Slashdot Mirror
Secure Hard Drive Deletion Appliance?
An anonymous reader asks "I am searching for a box into which I can plug a hard drive (IDE or SCSI of various flavors) and automatically begin a secure deletion process (DoD 2250 compliant or the like would be good). This is normally for dead drives which need to be RMA-ed. Because of various regulations (HIPAA for starters), we need to at least attempt to do a good job clearing the disk. I've heard from a number of places, including this Slashdot story, that degaussing isn't great. There are software solutions out there, but in general, I want to toss a replacement hard drive in and not have to hunt around for hardware to put the bad drive in in order to run the software. Given the right case, a solid state drive, some SCSI cards and one of various pieces of software, I can imagine such a beast. Has anyone seen someone selling something like this?" No case-opening is necessary to use a USB/IDE converter, which might be a good middle ground. Any other ideas?
Re:Oh, man. Hear it comes. (Score:5, Informative)
by QuaZar666 (164830) Alter Relationship on Thu 16 Jan 04:03AM (#5091822)
Now days the dod drills a hole through the platter on drives that are bad that have to be RMA'd and have contracts so all they have to return is the top of the drive with the label. as for drives they no longer need i do not know. im guessing they write 0 and 1 patterns on the drive 7+ times. (even then data recovery services could recover it)
Silly, but I have this association:
Ground control to major tom
Your circuit's dead, there's something wrong
Can you hear me, major tom?
CC.
TaijiQuan (Huang, 5 loosenings)
I have used BCWipe to declassify Secret hard drives. They have a DOS version you can throw on a MS-DOS boot disk and a linux version you can put on a livecd. Either works equally well.
These guys have even done the demonstration for you:
http://driveslag.eecue.com
I think HIPPA requirements are met by the electronic equivalent of a cross-cut shredder, destruction beyond all possible recovery is not required. A multi-pass overwrite is probably enough. Almost all bootable Linux CDs have the basic tools to do this, but you may find it handy to write a shell script to automate the process. Some may even have e-z shredders right there in the KDE or Gnome menus. Get a distro that reads USB drives and an external USB/IDE box and you are in business.
Another possiblity is to use Bart's PE Builder and one of many MS-Windows-based shredders to make a bootable MS-Windows XP CD that does the same thing.
If overwriting the data one or more times does NOT meet legal requirements, then you should overwrite the data once as a precaution in case someone steals the drive before you can permanently erase it, disassemble the drive, drill holes in the platters, then heat the platters, including the drilled-out parts, long enough to completely degauss them. A fireplace should do the trick, but an autoclave or better yet a pottery or cement kiln would do a better job. A kiln might actually melt the platters, which is pretty much the ultimate in data destruction.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
...is my recommended approach. I actually built one of these myself, powered by an embedded Linux PC that boots from CD-ROM. It uses modular exponentation to generate a cryptographically random sector distribution list, to which it writes entropy data generated from an onboard Random Event Generator. It repeats this process 10 times consecutively, then cuts power to the drive and degausses the entire disk. This process is extensive enough to ensure that even the world's most sophisticated data recovery experts will recovery nary a bit from such a drive, and I've automated it to a plug and play process. Simply insert the drive into the degaussing chamber and attach data and power cables, then throw the switch. Wait about an hour or so, and the drive comes out irrevocably blank.
Drop a nice little mixture of aluminum and iron oxide on the drive, ignite it. Nothing will retrieve that data, not even electron microscopy.
There are various levels of 'dead' For example a drive that is 'clicking' should be backed up and replaced asap, but you could still get usefull data from it. Likewise for a drive that is giving access errors.
-- Please insert another quarter
If the drive is faulty, you just might not be able to overwrite the info (not reliably anyways).
I'm surprised he's even looking for this. I work in a place where for similar regulations we have to wipe HDs securely before disposal, but that's only for working ones. Damaged HDs cannot be sent back because of the info on them, they have to be destroyed locally. We take the platters out, but I'm not 100% sure how they get destroyed (probably degaussed then physically damaged). The companies we buy PCs from are aware of this too. If a drive dies in one of the PCs that's still under warranty, they replace it and we keep the old drive for proper disposal.
