Slashdot Mirror
"Smash Your Hard Drive" To Fight Identity Theft
Will Do This For Free writes "BBC News has a story about the only fireproof way of safeguarding your personal information when dumping your old computer: 'It sounds extreme, but the only way to be 100% safe is to smash your hard drive into smithereens. [...] The more thoroughly the better.'
This sounds like so much fun that I almost feel like doing it right now. Let me press Submit Story first."
So...I don't want my data to somehow magically be restored when I throw an old hard disk into a fire? Where can I read more about this amazing data-recovery technology?
This sig is certified free of self-referential humour!
...It's the only way to be sure.
Hey, look! It's Bono's brother.
and just use dBan, Derrick's Boot and Nuke.
Nothing beats an afternoon of watching dBan and a comfy chair. Beer or whisky optional.
import system.cool.Sig;
You'll have to excuse me. I'm need to go protect my ex-wife from identity theft.
Smash An Identity Thief.
The problem with socialism is that they always run out of other people's money. - Margaret Thatcher
Problem is that most people are way too stupid to understand how to use that, but they can understand smash.
The funny part, 90% of those people that understand smash, will not smash it enough. I have recovered data from laptop hard drives that looked pretty smashed, but 45 minutes in my improvised clean room moving the platters to a different drive and I was able to read the contents.
Do not look at laser with remaining good eye.
It would certainly make smashing a hard drive to smithereens more interesting.
I wouldn't recommend it though. The paranoia you'd need to decide smashing a hard drive was the best way of preserving your identity would likely make it a pretty harsh trip.
Try crystal meth instead. The aggression and hyperactivity'd make be damn sure that HDD was properly smashed.
"I've got more toys than Teruhisa Kitahara."
I periodically contract with a company to dispose of old hardware for my company. The first time i talked to them, they mentioned they shredded old media. I assumed he meant floppies and tapes and the like. Given the nature of the material, it didn't seem that impressive, but certainly nice. When I got the estimate, I was a bit shocked--why was it so high? Then they explained--by "media," they meant hard drives. They sent me a PDF on the equipment. Hard drives are removed from machines, and placed on a conveyor belt. This fed the hard drive into the shredder. On the other end, bits of metal came out. I begged them to let me operate it--just for one or two drives. Damn lawyers!
Throwing into fire is not enough, the magnetic domain on the platter is still there for highly technical team to retrieve. You have to melt the hard disk into liquid and stir thoroughly.
There was nothing of substance in the video. The guy smashed his drive, Ontrack said it was smashed and couldn't be recovered...but then went on to say, "But we are really good at restoring water damaged drives!"
The whole discussion is made pointless when Ontrack says, "Oh, we can't restore a zero'd drives either."
The funny part, 90% of those people that understand smash, will not smash it enough.
Another 5% will enjoy it so much that they will do the same thing to their new computer, the TV and the next door neighbours car.
And is the term "pissing contest" recognized in both?
SJW: Someone who has run out of real oppression, and has to fake it.
I like my hard disk shaken, not stirred...
NO! It does NOT make it completely useless. Someone with a scanning-tunneling microscope could still retrieve portions of your data! The thing that makes this article retarded isn't the difficulty of permanently destroying data, which is best done with intense heat (as in, burn the disk to the point it melts) but the fact that no one cares about your identity OR your porn collection. Just zero the disk once and odds are that will be more than good enough for any of your personal data, unless you are the fucking president or something. Zero the disk or if you must, run a secure formatter, and put it on freecycle if it's too old to sell.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
His PC died due to dust accumulation (fried mobo, dead power supply, fused RAM) and he asked me what to do with his system. I told him the only thing he needed to worry about was his HD. Told him to drill a few holes in the drive, use a blowtorch in those holes if he still had one (he used to work in home remodeling), smash the drive with a hammer and put it in a bag with his used cat litter (they have two cats).
If someone is desperate enough to want the information on his drive, they're going to have to work for it.
Well that depends, what breed of cat?
A learning experience is one of those things that say, 'You know that thing you just did? Don't do that.' - D. Adams
The platters don't have to be melted, they only need to be heated to the Curie point to loose all their information. Of course, that would still take a pretty hot fire.
