Slashdot Mirror
"Smash Your Hard Drive" To Fight Identity Theft
Will Do This For Free writes "BBC News has a story about the only fireproof way of safeguarding your personal information when dumping your old computer: 'It sounds extreme, but the only way to be 100% safe is to smash your hard drive into smithereens. [...] The more thoroughly the better.'
This sounds like so much fun that I almost feel like doing it right now. Let me press Submit Story first."
So...I don't want my data to somehow magically be restored when I throw an old hard disk into a fire? Where can I read more about this amazing data-recovery technology?
This sig is certified free of self-referential humour!
...It's the only way to be sure.
Hey, look! It's Bono's brother.
In other news: sky still blue, water still wet, pope still catholic.
what about using acid?
I have a heavy duty magnet that when placed on the top of the drive makes the drive completely useless.
I doubt anyone could recover data from it, as it is surely scrambled.
and just use dBan, Derrick's Boot and Nuke.
Nothing beats an afternoon of watching dBan and a comfy chair. Beer or whisky optional.
import system.cool.Sig;
You'll have to excuse me. I'm need to go protect my ex-wife from identity theft.
This recommendation from Which? magazine has incensed me today. They're reported as saying "It sounds extreme, but the only way to be 100% safe is to smash your hard drive into smithereens.". There's no need to do this if you use disk wiping software, which is probably even better than a hammer; as the BBC article points out. Darik's Boot And Nuke is perfect for this. It's environmentally criminal to be suggesting the best way to wipe a disk is to smash it.
Pete Boyd
We've been using an RBFH for years to destroy harddrives. Just make sure you have some eye protection.
I'm generally happy to drill a few holes through different parts of the platters and then just whack the whole thing a couple times with a hammer. Sure, someone with a the right equipment and a lot of time on their hands could potentially take the drive apart, and pull some data off the undamaged parts of the disk, but my data isn't worth the trouble.
That being said, I've sometimes smashed them further just for the fun of it, and completely obliterating a drive is a lot harder than you'd originally think. Sure, it stops being functional after you smash it a few times, but it doesn't just bust open and have its guts spill out everywhere. Those little things are solid. It'd be much faster to take one apart with the proper screwdriver set than it is with a claw hammer.
One time I threw a brick at a duck.
"It sounds extreme, but the only way to be 100% safe is to smash your hard drive into smithereens."
And I know of a great way to do that.
== Jez ==
Do you miss Firefox? Try Pale Moon.
The Disk hammer espescially designed for "wipeing" out those problamatic data stains.
They fitted George Orwell's coffin with rollers so he could turn over more easily years ago.
Smash An Identity Thief.
The problem with socialism is that they always run out of other people's money. - Margaret Thatcher
Because those smithereens contain environmentally harmful materials, they should be recycled - for instance at the vendor from whom a new hard drive is purchased.
Or just RMA it.
Dear Seagate, I've only had your drive a few weeks and it smash itself to smithereens.
Or you could, you know, overwrite the bits with new garbage data.
At work, we've had dealings with data recovery labs and they've never, ever been able to retrieve anything useful.
Mod me down, my New Earth Global Warmingist friends!
dd if=/dev/zero of=/dev/sda Could a disk so written be recovered?
I fill mine with concrete and drop them in the ocean. Stuffed inside an informant, of course.
Nobody will be getting more information from either one.
I am intrigued by the clever use of a hammer in the video, I may have to modify my method slightly.
Oh I dunno. I've found Windows vista renders most hardware inoperable. At least this state of the art piece of pc I've had under my desk runs slower than ever, now that it's got the latest/greatest os on it. You could bore identity thieves to death with transparent windows and shiny icons.
http://www.beanleafpress.com
I drill holes in the HDD's from work. If they have glass platters, they shatter, done deal. If they are metal, they get a hole all the way through every platter.
My thoughts - if someone goes through the effort of trying to retrieve data from a drive in that condition, they've "earned" it.
Maybe I'm ignorant to how some data recoverey techniques are used, but, as far as I understand it, it has to be read from a head while the platter spins. When the head comes across a 1/2" hole, good-bye heads...
His PC died due to dust accumulation (fried mobo, dead power supply, fused RAM) and he asked me what to do with his system. I told him the only thing he needed to worry about was his HD. Told him to drill a few holes in the drive, use a blowtorch in those holes if he still had one (he used to work in home remodeling), smash the drive with a hammer and put it in a bag with his used cat litter (they have two cats).
If someone is desperate enough to want the information on his drive, they're going to have to work for it.
We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
why not try a low level format?
when there is a drive deguasser a few steps from my station.
I periodically contract with a company to dispose of old hardware for my company. The first time i talked to them, they mentioned they shredded old media. I assumed he meant floppies and tapes and the like. Given the nature of the material, it didn't seem that impressive, but certainly nice. When I got the estimate, I was a bit shocked--why was it so high? Then they explained--by "media," they meant hard drives. They sent me a PDF on the equipment. Hard drives are removed from machines, and placed on a conveyor belt. This fed the hard drive into the shredder. On the other end, bits of metal came out. I begged them to let me operate it--just for one or two drives. Damn lawyers!
Throwing into fire is not enough, the magnetic domain on the platter is still there for highly technical team to retrieve. You have to melt the hard disk into liquid and stir thoroughly.
There was nothing of substance in the video. The guy smashed his drive, Ontrack said it was smashed and couldn't be recovered...but then went on to say, "But we are really good at restoring water damaged drives!"
The whole discussion is made pointless when Ontrack says, "Oh, we can't restore a zero'd drives either."
Seriously, can't we feed starving children with these obselete hard drives? ....
Or cure cancer, or aids by grinding them up and snorting the powdered hard-drive?
We could donate them all to nigera to kickstart their fledgling tech-as-infrastructure construction economy!
Or reverse the polarity of the magnetic field of the sun by launching the magnets into the sun
Or use them as anger management therapy for behaviour therapy kids
Quartz Extreme and Core Image. Are there any other real reasons to spend all that money on generic hardware?
I like my hard disk shaken, not stirred...
PC LOADLETTER, What the hell does that mean?!
Drag it out in a field with you, a few friends, a baseball bat with some good angry background music.
That said, rifles are much better for this. 5.56mm AP rounds do really cool/fun things to HDs :)
I agree with the other posters about dban. For most hard drives it is the best choice.
Magnets are not reliable and because they may render portions of the media unreadable, you can't tell whether everything was wiped.
I had an old SCSI hard drive that dban could not write to. I disassembled it and ground each disc into dust with a grinding wheel.
Wansu, th' chinese sailor
Smashing the hard drive is not good security it's way to easy to read your data. The only way to be sure is to melt it into slag.
Revision3's Systm show had an episode that suggested some ways for destroying a hard drive yourself. They took the position that using a program like Boot'nNuke, which overwrites data 1-N times at your choosing, is sufficient to sanitize data without destroying the drive.
If you want to go the nuclear option, they demonstrated some favorites: mangling the platters in a vice, dremel or hand grinder, propane or cutting torch, melting it in thermite, etc.
A hospital I worked for once, when decommissioning old computers, would take the hard drive over to a drill press and put a couple holes through it. Nowadays I think they've bought a drive shredder.
