and once you have enough pay a degauss service to blast the entire box. Even then, get an artist to turn them into a piece of art for your front lobby.

    1. Re:No RMAs are the cost of doing business by djtack · · Score: 4, Informative

      I work for a university, and I have been able to get warranty replacements from Western Digital by faxing them a letter on company letterhead, explaining the reasons why we can't return the drive, and attaching a picture of the drive's top plate.

      We then let the geeks have fun destroying the disks. ;) But the parent is absolutely right. If you can't get replacements this way, you'll just have to deal with the cost of replacing them yourself.

  8. Re:Still Risky by forkazoo · · Score: 5, Informative

    Uhhh... I disagree. I work at an organisation which falls under HIPAA. All the money we would spend on new hard drives for no apparent reason would mean that developmentally delayed persons in the community would be unable to get access to the resources we exist to provide.

    Whenever somebody moves from one department to another, they need either a new PC, new HD, or a fresh setup on their old PC after a secure wipe. Every time somebody leaves the organisation, or a new person arrives. Every time a drive dies and the PC needs to get a new one under warranty.

    Right now, I am probably doing a minimum of ten secure wipes every month. A new hard drive would cost roughly a hundred bucks. That's 12,000 dollars annually, minimum, just on hard drives, which would be wasted. That's a certain number of hours we would need to cut back the day program, leaving mentally retarded people roaming the streets without any help. Including the mentally retarded people who aren't allowed near children because they have sexually assaulted them in the past. That's a certain number of winter coats that can't be bought for people who can't work a steady job.

    So, we use a utility called DBAN, Darik's Boot And Nuke. It's part of a free x86 rescue CD I downloaded. It comes with a bootable linux live CD, which includes an ntfs resizer, and memtest86. I usually just run it in teh machine where the HD is, rather than pulling the HDD out. In particular, this is much handier for laptops than a special device would be. OTOH, it would be easy enough to get an external hot swap caddy, and use it as your appliance, just plug it into any machine.

    Also, you can always just dd /dev/random onto your disk a few times. Anybody know any good reason why that would be insuffiecient?

  9. Re:Data destruction. by claudius0425 · · Score: 5, Informative

    While this may seem at first to be just a one off joke, there is really alot to be said for torching a drive. In addition to the massive physical damage, you will heat the magnetic layers past their Curie point, so their magnetic orientation won't matter: they won't be magnetic anymore.

    Happy torching!

    --
    Phus. Sysiphus.
  10. Re:BCWipe by TFloore · · Score: 4, Informative

    Is BCWipe legally authorized for that use though?

    That's easy...

    NO.

    BCWipe and other such applications will allow you to use a classified (up to SECRET only, nothing more sensitive) harddrive in an unclassified computer/network, but you must STILL track that harddrive, and physically destroy it when you excess the computer. The utility is approved for re-purposing the drive, but it must still be disposed of as any other classified storage, i.e., physically destroyed.

    TS and higher drives may NOT be re-purposed like this, they must be physically destroyed.

    Generally, "physically destroyed" means the drive must be disassembled, and the individual platters wiped with a magnet of a gauranteed minimum field strength. (Sorry, I'd tell you the required field strength, but I don't remember off hand.) After this, the platters can be disposed of just like shredded classified documents would be.

    10 years ago using BCWipe-style software was approved in DOD for declassifying harddrives. This is not the case any more. Pay attention to how harddrives work. They've gotten too smart for this to be guaranteed to wipe data now. They ship with "excess" sectors, and can internally remap any bad sectors to these excess sectors, reading data from them and copying it when the sector is internally detected as "going bad but still accessible". Data in these "bad" remapped sectors can be accessed when the drive is connected in diagnostic mode. If you have a classified storage device, within certain boundaries, you won't know if the drive has performed such a remapping and hidden classified data that could be recovered by an intelligent operator. Therefor, BCWipe-style software is only approved for re-purposing where you maintain physical control of the harddrive. To dispose of the harddrive, you must physically destroy it, basically because the drives have gotten too smart.

    --
    This is my sig. There are many like it but this one is... Oops. Frank, I've got your sig again! Where's mine?
  11. Re:Still Risky by bersl2 · · Score: 4, Informative
    Read the DBAN FAQ page:
    Q: Is the Gutmann method the best method?

    A: No.

    Most of the passes in the Gutmann wipe are designed to flip the bits in MFM/RLL encoded disks, which is an encoding that modern hard disks do not use.

    In a followup to his paper, Gutmann said that it is unnecessary to run those passes because you cannot be reasonably certain about how a modern hard disk stores data on the platter. If the encoding is unknown, then writing random patterns is your best strategy.

    In particular, Gutmann says that "in the time since this paper was published, some people have treated the 35-pass overwrite technique described in it more as a kind of voodoo incantation to banish evil spirits than the result of a technical analysis of drive encoding techniques. As a result, they advocate applying the voodoo to PRML and EPRML drives even though it will have no more effect than a simple scrubbing with random data... For any modern PRML/EPRML drive, a few passes of random scrubbing is the best you can do".

    Read these papers by Peter Gutmann:
  12. Discussed to death by experts by Decker-Mage · · Score: 4, Informative
    We've discussed this issue to death over in the Computer Forensics list (http://www.securityfocus.com). The conclusion is that the only mechanism that is absolutely compliant is physical destruction of the platter(s). There is a deguasser that may meet current compliancy requrements (note: current!), however it runs about $40,000 per unit and as coercivity increases with new designs, will quickly become obsolete.

    Sorry folks, I'd rather rely on my community there than a bunch of fellow /.'s (grin). Elitist? Yar!

    --
    "[I]t is a wise man who admits the limits of his knowledge or skill, and that pretending either causes harm." --Terry Go