Slashdot Mirror


Secure Hard Drive Deletion Appliance?

An anonymous reader asks "I am searching for a box into which I can plug a hard drive (IDE or SCSI of various flavors) and automatically begin a secure deletion process (DoD 2250 compliant or the like would be good). This is normally for dead drives which need to be RMA-ed. Because of various regulations (HIPAA for starters), we need to at least attempt to do a good job clearing the disk. I've heard from a number of places, including this Slashdot story, that degaussing isn't great. There are software solutions out there, but in general, I want to toss a replacement hard drive in and not have to hunt around for hardware to put the bad drive in in order to run the software. Given the right case, a solid state drive, some SCSI cards and one of various pieces of software, I can imagine such a beast. Has anyone seen someone selling something like this?" No case-opening is necessary to use a USB/IDE converter, which might be a good middle ground. Any other ideas?

8 of 573 comments (clear)

  1. BCWipe by jascat · · Score: 5, Interesting

    I have used BCWipe to declassify Secret hard drives. They have a DOS version you can throw on a MS-DOS boot disk and a linux version you can put on a livecd. Either works equally well.

    1. Re:BCWipe by jascat · · Score: 4, Interesting

      From everyone I talked to at various levels, it is actually recommended. The important part is that it supports the DoD prescribed method.

  2. The ONLY current method proven to be secure by hellomynameisclinton · · Score: 4, Interesting

    These guys have even done the demonstration for you:
    http://driveslag.eecue.com

  3. Still Risky Indeed by Nik13 · · Score: 4, Interesting

    If the drive is faulty, you just might not be able to overwrite the info (not reliably anyways).

    I'm surprised he's even looking for this. I work in a place where for similar regulations we have to wipe HDs securely before disposal, but that's only for working ones. Damaged HDs cannot be sent back because of the info on them, they have to be destroyed locally. We take the platters out, but I'm not 100% sure how they get destroyed (probably degaussed then physically damaged). The companies we buy PCs from are aware of this too. If a drive dies in one of the PCs that's still under warranty, they replace it and we keep the old drive for proper disposal.

    Such a device would only be useful for disposing of old PCs with functionnal HDs in them. I can't see the regulations let them do this.

    --
    ///<sig />
  4. Degausser by ka9dgx · · Score: 4, Interesting
    If you want the data gone, but can't physically destroy the patters, you'll need more than the tape demagnetizer from Radio Shack to degauss it. You need a DC magnetic field, a damned strong one. The field at the surface of the disk platters must be at least 3000 Oersted (0.3 Tesla).

    The drive housing may, in fact, shunt the field around the drive if it is ferromagnetic. (See if a magnet sticks to it)

    If it were me, I'd make a nonmagnetic aluminum housing to screw the drive onto, pad the hell out of it (just incase I slipped), and head on over to Radiology, and use a 10 Tesla (or stronger) MRI to erase that bad boy. I'd rotate it in all 3 dimensions, more than once, just to make sure.

    If the field you use demagnetizes to the servo and drive magnets, it'll probably be safe to return for replacement.

    I agree that it's probably better to eat the cost of the drives than to risk the getting made the poster child for HIPAA. (You just know they'll looking for someone pull a Martha Stewart on.)

    --Mike--

  5. VIDEO - Destroying Drives with Acid and Thermite by ghobbsus · · Score: 4, Interesting

    There was a two-part segment on the Screen Savers with Patrick Norton and Kevin Rose covering methods of data destruction, including software, grinding, acid, thermite...

    Watch it here

  6. Don't Destroy - Encrypt by dsginter · · Score: 4, Interesting

    SafeGuard Easy

    Plenty of businesses use it to encrypt a hard drive (boot time password) prior to production. This way, if the drive fails mechanically and the data can't be destroyed (without physically destroying the drive), the data is still encrypted. As a plus, there is no need to wipe a drive since you only need erase the SafeGuard Kernel which renders it just about as useless. There was a case a while back where one of the European countries tried to brute force this software for a criminal trial and could not do so.

    For HIPAA, you'll need to physically destroy a drive if it has failed mechanically and you can't otherwise wipe it.

    Don't get me wrong - this software is a pain in the ass since you have to decrypt a drive using the admin software if the underlying OS becomes unbootable. But it is a relatively simple solution, otherwise.

    --
    More
  7. Re:Still Risky by fireloins · · Score: 4, Interesting

    I always figured that the safest way to wipe a hard drive would be to heat it up above the Curie temperature. Once all of those domains are randomized, there ain't no information left. Anyone have any idea what T_C is for a hard drive platter? I would guess its in the 700K range, which unfortunately is too hot for your standard oven. But if you have a friend who works at a brick oven pizza parlor, that would probably do the trick.