Is there a single case of someone being able to recover usable data from a drive that was properly wiped more than once with random data? More importantly, has there ever been a case that DOESN'T involve advanced recovery tools that only governments have access to?
Seems to me an old hard drive would make great target practice as well...
1) dismantle the drive and twist the platters with heavy pliers into the shape of an ash tray
2) drill through the platters several times (with a half inch/ 1cm drill), then let soak in a bucket of salt water for a month to corrode everything together.
"It is a greater offense to steal men's labor, than their clothes"
If you do decide to go nuclear on your old drive, take it apart and salvage some parts first. The magnets used in the voice coil (which positions the read arm over the platters) are pretty strong and handy to have. The motor for the platters is compact and powerful and very smooth.
If you are satisfied to just wipe the drive, but not destroy it, and you have no further use for it, may I suggest making wind chimes from the platters.
What about my dynamite?
The platters don't have to be melted, they only need to be heated to the Curie point to loose all their information. Of course, that would still take a pretty hot fire.
Really, there's no need to wipe it more than once unless you honestly think it will matter. At least these guys think so:
http://16systems.com/zero
http://sourceforge.net/projects/diskscrub/
If I'm going to throw a drive away, I zero the partitions out and then drive a big 16 penny nail through the enclosure & platter(s). When it's done, it sounds like a box of crackers when shaken. I'd rather see things reused or recycled but what demand is there for a 1.2Gb drive these days?
Alex, I'll take keybindings not used by Emacs for $400....
Or small amount of thermite over the platters and ignite. Result platters will be a molten pool of slag.
. . . and tell her to put it in a safe place, and that you might need it later.
It's gone forever.
There is no chance that anyone will ever have access to that disk again.
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
My theory is that filling the drive repeatedly with porn videos will sufficiently destroy any personal data by overwriting. Therefore all drives should be relegated to porn storage duties for at least one year before disposal. That's not a server full of porn in the corner, it's a data security device!
Oh no... it's the future.
"It would certainly make smashing a hard drive to smithereens more interesting." and "I wouldn't recommend it though."
... this time, it was glass, which I only realized at the point it shattered and sprayed me with a shower of razor shape shards! Thankfully I still have my eyesight. Still, turning it into smithereens was indeed more interesting. :)
:)
I pulled an old dead hard drive apart about 15 years ago, giving me an interesting shiny metal disk and a motor to play with. I had another drive die about two years ago, so I did the same. Only this time, forcing out what i thought was a metal disk, did indeed give an surprise I wouldn't recommend
Curiosity (nearly) Killed the Cat.
There are 10 kinds of people in the world... those who understand binary and those who don't.
I totally did this with about 100+ harddrives with a sledgehammer where i work it was really fun.
Take your old hard drive out to the shooting range. Don't bother with a plinker like a .22LR... Get something that has some serious kinetic energy like 230 grains of American .44.
Holes... Heat... Distortion...
Geeks with Guns --- GOOD!!
We need to forward this to Tom Dickinson...
Weird, not a single commenter knows that there is a secure erase function built into the drive controller of ALL hard disks. All that you need to do is activate it: http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml
Excuse me, but please get off my Pennisetum Clandestinum, eh!
Or just do what I do, keep the harddrive. Store archival data to it, label it and stack it with others on the shelf.
Simply deleting the files doesn't remove the file data from the hard disk, all it does is remove the directory entries. That's why undelete utilities can work. If you delete the entries from the 'trash can' this makes the disk space that was used to contain the file data available to be over written, but until new files actually DO overwrite the space formerly occupied by the deleted files the data is still there. It would take some geek effort to reconstruct the data by stringing the correct sectors together in the correct order. Something like gluing documents from a paper shredder back together again.
Formating a hard disk doesn't write over EVERYTHING, it does zero out all the directory sectors, and all the allocation tables. What the format operation should be called is 'make file system', which is what Linux actually DOES call this command. Under the Linux mkfs commands there is an option to write some data pattern (or just 'zeros') over every sector that will be used for file data when creating a file system. This can take hours on a large hard disk, but it is what you want to do to make sure your data is really erased from the hard disk. Another way is to perform a complete low level format, this requires the disk drive makers own software tools.
Even if you actually DO over write the entire disk with some data pattern it might still be possible to recover the data, but this will require special hardware to perform an analog read of the disk and special DSP software to re-construct the data from what ever latent image remains on the disk. This is true CIA type stuff, unless you are on the FBI's most wanted list no one is going to go through that kind of trouble to read data off your thrown away hard disk!
'Which' in the UK are an interesting bunch. Most people that subscribe think very highly of their thorough testing and methods until they read something on a subject they understand and then they realise they're by and large clueless. I've lost count of the number of people I know who used to praise them until their pet subject got featured be that HiFi, computers or washing machines. At that point, they generally cancel their sub.
This very article pretty much confirms that as 'experts' all say Which was going too far.
I want a list of atrocities done in your name - Recoil
- Take old drive.
- Screw drive apart. (Might require Torx screwdriver or bit)
- Take percision manufactured aluminum seperation washers and use them as keyrings, strap-loops or simular stuff.
- Take drive platters and work over them with fine grained sandpaper.
- Move head magnets over them a few times.
- Work over them with even finer grain afterwards.
- Dishwash platters and polish afterwards.
- Dry and clean platters.
- Precisely glue thick undied felt to one side of platter using cut-to-fit carpet tape.
- Cut out platter shape and hole with a sharp knife.
- Use and/or sell as avantgarde design coasters (10$ - 12$ a piece).
- Bring the rest of the dives to recycling, seperating electronics from scrap metal first.
No way anybody will recover any usefull data of a platter after this treatment. And the platter will look like in mint condition. And they make way cool coasters.
We suffer more in our imagination than in reality. - Seneca
When I moved across the US a year ago, I had a ton of older hardware and less room to move into (house to apartment). Basically, I gave everything away that I wasn't actively using.
Rather than muck about with secure erasing or degaussers, I just took the dozen drives out to the shed and beat the daylights out of them. Most of my machines were in various states of not running--so the amount of time I would have had to spend putting together a working machine, swapping around more than a dozen older drives, running secure erase on them ... well, it just seemed a lot simpler. There was no way I was giving intact hard drives to random people I did not know, especially drives that may or may not have been erased enough.
I recommend safety goggles. Some of the boards tend to shatter and send little bits flying everywhere :-)
Could some super spy possibly lift data? Maybe. But no ID theft script kiddie will. I saw it like using a paper shredder--only a lot more fun. Sure, some super spy agency might be able to re-assemble shredded documents or lift data from the mangled platters of my drives--but why should I be worried about them? They already have a current file on me, I'm sure--they don't need old drives ;-)
A friend of mine put it nicely: "There's nothing like the feeling of raw destruction you can wreak with a 10lb sledgehammer." It's right up there with using a proper chainsaw. Deconstructing stuff is *fun* :-D
If I am ever worried about super-spies, I look forward to discovering the wonderful destructive power of thermite :-)
"Doubt your doubts and believe your beliefs." -- Switchfoot, Ode to Chin
I found a local place recycles old computer equipment. For hard drives they use a drill press with what looks like a bit the width of a 50 cent piece that presses the cyclinder or whatever the piece on the hard drive through the other side.