RBFH - is that "Really Big F**king Hammer?"
Damn, I just bought a BFH to smash some walls. I wonder if I can upgrade with a serial number?
Really, there's no need to wipe it more than once unless you honestly think it will matter. At least these guys think so:
http://16systems.com/zero
It's really not that hard to transfer platters. and yes use an identical drive.
a makeshift clean room is easy. run the shower in the bathroom for 15 minutes on the hottest setting and then shut it off and let the room cool down completely. the mist in the air will remove all dust as it falls to the ground. use a tyvek suit and cover your hair, face, hands and you're good to go.
Do not look at laser with remaining good eye.
. . . and tell her to put it in a safe place, and that you might need it later.
It's gone forever.
There is no chance that anyone will ever have access to that disk again.
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
In other news: people still stupid. Has anyone here actually TRIED to get stuff back off a Guttmann wiped drive? Or even a DoD 7 wiped drive?
My class in computer security had some time to kill and someone brought that up so the teacher said "Well, we've got a bunch of PCs from last upgrade waiting to be re-imaged and given away to students...let me see what I can score us!". He ended up getting us a half a dozen PCs set up in the back of the class with 2 HDDs set up in each so we could run plenty of different tests. We did everything from MSFT format to one pass to three pass to DoD 7 to Guttman. We researched and then used every piece of freeware and trialware that we could get our little hands on. Here is our findings:
MSFT format is of course pointless, as everyone knows. 1 pass of zeroes we got around,sorry but it has been awhile, but we got around 80% IIRC. 3 pass was lower(0,1,random), somewhere in the 10-20% range, depending on the software used, but most of the "recovered" data was garbled beyond use, DoD-7 made it pretty much impossible, I think we got 2 .txt files and they were so garbled we couldn't decide if it had actually recovered ANYTHING, certainly nothing you could use, and finally Guttmann we got squat.
So if someone were to spend the $$$$ to have the drive taken apart in a clean room and analyzed and you only used one or two pass of predictable patterns then yeah, I might see wanting to destroy. But I haven't seen anyone bragging about beating D0D-7 with what the average hacker would have access to, much less Guttmann. So frankly unless someone here has a citation I have to call bullshit. Frankly it makes me wonder if this kind of stuff isn't cooked up by the HDD manufacturers. I can just imagine them spinning this- "Before giving away that machine destroy the hard drive first!(so they'll have to buy a new one from us! Yay!)"
ACs don't waste your time replying, your posts are never seen by me.
Come on people! Zeroing a disk drive only removes half of your data. The other half is unchanged and still perfectly readable!
I read years ago (and I'm sure it was made up) of a memo sent out to IT managers in the DOD (United States Department Of Defense). It went.
To properly dispose of hard drives which may contain Top secret information is a 5 step process to be performed in the order specified and by competent engineers.
1. Perform a triple overwrite security erase on the entire disk.
2. Use a bulk degausser (AKA a powerful electro magnet).
3. Crush the drive under a roller or tank tracks, whichever is more convenient.
4. Melt the scrap into slag.
5. Bury that Slag in a toxic waste dump to deter any attempts at data recovery.
That's not exactly how it went but I think this is pretty close. Can anyone find the original?
--= Isn't it surprising how badly I spell ?
Hard drives are cheap. If you have any data that you absolutely don't want to get out...EVER...physical destruction is the 100% solution.
And, in terms of practicality, running DoD-7 takes about 1000 times longer than whipping out the old Sledge-O-Matic. If you're retiring a few dozen computers, even that gets old, and you start looking for the thermite.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
Exactly! You have to XOR every bit! :)
I believe it's called a "micturition tournament" in the UK.
The problem is that modern hard drives do automatic defect mapping. The end result is that sometimes important data can be written to a sector, and then the drive will decide that sector is unreliable and map it out. That sector can no longer be accessed in any way. As a result you have a sector which contains data but cannot be wiped because the drive won't let you write there.
Flash memory is even worse since it does write balancing between all cells to PREVENT a failure of a sector, rather than deciding a sector is on its way out and mapping around it then.
retrorocket.o not found, launch anyway?