Such a device would only be useful for disposing of old PCs with functionnal HDs in them. I can't see the regulations let them do this.
///<sig
The drive housing may, in fact, shunt the field around the drive if it is ferromagnetic. (See if a magnet sticks to it)
If it were me, I'd make a nonmagnetic aluminum housing to screw the drive onto, pad the hell out of it (just incase I slipped), and head on over to Radiology, and use a 10 Tesla (or stronger) MRI to erase that bad boy. I'd rotate it in all 3 dimensions, more than once, just to make sure.
If the field you use demagnetizes to the servo and drive magnets, it'll probably be safe to return for replacement.
I agree that it's probably better to eat the cost of the drives than to risk the getting made the poster child for HIPAA. (You just know they'll looking for someone pull a Martha Stewart on.)
--Mike--
There was a two-part segment on the Screen Savers with Patrick Norton and Kevin Rose covering methods of data destruction, including software, grinding, acid, thermite...
Watch it here
SafeGuard Easy
Plenty of businesses use it to encrypt a hard drive (boot time password) prior to production. This way, if the drive fails mechanically and the data can't be destroyed (without physically destroying the drive), the data is still encrypted. As a plus, there is no need to wipe a drive since you only need erase the SafeGuard Kernel which renders it just about as useless. There was a case a while back where one of the European countries tried to brute force this software for a criminal trial and could not do so.
For HIPAA, you'll need to physically destroy a drive if it has failed mechanically and you can't otherwise wipe it.
Don't get me wrong - this software is a pain in the ass since you have to decrypt a drive using the admin software if the underlying OS becomes unbootable. But it is a relatively simple solution, otherwise.
More
When you say "secure" I have to ask "how secure?"
For example, in any situation that deals with classified data, once classified the disks can never, ever be unclassified without physical destruction. Part of the reason is that data recovery technology is VERY good, a few years ago, state of the art was the ability to recover data that had been overwritten up to 20 times.
In a nutshell, it worked by looking at the "edges" of the data tracks, because of the minute variations in head positioning, each time the drive wrote out data, the write head was not perfectly centered so there would be enough "splash" on the sides of the track to be able to recover the information. And that was a few years ago, who knows how good the tools are today.
Another thing to watch out for with all of these software solutions - you can only over-write what you can access. If the disk has acquired new bad sectors during its use, the controller automagically copies the data to a spare sector and then puts the bad sector on the "grown defect list." Generally, through software, you can't get to the sectors on the grown defect list - the controller has them remapped to the new sectors But, someone with the right tools can usually read those sectors well enough to extract the data from them.
Do you care about that level of security? I don't know, but you should at least be aware of fragility of most solutions proposed here so far.
When information is power, privacy is freedom.
I always figured that the safest way to wipe a hard drive would be to heat it up above the Curie temperature. Once all of those domains are randomized, there ain't no information left. Anyone have any idea what T_C is for a hard drive platter? I would guess its in the 700K range, which unfortunately is too hot for your standard oven. But if you have a friend who works at a brick oven pizza parlor, that would probably do the trick.
I have no doubt that you could use an AVR or PIC microcontroller to do this, and it wouldn't even be hard to design. IDE interface, microcontroller, maybe some kind of random number generator, and you'd be set.
This is kinda interesting, I think I'll look into it. Add a few buttons on the front of the dongle to chose your paranoia level..
Step 1: Put drive on anvil and pound on it w/8-pound sledgehammer until no piece of the media is bigger than a quarter.
Step 2: Collect pieces, and slag in gas-fired incinerator.
Regards;
Do what governments do. Grind the HDs to dust (metalic and otherwise). Then store the dust. My recomendation is to melt the grindings down and turn them into paperweights for the office. No chance of a lawsuit if, for some reason, an HD doesn't get wiped.
Fly me to the moon Let me sing among those stars Let me see what spring is like On jupiter and mars