I read years ago (and I'm sure it was made up) of a memo sent out to IT managers in the DOD (United States Department Of Defense). It went.
To properly dispose of hard drives which may contain Top secret information is a 5 step process to be performed in the order specified and by competent engineers.
1. Perform a triple overwrite security erase on the entire disk.
2. Use a bulk degausser (AKA a powerful electro magnet).
3. Crush the drive under a roller or tank tracks, whichever is more convenient.
4. Melt the scrap into slag.
5. Bury that Slag in a toxic waste dump to deter any attempts at data recovery.
That's not exactly how it went but I think this is pretty close. Can anyone find the original?
--= Isn't it surprising how badly I spell ?
I've effectively "safeguarded" several hard drives at my local rifle range. Now that's a fun day out.
I think the torpedo dog was referring to the probable typo in the anchor text.
took the platters out and used a grinder on them to remove the surface.
You mean these guys?
They probably wouldn't see it coming, but I don't know how this practice will help prevent identity theft. And they look like they might smash back, too :-(
Never ask for directions from a two-headed tourist! -Big Bird
a place I used to work for got a new IT manager out of retirement, he used to work at a bank. We upgraded the server and a few of the desktop's HDs one week, and next week we held a "HD smashing party" after work. We tore the hard drives apart, removed the platters and beat them with hammers. I don't know what they're made of - some composite, I've heard glass, aluminum, and ceramic tossed around for terms, but they do behave oddly when smashed. They don't shatter, but the surface does splinter when the platter is bent. Possibly glass / ceramic surface on an aluminum disc?
Overkill for us, we didn't have any really sensitive information on them, but good practice to learn I suppose, and I bet manditory where he came from.
I work for the Department of Redundancy Department.
This is an incredibly stupid idea, UNLESS you're going to securely shred the data contents on the drive itself (i.e. Schneier 7-pass or similar method), and the smash it.
With drive capacities increasing at a geometric rate every single month, even a pinky fingernail-sized chip could contain 10 gigabytes of data. RECOVERABLE data. Are you going to smash the drive platters into pieces the size of matchsticks or smaller? You'll need to if you want to be sure someone isn't going to recover your data from your pieces.
Resist the urge to smash, unless you shred first.
This is like fussing over whether the deadbolt on your front door can resist a shotgun blast when the real problem is forgetting to close the basement windows.
Or it's flattering yourself that your data is all that valuable.
The most important thing to do is... just absolutely anything at all. Most of the stories you read about involve e.g. laptops that have been sold with their drives completely intact (and administrators huffing about "but they were supposed to be erased! We had a policy in place and sent out a memo about it!")
Just put all the files in the trash and empty the trash, and don't worry about some clever hacker with, you know, a copy of Norton. Then you'll be doing better than 99% of all computer owners. If you want to do it right, format the drive, and don't worry about whether you've picked an option that overwrites the files themselves. If you want to do it really right, then use whatever handy utility you know of that claims to write over the whole drive. Just once. With zeroes.
Woody Allen said "80% of life is just showing up." Well, 80% of security is just doing anything, anything at all.
Above all, just be sure to delete the files right away. Don't say "Well, I won't bother right now because I'm having my NMR next month and I'm planning to bring the drive with me and let the NMR machine erase it," or "I'll do it tomorrow, after I get out to Home Depot to buy a sledgehammer."
If, by any chance, you are actually a terrorist and you know that Homeland Security has you under surveillance, then of course it's different. In that case I personally recommend that you leave the drive and files alone.
"How to Do Nothing," kids activities, back in print!
"Unless you're a spook or the kingpin of a criminal consortium, there's no need to go out and buy deleting software and no need to put a hammer through the damned thing,"
What exactly is this supposed to mean? Oh, and I love how a hammer is overkill, but if you're really concerned, just "put it in acid". I don't have a vat of acid sitting around, but guess what I do have? That's right. A hammer.
I saw a documentry about forensic computing and they said they had machines/modified drives etc that could extract data from shards of CD/DVDs, smashed up disk platters and hard drives that had been securely erased (read from residual dta either side of the tracks using modified finer heads). They did say text was much easier than encrypted stuff or images/audio as quite a few inbetween bytes do get lost but on text they had a fairly good recovery rate from burnt chunks of platter and the like.
I want a list of atrocities done in your name - Recoil
In the past I have found use for old hard drives.... .50 cal does to a hard drive.
The firing range. Nothing like seeing was a
...but the only way to be 100% safe is to smash your hard drive into smithereens. [...]
This message brought to you by the Hard Drive Manufacturers Association.
As far I'm concerned, destroying the drive physically is without doubt the safest way to go. Of course, if the drive is still useful I'll wipe it DOD and repurpose it. But when it's time to dispose of those old platters, the drive will meet a harsh end. One of my favorite how-to vids on the topic: http://www.youtube.com/watch?v=DAZlFoYa41c
Most of the time this is sufficient. Data recovery is a pain in the @$$. If the data is actually sensitive (intelligence), then open the case and pass over both sides of the plates with a 0.5T magnet. Smashing the case does not prevent data recovery, it only makes it a little more difficult.
If this is all true, it's good news.
We've been looking for the ultimate backup solution. If data is really recoverable, then hard drives make a really good place to store data to survive whatever disaster. Of course, saving the advanced reading techniques will be important too.
Know your pads. One time pad: good for cryptography. Two timing pad: where to take your mistress.
Turns out I've been "fighting identity theft" in the manner this article mentions for years -- I'm a Windows user. Pardon me while I fight a little more with this fucking Vista compu.......... [no carrier]
Which hard drive? I have gone nearly 100% SSD and flash.
They make great steampunk lamps.
-- Programming with boost is like building a house with lego. It's a cool but I wouldn't want to live in it
So that must have been what the Who was doing to prevent others from copying their act.
Kwisatz Haderach
Sell the spice to CHOAM
This Mahdi took Shaddam's Throne
The advantage of physical destruction is that you don't have to care about who made it, the model number, the interface, jumper settings, spare blocks and tracks, dead heads, fried electronics, and anything else that might prevent you from erasing everything on the drive. Hulk smash drive. Problem solved.
Mea navis aericumbens anguillis abundat
http://www.hdd-shredder.com/index_en.php
Not cheap. But neat!!!!
Hmm, it seems that the curie point for Iron is 768c while the melting point of aluminum is only 660c, though I bet flashing the surfaces of the discs with heat would demagnetize the iron without melting the aluminum. Me, I like using a set of precision electromagnets to systematically write data all over the drive in a seemingly natural pattern, such as someone repeatedly writing words over top of other words on a piece of paper. Of course, the precision electromagnets I'm talking about are the hard drive heads, and the data patterns I'm talking about are written by freeware hard drive wiping software. q-:
Heating a destroys the magnetic domain's long before it melts. As density increases the ability to do data recovery when things go bad keeps decreasing.
My my... how positively non-British of the BBC. How crass.... how american.
Simply take a screwdriver, remove the encasement, lift the platters gently from the drive, and place them with tongs in the fireplace, carefully sliding the fender aside. Once the platters are completely cooked, pull your finger out and head to the pub to get pissed.