1 pass of zeroes we got around,sorry but it has been awhile, but we got around 80% IIRC.
OK, I'm impressed. Would you care to explain in more detail how you did that? From your description, you used "every piece of freeware and trialware that we could get our little hands on". I haven't heard of any software solution that can recover overwritten data.
Well if you can't access it in any way, then why would it matter? Remember, what folks are afraid of is some hacker will get their CC numbers or some business will end up with a lawsuit because the hackers got everyone's social off their old machine. But I have yet to see anyone actually pull anything useful off without going clean room, which frankly is so crazy expensive that no hacker in his right mind would bother. And for the poster that said it would take too long? You do know there are free programs like this that can boot off CD and do the job for you, right? Hell I bet the FLOSS guys have a nice CD that you can stick in that is simple to script. Simply write a script, burn the disc, and then set the headless machine in the corner.
And finally let us not forget that in this economic downturn that many machines being tossed by enterprise and SMBs as "junk" could be given a new lease on life and help those that have not been as fortunate as us. I repair and give away machines from businesses and you would be surprised what even a 400MHz P2 can do for those that have none. I have turned a 233MHz into a bookkeeping appliance for a little church who helps out families, the homeless, and migrant workers by installing Puppy Linux with OO.o and some simple Dbases set up. Once shown how the wife of the pastor makes her own databases using the wizard and uses them to track donations, make mailing lists, help with inventory, etc. I have given a 400MHz to a single mom who cried because she now had a way to help her kids with homework and thanks to that donation would have something nice to give her kids for Xmas, and I have set up a group of old 350-600MHz along with an old 700MHz donated server I was able to talk the school out of for a class project on networking for a shelter for battered women. They use them to teach office skills to the women to help them become self sustaining and the server reimages them and does backups on the ones we gave the office workers.
So while the cost of a new HDD might not be a big deal for most of us, for them it could have hurt. I tell all of those that are nice enough to donate that I will DoD-7 wipe the HDD, which for the smaller drives in older machines really doesn't take long. And of course now that IDE drives are no longer being made they will probably end up more expensive which will make it even harder for somebody who doesn't have much to begin with to afford one. I figure it is better for the environment as well as my heart to take a little time and sit a PC in the corner and run DoD-7 than it is to just see it end up as more e-waste polluting our landfills. Don't you?
ACs don't waste your time replying, your posts are never seen by me.
Disassemble the drive and remove the platters. Take sandpaper and sand off the oxide. There's no way in hell any data will be recovered after that.
Not everyone has access to a furnace hot anough to melt the whole thing.
Free Martian Whores!
You must cast it into the fires of Mount Doom! Only then will your data be safe!
Depends on the value of the information. Are you willing to spend $500-$10000 on a professional recovery service, or is your information not worth that much? Can it be reconstructed through different means?
The DoD has to worry about enemies getting ahold of the disk and sending it to a multi-million dollar clean-lab with stuff like electron microscopes and post-doc engineers to recover the information.
Something properly classified 'Top Secret' is done so on the basis of it being possible for it to cause 'exceptionally grave damage'. IE lives lost, cities nuked, embarrasing the POTUS, etc...
The reason you destroy the information in so many different ways is in case one of the ways fail. For example, degaussing is often possible in-house, but what if the degausser doesn't work well enough? On the other hand, sending it to a facility capable of smelting it down requires transporting it - an opportunity for it to be lost. So you degauss it first to make it harder to retrieve data in the facility, then send it to the smelter 'to make sure'.
I don't read AC A human right
When the informatin is "loosed", where does it run off to? Should we have some mechanism in place to catch it before it gets in the wrong hands?
Hard drives are NOT cheap if your goal turn the computer around for use by someone with low income. I rebuild computers and give them away for free to people who need them. Spending even $20 to replace the hard drive would increase the cost of the computer enough to make it unusable for my purposes.
Is it really possible to recover data from a disk that has been wiped with DBAN? I highly doubt it -- I've never heard of data being recovered after wiping with DBAN.
If you want to be friendly to the environment and spread the availability of low-cost computing, don't destroy the disk, use DBAN instead.