Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Homemade Hard Disk Destroyer

Posted by ryuzaki0 on from the if-you-can-recover-that-you-earned-it dept.

Barence writes "All businesses have sensitive data they need to destroy when they replace PCs, but disposing of hard disks properly can be an expensive business. This has led one IT manager in the UK to come up with his own, homemade solution — Bustadrive. It uses a powerful 'hydraulic punch' to physically deform a hard disk, rendering it virtually unreadable, and requires nothing more than a pull of the lever on the front — similar to a drinks-can crusher. PC Pro tested the Bustadrive, and also sought the opinions of data destruction companies as to whether the device was really as effective as hoped, or just a fun way to mangle a hard disk or two."

9 of 497 comments (clear)

  1. Stand drill by Nikademus · · Score: 5, Informative

    I just use a stand drill. I goes through all the platters and the circuitboard.
    Fairly easy to find and purchase.

    --
    I gave up with the idea of an useful sig...
  2. Re:Overkill? by LordLimecat · · Score: 5, Informative

    Thats probably because you used some silly setting like Gutmann. Just use pseudorandom and be done with it. (esp since gutmann isnt really relevant anymore....)

    Pseudorandom wipe can apparently do an 80gb drive (hooked up via usb) in about 40 minutes.

    If youre doing multiple passes, you may want to make sure that doing it via overwrites (rather than destruction) is really good enough for your data :)

  3. Re:This is just a controlled hammer by Hyppy · · Score: 4, Informative

    If they're reusable afterwards, you didn't use a proper degausser.

  4. Gutmann was wrong by feenberg · · Score: 5, Informative

    There is no need to physically destroy a drive to prevent data from being read. The claims of Gutmann that it was possible to read overwritten sectors were never sustained by his sources. I investigated this years ago and reported in Can Intelligence Agencies Read Overwritten Data that he was very much overwrought. I see he has gone on to tilt at other windmills since he propagated that myth.

  5. Re:Not 100%, but otherwise cost-effective given ri by Peter+Steil · · Score: 5, Informative

    This is not effective, I've successfully recovered drives where the PCB had been smashed, broken, etc. You just need to find the same model and replace with that.

  6. Re:Overkill? by maxwell+demon · · Score: 5, Informative

    Even then, you'll never be fully comfortable with the job until you destroy the entire galaxy that the drive was in. Maybe the whole universe. You can't be too sure.

    Just destroying the universe after the disk failed isn't enough. If many-worlds is true (and the paranoid sysadmin must consider this possibility), the fact that you destroyed the universe in this world doesn't guarantee that the data isn't destroyed in any other world. Indeed, you have to setup the universe-destroying device before writing the first bit of data onto the drive, and have it automatically triggered if it can't detect any accesses to the drive any more (after all, you might forget to activate it by hand in some of the universes). Only by setting it up before writing data you ensure that it will be in every universe where the disk contains any data, despite all the universe splitting going on.

    --
    The Tao of math: The numbers you can count are not the real numbers.
  7. Re:Overkill? by TheRaven64 · · Score: 5, Informative

    Note that there are two dimensions to security. One is how big a problem it is if the secret leaks, the other is how long this is true for. Troop movements in Iraq, for example, could cost lives if they are leaked today, but if they are leaked next month then the data is irrelevant. The NIST recommendations that suggest destroying the drive are based in the principle that the secrets may be important in 20-50 years. They factor in attacks that are hypothetical now, but could become practical over this timeframe. For a commercial entity, this level of paranoia is rarely required. Most businesses don't have any data that would be a problem if it leaked even 5 years in the future - even credit card numbers have a shorter lifespan than that, so if someone recovered a five-year-old list of credit card numbers they wouldn't get anything of value.

    --
    I am TheRaven on Soylent News
  8. Re:Overkill? by rsmith · · Score: 4, Informative

    If you read the enhanced version on his homepage, he says that he didn't update the paper because it is practically unfeasable to try and restore overwritten data from a modern disk. In the epilogue he says:

    Any modern drive will most likely be a hopeless task, what with ultra-high densities and use of perpendicular recording I don't see how MFM would even get a usable image, and then the use of EPRML will mean that even if you could magically transfer some sort of image into a file, the ability to decode that to recover the original data would be quite challenging.

    --
    Never ascribe to malice that which is adequately explained by incompetence.
  9. Re:Overkill? by rsmith · · Score: 4, Informative

    Gutmann's paper was based on 1990-era technology. And even then you didn't need all 35 passes, just the ones that correspond to the encoding used on the disk. If I read the enhanced version of the paper correctly, restoring even plainly overwritten data from a modern disk is a hopeless task.

    --
    Never ascribe to malice that which is adequately explained by incompetence.