I do nerd stuff for a giant bank, when we retire servers or desktops, the hard disks are removed, the rest is sent to a recycler, the HDs themselves are disassembled in-house and destroyed by a third party company on-sight, with video monitoring. Each platter is verified destroyed by hand. It's actually pretty cool to watch.
Those who wish to be totally secure need to die. The dead are the only group I know of that never have any complaints about personal security,data security or any other form of security. Or, put another way life=risk.
best way to destroy the data is to open the drive casing, wire the platter motor to spin constantly, take out a sheet of Wet'n'Dry sandpaper. Place paper on metal spinning thing till it goes dull and scraped. Remove top platter and invert. Rinse and repeat for all sides of the remaining platters.
Laters Sol "Have you found the secrets of the universe? Asked Zebade "I'm sure I left them here somewhere"
I haven't heard of any software solution that can recover overwritten data.
Likewise. Barring actually disassembling the drive, I think GP's post is bullshit.
How can software get past the fact that the hard disk controller will be handing the OS all 0's?
Put your hard drive in a sock, and toss it in the dryer with a matching sock. You have a 50% chance of it disappearing into an alternate universe, never to be seen again.
Tiller's Rule: Never use a word in written form that you've only heard and never read. You will end up looking foolish.
I just inherited an M-1 Garand rifle (WWII U.S. infantry standard rifle) and have a pile of old hard drives the need to be wiped. This could be fun.
Cheers,
Dave
They that can give up essential liberty to obtain a little temporary safety deserve neither safety nor liberty.
Ben
Disassemble the drive and remove the platters. Take sandpaper and sand off the oxide. There's no way in hell any data will be recovered after that.
Not everyone has access to a furnace hot anough to melt the whole thing.
Free Martian Whores!
On more than one occasion when removing old computers we pulled the drives and destroyed them while donating the old PC's. If you think about it then it's really a no brainer. What's the first thing you do when you get a machine that's come out of no place and been previously used? You snoop around for things.
For some reason I refuse to use either spell check or the spacebar properly.
You get a totally irrecoverable drive, a warm feeling about the amount of aluminium you just recycled, and a couple of cool high-power magnets to play with as a reward.
And who doesn't like high-powered magnets? :)
Eric Baird
Remember, short, controlled bursts.
Two men hear that a tiger has escaped from the zoo. The first one reties his shoes; the second asks, "Do you really think you can outrun a tiger?" To which the first replies, "I only have to outrun you..."
Dumpster diving went out with the 80's. The chances of someone going through your garbage or electronics recycling so as to steal your identity are between slim and Nicole Ritchie. To be safe, just format it once; if you're really paranoid, use a disk wiping utility or "dd if=/dev/random of=/dev/hda".
Today's identity thieves typically steal your information long before that old hard drive makes it to the recycling facility. So you made a few purchases with your wife's Windows machine. Or perhaps you used a credit card to pay for a restaurant meal. Or maybe your mortgage lender has an identity thief on the inside. Or perhaps your medical records are sold by the overseas employees of the outsourcing firm your doctor used.
Sure, you can shred your hard drive and/or take a blowtorch to it if you'd like. Some people actually enjoy that sort of thing. But don't think you're safe from identity thieves for having done so.
The society for a thought-free internet welcomes you.
Industrial shredder. It rips the drive down to a pile of metal shavings
http://www.flixxy.com/hard-drive-shredder.htm
If you think it's expensive to hire a professional to do the job, wait until you hire an amateur. --Red Adair
Whoosh!
The point was that they said this is a "fireproof" way of restoring your data - which is basically saying that throwing the hard drive into a fire would somehow recover the data.
Foolproof would have been a better word to use; as in "even a fool could protect their data using this method".
which is totally what she said
How about when you get that first letter from the RIAA claiming that you may be sued and (according to their lawyers only) you MUST preserve all evidence to make their case against you as easy as possible?
Or would you rather smash them instead?
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
Your electric stove burner is capable of melting a hard drive platter, liquifying it completely. But you might want to have a spare burner and pan to replace the one you've messed up using this procedure. You *can* clean up the mess, but it can be a bit of work.
Did anyone ever beat it?
MThe Great Zero Challenge Remains Unaccepted
I usually just take it apart. I save the magnets - my kids like them and they are cheaper than magnetix.
I then use the platters as coasters. If anybody wants to retrieve the data at that point, good luck. My data just isn't that important.
Environmentally, I then dump the metal parts in the metal bin at my town's transfer station.
"No matter where you go, there you are." -- Buckaroo Banzai
Unscrewed the hard drive out of an old computer and put it on a block of wood. Got out my 8lb splitting maul (looks like an axe but fatter wedge shaped head, designed for splitting logs) and gave it a few hearty hits. Seemed to help it spill all the bits and bobs around my back yard quite nicely. Having a really big hammer is the trick. None of your wee bijou designer claw hammers ;-) Probably faster than the usual problem you have with one stubborn screw not coming out. Needed a bit of a sweep up afterwards mind you. I think all the bits of the platters went into the dustbin though perhaps a few small fragments might turn up in the veggie patch when I dig it over in the spring.
I disassemble my hard drives, and throw all the parts away with some exceptions: I remove any RAM and flash chips and destroy those (clamped sideways in a vise until it cracks apart) and I keep the disc platters. I have a coffee can full of them now.
While I doubt some bad guy will try to recover data from a bare platter, supposing he would they are safer with me than in the trash.
Multiple hits with 12ga slugs or other fun large caliber weapons. 12ga slug goes right through mulitple platers bearings and cases. Sometimes multiple hard drives.
This is too simple. You just KEEP your hard drive, throw it in the safe with the guns and the jewelry, because you're going to need some old data off it someday, anyway.
You must cast it into the fires of Mount Doom! Only then will your data be safe!
Depends on the value of the information. Are you willing to spend $500-$10000 on a professional recovery service, or is your information not worth that much? Can it be reconstructed through different means?
The DoD has to worry about enemies getting ahold of the disk and sending it to a multi-million dollar clean-lab with stuff like electron microscopes and post-doc engineers to recover the information.
Something properly classified 'Top Secret' is done so on the basis of it being possible for it to cause 'exceptionally grave damage'. IE lives lost, cities nuked, embarrasing the POTUS, etc...
The reason you destroy the information in so many different ways is in case one of the ways fail. For example, degaussing is often possible in-house, but what if the degausser doesn't work well enough? On the other hand, sending it to a facility capable of smelting it down requires transporting it - an opportunity for it to be lost. So you degauss it first to make it harder to retrieve data in the facility, then send it to the smelter 'to make sure'.
I don't read AC A human right
Or small amount of thermite[...]
A *small* amount of thermite?!? What sort of geek *are* you. Nothing but a great heap of thermite will do.
(Sure, a small amount would take care of the data, but no geek worth his bits would settle for a small amount of thermite when he has a chance to use thermite.)
