Slashdot Mirror

← Back to Stories (view on slashdot.org)

Secure Hard Drive Deletion Appliance?

Posted by timothy on from the write-a-lot-of-xs-and-os dept.

An anonymous reader asks "I am searching for a box into which I can plug a hard drive (IDE or SCSI of various flavors) and automatically begin a secure deletion process (DoD 2250 compliant or the like would be good). This is normally for dead drives which need to be RMA-ed. Because of various regulations (HIPAA for starters), we need to at least attempt to do a good job clearing the disk. I've heard from a number of places, including this Slashdot story, that degaussing isn't great. There are software solutions out there, but in general, I want to toss a replacement hard drive in and not have to hunt around for hardware to put the bad drive in in order to run the software. Given the right case, a solid state drive, some SCSI cards and one of various pieces of software, I can imagine such a beast. Has anyone seen someone selling something like this?" No case-opening is necessary to use a USB/IDE converter, which might be a good middle ground. Any other ideas?

9 of 573 comments (clear)

  1. Still Risky by fembots · · Score: 5, Insightful

    If you have something so important, it might be best to destroy/keep the dead drives and pay for new ones, which aren't that expensive compared to the risk of someone finding out a way to recover your data even after it's been processed by the state-of-the-art secure deletion processor.

    I believe the information is secured only if it's still in your hand.

    --
    Rock that crushes, Paper & Scissors that don't matter.
    1. Re:Still Risky by forkazoo · · Score: 5, Informative

      Uhhh... I disagree. I work at an organisation which falls under HIPAA. All the money we would spend on new hard drives for no apparent reason would mean that developmentally delayed persons in the community would be unable to get access to the resources we exist to provide.

      Whenever somebody moves from one department to another, they need either a new PC, new HD, or a fresh setup on their old PC after a secure wipe. Every time somebody leaves the organisation, or a new person arrives. Every time a drive dies and the PC needs to get a new one under warranty.

      Right now, I am probably doing a minimum of ten secure wipes every month. A new hard drive would cost roughly a hundred bucks. That's 12,000 dollars annually, minimum, just on hard drives, which would be wasted. That's a certain number of hours we would need to cut back the day program, leaving mentally retarded people roaming the streets without any help. Including the mentally retarded people who aren't allowed near children because they have sexually assaulted them in the past. That's a certain number of winter coats that can't be bought for people who can't work a steady job.

      So, we use a utility called DBAN, Darik's Boot And Nuke. It's part of a free x86 rescue CD I downloaded. It comes with a bootable linux live CD, which includes an ntfs resizer, and memtest86. I usually just run it in teh machine where the HD is, rather than pulling the HDD out. In particular, this is much handier for laptops than a special device would be. OTOH, it would be easy enough to get an external hot swap caddy, and use it as your appliance, just plug it into any machine.

      Also, you can always just dd /dev/random onto your disk a few times. Anybody know any good reason why that would be insuffiecient?

    2. Re:Still Risky by Marty200 · · Score: 5, Insightful

      Whenever somebody moves from one department to another, they need either a new PC, new HD, or a fresh setup on their old PC after a secure wipe. Every time somebody leaves the organisation, or a new person arrives. Every time a drive dies and the PC needs to get a new one under warranty.

      Right now, I am probably doing a minimum of ten secure wipes every month. A new hard drive would cost roughly a hundred bucks. That's 12,000 dollars annually, minimum, just on hard drives, which would be wasted.

      You are missing the point. You can wipe a fully function drive that is staying inside your organisation and be fairly sure no one will get to the deleted info. But if the drive is broken, you can't besure the drive has been fully erased. And then you are sending it off to someone outside your organisation who may decided to see what you left on it.

      Also, you can always just dd /dev/random onto your disk a few times. Anybody know any good reason why that would be insuffiecient?

      Because the drive is broken. Chances are you can't write to it.

      Best bet is to keep the drives and destroy them yourselves. If you buy enough stuff you can probably get something worked out with your vendor so you get a deal on warranty replacements.

      MG

      --

      Randomly distributing Karma whenever possible.

  2. dban.sourceforge.net by Anonymous Coward · · Score: 5, Informative

    dban.sourceforge.net

  3. BCWipe by jascat · · Score: 5, Interesting

    I have used BCWipe to declassify Secret hard drives. They have a DOS version you can throw on a MS-DOS boot disk and a linux version you can put on a livecd. Either works equally well.

  4. Drive Duplicator... by hated · · Score: 5, Informative

    http://www.driveduplicators.com/124.html

    Its primarily a hard drive duplicator but it also has DoD 5220.22-M level wipe. Sorry to plug a specific product :)

  5. Re:A smashed drive tells no tales by SYFer · · Score: 5, Funny

    Might I suggest the Wilton 20003 12 lb. Unbreakable Double Faced Sledge Hammer? At 12 pounds and with a shock absorbing handle, you'll find this fully OSHA-compliant device will serve your needs admirably.

    And yes, this most certainly IS an Amazon affiliate link. I believe that if the submitter or other government officials purchase this mission-critical security appliance, I am entitled to my consulting fee. As for the parent poster, well... Uh, I'll buy him a beer when the windfall from this new sledge hammer gig comes rolling in.

    --
    "...all the labours of the ages, all the devotion, all the inspiration, all the noonday brightness..." yada yada
  6. Re:DBAN - Darik's Boot and Nuke by ErnieD · · Score: 5, Informative

    I'll second that, I've used DBAN a few times just in the last few days on old drives we're preparing to toss (finally retiring very old hardware).

    I run it from the Ultimate Boot CD, http://www.ultimatebootcd.com, which has a ton of other diagnostic utilities on it, including the drive diag tools from all the major manufacturers. Extremely handy little CD to have around.

  7. Re:Data destruction. by claudius0425 · · Score: 5, Informative

    While this may seem at first to be just a one off joke, there is really alot to be said for torching a drive. In addition to the massive physical damage, you will heat the magnetic layers past their Curie point, so their magnetic orientation won't matter: they won't be magnetic anymore.

    Happy torching!

    --
    Phus. Sysiphus.