What a load of nonsense. /dev/hda
1. Download and boot Knoppix
2. From a root terminal run: shred -vfz -n 25
Granted, if it's data I'm paranoid about (financial data) and I don't plan to re-use the hard drive, I'll do the above followed by disassembling the hard drive (with actual screwdrivers, not a hammer) extract the patters and then punch 7.62mm holes in them from 100 yards over the course of a few hours.
Ya, when you absolutely, positively, need to be sure, nothing beats thorough physical destruction (where'd my thermite go?). However, having every bit randomly written 25 times, followed by every bit being zeroed if probably good enough.
Necessity is the mother of invention.
Laziness is the father.
Method 1: Use a "nuke disk" created from something like Eraser to secure erase the entire drive.
Method 2: Dismantle the drive for the cool rare-earth magnets, and use the shiny platters to adorn your refrigerator or as signalling mirrors.
Reasonable target practice at 125 yards. I probably should have used steel core surplus ammo, but the 55gr V-Max bullets did plenty of damage, even when the round hit the platters. I got about 4-5 hits per drive before the drive disappeared beyond the pallet I had it propped on.
Here at the hospital we drag all of the old dead drives over to the MRI suite during a time when they don't have anyone scheduled.
Wave a drive in a 90,000 gauss field for a minute and it's pretty hard to recover. We tested this by sending it off to a data recovery sppecialist company and they told us that it was irrecoverable.
The Government might have better luck...but the average person isn't going to get squat.
Phoenix
-- Wiccan Army, 13th Airborne Division "We will not fly silently into the night"
Impact on hard ground from ten miles up? Nope.
When the informatin is "loosed", where does it run off to? Should we have some mechanism in place to catch it before it gets in the wrong hands?
Five shots from a .458 Winchester Magnum firing soft-points really wrecks a drive into smithereens. It's actually hard to find a spot on the platters that isn't either punched through or scratched to near-oblivion by tiny fragments bouncing around inside the thing. Really, they look almost sandblasted where not outright gone.
And it is a lot of fun, too.
There's no original because that's not the spec.
The real spec is DoD 5220.22-M, available at http://www.dtic.mil/whs/directives/corres/html/522022m.htm.
The DoD standard has been superceded by NIST Special Publication 800-88:
http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf
http://en.wikipedia.org/wiki/Data_remanence
This is misleading. Wiping and destroying a drive will both work if you do it right, but the physical destruction is risky in that the damage is unpredictable and may be easier to overcome than it looks to a layperson. That makes a software-based wipe much more foolproof. Drives have been restored after being run over by trucks, scorched in fires, doused at the bottom of a river and other things - if you need data to disappear, you don't want to have to rely on "well, this looks good and broken now".
By contrast, random-overwriting a drive several times will render it impossible to recover anything from it. The plus side is that you still have a working drive.
Of course it's hard to make that look like an accident. But then, to make sure the disk is physically destroyed you have to break the platters and ideally grind them into powder, and that kind of "accident" won't be very convincing either. (Disclaimer: Withholding information from law enforcement or in a legal investigation under subpoena is a felony in many jurisdictions.)
Hard drives are NOT cheap if your goal turn the computer around for use by someone with low income. I rebuild computers and give them away for free to people who need them. Spending even $20 to replace the hard drive would increase the cost of the computer enough to make it unusable for my purposes.
Is it really possible to recover data from a disk that has been wiped with DBAN? I highly doubt it -- I've never heard of data being recovered after wiping with DBAN.
If you want to be friendly to the environment and spread the availability of low-cost computing, don't destroy the disk, use DBAN instead.
1. Have the Large Hadron Collider create a black hole.
2. Throw hard drive into black hole
3. ???
4. Profit
http://www.youtube.com/watch?v=oOIf0JmZfrQ
Plus if you make a sand cast you can have your own Hard Drive Beer Opener!
There is at least one outstanding challenge on the internet to recover a drive that has been overwritten just once with zeros. No one has accepted this challenge in over a year. Beyond that we now know that the assumptions that Peter Gutmann made when writing his seminal works in the mid-nineties about data recovery are complete hogwash. Once such assumption is that you know what data it is that you would like to recover. Why would you need to recover the data then if you have perfect knowledge of the data.
A new paper was published in December showing experimental data to back up how possible/impossible it is to recover data from a drive that has been overwritten once with any known pattern. They show that if you try to recover data from overwritten areas your likely hood of data recovery become astronomically low once you start trying to recover more than 32 bits of contiguous data. Add to that the time required to attempt the recovery. With Magnetic Force Microscopy (MFM) you can scan a disk platter at a speed of 1 byte every 4 minutes. This speed will change over time, but based on the research in this paper that still makes anything more than bit recovery unlikely and would be a huge time sink for anyone with appropriate technology and would most likely yield little useful information.
I recommend anyone in that deals with hard drive decommissioning read this paper.
Here's the link to the paper.
And here's a link to the BibTex entry.
Back in the 1980s and early 90s, when I was working as a tool for the military-industrial complex, I ran a VAX lab that processed classified information. I forget which DoD standard we followed (it was equivalent to Army 380-380), but I got to write our declassification processes and my successor at the job had the fun of implementing them. The basic choices were
Our building had a machine shop in the basement, and my successor got to take apart the RM05 removable drives (which were about the size of a Tupperware cake carrier and had a dozen 14" platters), and have the machinists sandblast them for her. The canonical Sysadmin Wall Decoration in those days was to have a disk platter with some tracks scratched off it from a head crash; she had one that was clean down to the bare metal.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
It's military - so "lose the dogs of war"...
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Come one guys! We're /.'ers. We build our own degaussers out of tire irons and bailing wire for crying out loud. Hook it up to the batteries of our oversized SUV's and ZAP! no more data (and no more eyebrow hair probably, considering we are /.'ers.)
Would whole disk encryption work as a safeguard against data recovery? Just encrypt the whole disk (when it's new) using truecrypt, and pick a good password. One advantage might be that if your disk dies, and your computer can't access it anymore, then you're data is still unreadable. When it comes time to get rid of the disk, just erase the mbr.
One option is something I try to recommend, but often times its not doable in practice:
Don't have unencrypted data on the drive in the first place. TrueCrypt has the capability to overwrite sectors while encrypting to ensure that unencrypted data isn't on the drive. On the Mac, you can use PGP whole disk encryption for similar functionality. For data drives, the latest version of TC allows one to encrypt a volume in place (also offering an option for multiple overwrites.)
Combine this plus a good password (or use of keyfiles for even better security), and for all but classified data, one can just run a zero pass and call it done. For better security, one can restore a dummy keyfile (overwriting the areas with the volume master key 36 or so times) and unless someone can crack AES-256, they won't be accessing that drive's data anytime soon.
Disclaimer: Know your threat model, and who might be after your data. For someone who just doesn't want their data to fall in the wrong hands if their laptop is stolen, TrueCrypt or FileVault is more than enough. If someone has stuff that some organization is willing to pay big bucks to try to disassemble it with a SEM, then use one of the techniques mentioned in previous posts to reduce said hard disk to component atoms.
Another option that isn't mentioned much because its difficult to gain access to it is the low level ATA spec secure wipe of drives. All recently made hard disks have a built in secure erase function that erases on the disk level. A utility, HDDErase (http://cmrr.ucsd.edu/people/Hughes/HDDEraseReadMe.txt) might be usable depending on the computer and how fast the BIOS tells the hard disks to lock down access to the password protection commands. I use this secure erase function with a pass of DBAN to ensure that non critical workstations which are changing owners have blanked drives.
Target practice with a high power rifle. As much fun as a three pound hammer, but louder.
Professional Politicians are not the solution, they ARE the problem.
...had a hard drive throw contest. Much more interesting. :)
Well, the plastic stuff will actually melt. However, for the drives themselves it's sufficient for the temperature to get to the Curie point. That's the temperature at which ferromagnetism stops.
The Raven
http://www.youtube.com/watch?v=k-ckechIqW0
Only the One Drive reveals its data when exposed to fire, but even then, it's just some crappy poem about Western Digital, Morder, and the Read Heads of Doom.
Hell is other people's code.
"Unless you're a spook or the kingpin of a criminal consortium, there's no need to go out and buy deleting software and no need to put a hammer through the damned thing," Mr Goodwins told the BBC.
Why? DBAN is free and can be used over and over again.
"Trust that little voice in your head that says 'Wouldn't it be interesting if...' and then do it." - Duane Michals
Note that the Great Zero Challenge remains unanswered. Overwriting a hard drive with zeroes will erase all data on it irretrievably (I agree totally that ordinary delete methods would not do so).
Yes, there have been lots of articles about how overwritten data can be retrieved with various vaporware methods, but no commercial data recovery companies has implemented these. So unless you are paranoid about the NSA using their super secret data recovery methods to find out your hotmail password after buying your hard drive off eBay, it is not necessary to physically destroy a perfectly good hard drive.
My personal favorite method of drive destruction (done a number of times) is by use of a high power .30 caliber rifle (7.62x54r). Old hard drives make wonderful targets since they are smaller than the vital area on most wild game so as targets they can really improve your accuracy. After 10 to 15 holes I highly doubt there is much left that can be recovered by a normal hacker or most professional data recovery services.
http://www.actionfront.com/ts_dataremoval.aspx
Smashing the drive is likely less effective than overwriting and overwriting is almost impossible to recover from. Even with an STM!
Remove platter, place platter in to a microwave oven, zap platter... distroy harddrive components by smashing/crushing parts, repeat process. results vary...
http://techreport.com/forums/viewtopic.php?f=5&t=56926
recently got back from a small gathering of security experts that work with encryption. We saw a wonderful demonstration of a data security expert performing a challenge. We were asked to bring in a disk drive that had been deployed, wiped, deployed, wiped, and deployed. So I personally did a BSD install, Then Linux, then XP.
The demonstrator asked if the disk drive was "expendable", I said sure, it was an old 60 gigger. He then opened up the drive's housing and dropped it in a tank of liquid nitrogen. He removed it and smashed the platter with a hammer.
He took the platters and, as far as I can tell litterally taped them together with Scotch tape.
He took out a weird wand looking device and started, platter by platter, scanning them in. On the screen we could see the hard disk being reconstructed. It took about 2 hours to "wand" the platters of my demo disk.
We ajourned for the day as the software went to work. Now I stuck around the lobby and bar for a while and chatted with the demo guy asking what he just did.
"I used a special magnetic scanning probe to record the contents of the disk platter parts. The liquid nitrogen makes it easier to break the metal rather then bend it to hell. The process still works, it's just more dramatic."
I asked, "Neat how much does the wand thing cost?"
"They're not for sale to the public but I'd wager at least 30 grand for one."
"Ouch!"
"Spendy isn't it?"
"No I just sat on my pager... but yes that is sick"
The next day the demonstration began anew. This time he went off talking about magnetic sub sampling blah blah blah... my drink was watered down and their ameretto was ghetto. He had lots of slides with what looked like oscilliscope output and WAVELETS tossed around on the slides, oh and lots of linear algebra... yuck... But he said the following that caught my attention:
"based on the way hard drives operate you can think of them much like a printer. They print on a sheet of paper a magnetic pattern to represent a 0 or 1 so to speak rather then ink. So let's imagine that you print a picture of Wayne Newton in black and white on a sheet of paper. You can see it looks like Wayne. (He actually was printing this stuff btw..) Now (putting the Wayne Picture in the printer) I'm going to print a new picture but this time in red ink. (a picture of Tom Jones) now as you can see it's hard to make out Wayne or Tom at this point. But with the right technology you could easily pick out one or the other. But imagine now if you could only print black in on the top half of the page and red ink on the bottom. Or better yet hundreds of little bands on a single page each dedicated to a different color. You could, on the same page write dozens of different pictures, each in a different color. Hard drives do the same. In that small space of the Read Write head hard disks can leave a ghost of the old content. Remember this if anything: YOU'RE DISK WIPING SOFTWARE MUST USE SPECIFIC PATTERNS TO EFFECTIVLY CONCEAL THE OLD CONTENT..."
Now what sticks out from that? the word CONCEAL. Not erase, not delete, but conceal. I used the gdisk DOD wipes between my sessions.
So he opens up my disk's profile in his software, it showed a summary screen with the most sickening line I have ever read:
"Distinct Disk Profiles Found: 9"
9? WTF?
So the demo guy clicked on the 9 and boom this is the actual display that showed:
Profiles Found (Newest First)
1 ) Windows XP - FAT32 Parition
2 ) Attempted DOD Wipe
3 ) Fedora Linux - Reiser FS, EXT2, SWAP
4 ) Attempted DOD Wipe
5 ) FreeBSD - Paritions found 6, JFS,XFS,FAT32,na,na,na
6 ) Windows 2000 - NTFS
7 ) Windows 2000 - NTFS
8 ) Attempted Low Level Format, Sectors Reallocations = 9
9 ) Attempted Low Level Format, Sectors Reallocations = 0
WTF? All I could repeat was WTF over and over again. I d
-=[ Who Is John Galt? ]=-
Round 'em up
Put 'em in a field
And bomb the bastards!
-- NSY - SY OOT - Doric signs on local shop doors.
> Well if you can't access it in any way, then why would it matter?
Because while you can't access it normally, the kind of people who are able to open HD and remove the platters CAN read those sectors.
And yes, removing the platters to mount them into another device is pretty much the standard way to recover information from a hard drive.
So the government has the capacity recover data from a disk which has suffered from dd where everything's been overwritten with null bytes?
dd if=/dev/zero of=/dev/hda
So give it to journalspace ... they don't seem to have problems losing data on hard drives.
These kinds of threads really irk me. Most of your data is useless personal crap that nobody gives a shit about. Unless you are in some major intel job, or hiding trade secrets, destroying your HD is not only a waste of energy, it's still a working HD that someone else can use! Suggested places to give your old computers and HDs:
Underfunded local private and public schools
Local non-profits of personal interest to you
E-Waste Recyclers
L2Share not Destroy
While the theatrics of tank-rolling, smashing, etc. are alluring, the fact is that this is more a symptom of incompetent users. If a competent security geek (they're a scary lot) puts out a physically non-destructive data-erasure procedure, take a guess on the likelihood that users will *actually* follow the procedure any better than the last 30 procedures they were sent that involved a mouse... Its low. Guess who gets the blame when the data is "loosed"? The security geek.
Instead, said geek issues a 'meatspace' method to make the data totally irrecoverable and the chances of erasure go up astronomically. That, and that alone, is the reason for the ongoing list of these inane and wildly extreme procedures.
(Most people are stupid, we know this; I imagine the HD's being smashed by the apes with bones at the beginning of 2001.)
On a technical front, random-data rewrites work. If you don't feel safe with 7, 13, or your favorite random lucky number, use 30. the data WILL be gone. If you're the theatrical type, fire isn't very hot at all: prepare some nice 3.5" pucks of thermite and when you want to destroy a drive, take the condemned outside, put a thermite cookie on top (covering the platter), and light'er up. Problem solved.
I work with tons of confidential data. No hard drives, tapes, floppies, CDs/DVDs, memory cards or USB drives leave my care without being "erased" to my satisfaction.
All magnetic media (hard drive platters, tapes, floppies, etc) are raised above their Curie point. Usually FAR above their Curie point. Usually above their melting point, actually, and occasionally above their flash point.
Opticals (CDs, DVDs and UDO) are shredded in a paper shredder. If something really important was involved, the chunks are then burned.
Solid state storage (USB drives and memory cards) generally meets my drill press, particularly if there is a warranty involved. Burning works too, but you need to make sure the NAND die is reduced to ash, not merely the plastic package. For drilling, use a bit at least as big as the minor axis of the chip carrier (if you can identify it) and aim for roughly the center.
Thermite is cheap and easy to make. The most important thing to remember is not to get the stuff too finely ground. If you use very fine powders, it'll burn too fast and eject a lot of heat up into the air. Use coarser ingredients so that it burns slower and delivers more heat to the target.
I haven't had the balls to request that the board authorize payment for "secure destruction of confidential data" yet, so I've been paying for the thermite out of pocket, but I don't mind because it is fun. Other people here think it is pretty interesting too, so I usually get a crowd.
Don't bother with shooting. Just makes a mess.
See that "Preview" button?
Am I the only one who remembers this?
http://16systems.com/zero/
Unless you have way too much time on your hands and probably an electron microscope as well, `dd if=/dev/zero of=/dev/hda` works just fine. This is especially true for protecting against identity theft because no identity thief will want to spend that much time/money/effort recoving your data when they can just get another drive that wasn't wiped at all. (Unless you're really rich - then maybe they would.)
...Had this been an actual emergency, we would have fled in terror, and you would not have been informed.
Or is it? I think I saw one of those pasty interns jump in after it.
It's been mostly worked out.
Comment removed based on user account deletion
wow, don't fancy that. Maybe if I was splitting wood every day I'd be fit enough to swing one but right now it would just damage me - if I get more serious about cutting wood I might think about a small chainsaw. 8lb maul is just about the right weight for me!
I was dictating (using only the bottom half of my mouth) a journal entry about my recent exploits (OK, virility!) onto my new yet unpacked SATA drive when the agents of some unknown Chinese three lett... uh, pictogram agency breached the perimeter. Short story shorter, I ended up wrapping the drive in two layers of toilet tissue (don't ask!) and pressing it with the top with my thumb until the drive and its packaging had melted into a puddle of glowing goo consisting of only mesons and baryons.
Three seconds later I started having regrets as I'd ran out of toilet tissue and...
Yours,
Chuck Norris
Listen, hdd drives are a dime a dozen, i would just buy case and keep my own, and go buy another used one from a shop somehwere, and get rid of it, with its different hdd rather then let mine go if i was that paranoid...but I know how to do a bit to bit wipe on my hdd, maybe some others should learn too?
BTW: Many gun clubs and firing ranges have "Hard Drive Day's". Not much can be recovered from a drive that experiences the impact of a 45 slug or a 30-06 fired from 50 feet away.
"Shhh... I'm hunting Wabbits"
and the head magnets make fantastic fridge magnets - they can hold about a year's worth of bills each.
Interstitial spaces are filled with cream.
I was amazed at the power of the magnets I took out of an old hard drive.
Will it Blend?
I had two drives stacked very close. When the top drive failed a quick guess was that its circuit board was cooked by the drive underneath. The circuit board swap worked.
I worked for the AG's office our routine method of destroying a drive was to repeatedly hum it at a solid brick wall until all you could hear was rattling pieces inside.
We opened one up once, what a bloody mess.
is destroying the hard drive really necessary?
http://hardware.slashdot.org/article.pl?sid=08/09/06/189248
http://16systems.com/zero/index.html
They make great targets at a firing range :)
Oh, come on. If that comment doesn't beg a reply of "nuke the entire site from orbit", I don't know what does.
"Does it blend" works well for Laptop Hard drives, and you can add empty beer cans to suite your taste. Larger drives make unique targets for sighting in the 30-30. If you don't own a gun (convicted felon, wimp, ,,,) you can fashion it as a ground strap on your car and take a road trip
Proudly Butchering code for 20 years
www.isoHunt.com
Of course it will! Careful, that's SATA dust. Don't breath it.
How about formatting the disk then using whole disk encryption?
An SQL query goes to a bar, walks up to a table and asks, "Mind if I join you?"
Oh really?
I'm not certain what a drive platter is made of, but steel will lose its magnetism at around 1500 degrees F - slightly more white than a red hot cherry color. The temperature is lower for other magnetic metals. IE, the magnetic field is gone due to the neutral realignment of the steel lattice structure, relieving any stress and putting it in a 'virgin' state. This effect is roughly visible as the metal is heated past the Austenite point - you'll see waves/shadows in the metal as it occurs.
This is a temperature which can be achieved in a common wood stove or BBQ grill (within the fire's heart, at least) without much effort; it is also only slightly more than half the temperature required to melt steel. If you've got yellow- or white-hot coals in your fire (say, a bond fire or even a larger camp fire made with dry wood) the fire is more than hot enough to demagnetize steel.
I really, really hope your post was made in jest. And I highly doubt anyone would be able to recover a drive subjected to even marginal "percussive" treatment (ie bent platter) short of using an electron microscope or some such gadgetry.
~/ssh slashdot.org ssh: connect to host slashdot.org port 22: too many beers
smashing still leaves potently usable pieces thermite leaves only molten slag
Thank you; I did not know what that temperature was called, but I knew what it was. (Newton commented on the observation of iron losing its magnetic properties at a cherry red, even.)
It's pretty easy to reach steel's Curie point; you can do it in a hot camp fire's coals.
~/ssh slashdot.org ssh: connect to host slashdot.org port 22: too many beers
I am surprised no one mentioned by far the simplest and cheapest solution to render any data on a drive inaccessible: if it was encrypted in the first place, just drop or destroy the key. For exmaple, if a password was required to access the data nothing needs to be done as it is already inaccessible to adversaries; or if the key to encrypt a hard drive was stored on a USB thumbdrive, just destroy the thumbdrive.
Hulk ... smash!
Tracy Johnson
Old fashioned text games hosted below:
http://empire.openmpe.com/
BT
Wind chimes! Coasters! Frisbees! These things: http://www.instructables.com/id/Twitchy_Your_E_waste_Friend/ ...if that isn't safe enough, your data is too important and you should immediately quit your job and sever all ties with society and go live in a tent with a squirrel. Trust me, you'll feel better: Squirrels are great.
Seriously. Let's review the "confidential information" a typical home user has on their computer:
social security numbers - yeah, that's a super private thing. I only give it to my employer('s secretary), my doctor('s secretary), my dentist('s secretary), my accountant, my credit card company, the company managing my 401k, and the IRS... You get the idea.
credit card numbers - not my problem if they are stolen because it is covered by the credit card company... that's why I use them.
Bank account info - You can also just find my account number by stealing my mail. Have fun guessing my password.
What else am I missing? My emails are boring and you can have my old pr0n.
For a home user, there is no need to break out the hammer. Half the people will probably manage to inhale poisonous dust or get a metal frag in their eye. Just delete and overwrite it a few times with free software and toss it. Meanwhile, credit card companies and the IRS will just continue to throw out hard drives and lose flash drives containing thousands of people's private info. Or maybe the secretary who makes $30K will just give all your info to her meth head boyfriend. Or maybe someone will just break into your house and look through your paper files.
I wouldn't be surprised if they were just shipping them to Hawaii and chucking them into volcanoes.
Random Thoughts From A Diseased Mind (Not For Dummies)
How about instead of wasting perfectly good hardware, boot into a live linux CD, and scrub the disc with...you guessed it: scrub
Or...just dd if=/dev/random of=/dev/hda
If anyone actually has the motivation to try recovering your data after that, you're probably already in some kind of trouble.
seriously - has anyone successfully recovered from dd if=/dev/zero of=/dev/hda ? I hear about 'slight distortions in the magnetic field due to the previous orientation' but that's basically a bunch of bullshit. Modern drives are as sensitive as they can possibly be so they can cram as much data as possible into their tiny platters. There have been multiple challenges to recover data from that method, and so far none have had any takers.
I recently recycled a bunch old computers. I considered wiping the harddrive electronically, but then I didn't feel like the hassle. I just removed the drives and smashed them with hammer. It was fun and the recycling center took them anyway.
cat /dev/urandom > /dev/sda is your friend.
That pretty much fubars everything on your platter
Reading a modern hard disk that's been written over with zeroes is not that simple, and would likely require very specialized, very precise hardware.
The historical problem with writing over with zeroes was that the amount of magnetic surface between tracks on the platter was fairly large. This space between tracks would keep a "ghost" of previous data should there be only zeroes written to the nearby tracks. Guttman's research and the DoD wiping method were designed to overwrite the track data and make sure that that "ghost data" would be wiped as well.
Modern disks have such narrow gaps between tracks that overwriting with zeroes is sufficient to stump any commercial data-recovery attempts. (See, e.g. The Great Zero Challenge).
The military takes more extreme measures with highly-classified data because there are ridiculously expensive and time-consuming methods that one could use to recover data that's been "merely" wiped. There are governments and organizations that have those resources that might be willing to expend them to get their hands on such data.
There are not criminal organizations that have or will expend the insane effort to recover the information that might be on an individual's drive. The cost-benefit just isn't there. An individual who boots something like DBAN and does a one-pass wipe of all zeroes across the entire disk is entirely safe from anyone who has less resources than a major government intelligence agency.
We may not imagine how our lives could be more frustrating and complex—but Congress can. – Cullen Hightower
Wasn't there recently a study or the like that showed that there was no necessity for the physical destruction of a hard drive, provided that the disk was overwritten with zeroes? Obviously, there still may be faint traces of data, but the probability of those being recovered is so remote after adequate passes that wasting a drive is not a worthwhile endeavor.
This is to my understanding, of course.
the simple steps... [0] you have already encrypted your data of course [1] you run your secure erase util overwriting data at least 7 times. [2] you remove the spindle-cover. [3] you drill several holes of varying diameters through all the platters { avoid letting the drill slip and unnecessarily scratching the nickel plating } [4] visit a local retailer and ask him to run the magnetic security-tag release wand over the platters for at least 90 seconds. { the her's often object } you now have a pretty nice paperweight for your desk...right where you can keep your eye on it eh! remember to lock it in a drawer overnight though.
but you cant be sure that it worked, whereas when the metal has melted its pretty obvious that it worked.
IranAir Flight 655 never forget!
An adversary can't pull the data off the hard drives if they can't physically get to them.
Just put the hard drives some place that no one can or would want to go -- have the DoD hire Paris Hilton as an SSR ("secure suppository repository")
I've had very good luck with a couple 6 volt "lantern" batteries, a standard 4-pin disk drive power connector, and a few alligator clips. Connect the 6 V batteries + to -. On the "+" battery, connect its minus to the center two black "ground" leads. Connect the "+" of the "+" battery to the +5 line (red) going to the drive. Finally, connect the "+" of the other battery to the +12V (yellow) wire. So we're supplying ground, +6, and +12. Heck, it has a voltage regulator on +5 ... and it doesn't have long to live anyway.
Plug the drive in. Spin it up. IMPORTANT: Put it so the platters are at 90 degrees to you! In other words, put it so that if the platters explode, they won't hit you. You don't want it sitting on the ground with the platters parallel to the ground; you want them spinning at 90 degrees to the ground and to you.
Hike back a bit and shoot with a heavy slug. A slug from a 12 gauge works fine. All the rotational (angular) momentum is transferred to the frame as the platters stop almost instantly. The drive goes whirl-whirl-whirl, sometimes up in the air!
I found that the .223 round from an M16A1 was strangely ineffective, but going to full auto made me feel better, and that's the point of all this. [ Yes it's legal to own an M16A1 here if you hop through the paperwork hoops]. Alas, the M16 was a toy I got rid of later ...
9 mm works very well at disassembling the drives, as does .45 cal.
By the way, there are **absolutely terrific** magnets inside modern drives. Open 'em up and use a little acetone to unglue the magnets. They're the "supermagnets". And if you disassemble the drive with shooting, it is commonly opened FOR you!
Shooting a disk drive that crashed and lost you a bunch of work is terrific stuff. In Las Vegas there are a couple places that let you bring in your computer or whatever and shoot it with automatic weapons. Hmmmm, maybe I should try an AK-47 someday, that's a .30 cal round...
*grin*
David Small
In the US Navy we wiped the drives per spec (DoD 5220.22-M current) with any off the shelf that fulfilled it.
We'd mark them as destroy and do several things that was acceptable for destruction.
Some examples are: Drill a bunch of holes in them; smash the crap out of them w/ hammer, sledge hammer, axe, pneumatic hammer, blow torch.
Of course, we'd then throw them overboard.
loose: not fitting closely or tightly != lose: to suffer the deprivation of
I think we should take into account the sensitivity of the date. A couple passes with boot and nuke is probably sufficient if I'm wiping my HD before I sell/trash it. Anything more paranoid really isn't necessary unless you believe a major government agency would be after your data. I'm talking NSA level. I spoke once with a cybercrimes enforcer for the state police, and he basically admitted unless a dictionary attack worked or they were using shitty encryption (48 bit) they really couldn't do anything. If neither of these worked, unless the suspect was dumb enough to leave the password written down next to the computer, they weren't able to do anything with the data.