The Homemade Hard Disk Destroyer

Barence writes "All businesses have sensitive data they need to destroy when they replace PCs, but disposing of hard disks properly can be an expensive business. This has led one IT manager in the UK to come up with his own, homemade solution — Bustadrive. It uses a powerful 'hydraulic punch' to physically deform a hard disk, rendering it virtually unreadable, and requires nothing more than a pull of the lever on the front — similar to a drinks-can crusher. PC Pro tested the Bustadrive, and also sought the opinions of data destruction companies as to whether the device was really as effective as hoped, or just a fun way to mangle a hard disk or two."

Stand drill

[Nikademus]

I just use a stand drill. I goes through all the platters and the circuitboard.
Fairly easy to find and purchase.

Re:Overkill?

[LordLimecat]

Thats probably because you used some silly setting like Gutmann. Just use pseudorandom and be done with it. (esp since gutmann isnt really relevant anymore....)

Pseudorandom wipe can apparently do an 80gb drive (hooked up via usb) in about 40 minutes.

If youre doing multiple passes, you may want to make sure that doing it via overwrites (rather than destruction) is really good enough for your data :)

Gutmann was wrong

[feenberg]

There is no need to physically destroy a drive to prevent data from being read. The claims of Gutmann that it was possible to read overwritten sectors were never sustained by his sources. I investigated this years ago and reported in Can Intelligence Agencies Read Overwritten Data that he was very much overwrought. I see he has gone on to tilt at other windmills since he propagated that myth.

Re:Not 100%, but otherwise cost-effective given ri

[Peter+Steil]

This is not effective, I've successfully recovered drives where the PCB had been smashed, broken, etc. You just need to find the same model and replace with that.

Re:Overkill?

[maxwell+demon]

Even then, you'll never be fully comfortable with the job until you destroy the entire galaxy that the drive was in. Maybe the whole universe. You can't be too sure.

Just destroying the universe after the disk failed isn't enough. If many-worlds is true (and the paranoid sysadmin must consider this possibility), the fact that you destroyed the universe in this world doesn't guarantee that the data isn't destroyed in any other world. Indeed, you have to setup the universe-destroying device before writing the first bit of data onto the drive, and have it automatically triggered if it can't detect any accesses to the drive any more (after all, you might forget to activate it by hand in some of the universes). Only by setting it up before writing data you ensure that it will be in every universe where the disk contains any data, despite all the universe splitting going on.

Re:Overkill?

[TheRaven64]

Note that there are two dimensions to security. One is how big a problem it is if the secret leaks, the other is how long this is true for. Troop movements in Iraq, for example, could cost lives if they are leaked today, but if they are leaked next month then the data is irrelevant. The NIST recommendations that suggest destroying the drive are based in the principle that the secrets may be important in 20-50 years. They factor in attacks that are hypothetical now, but could become practical over this timeframe. For a commercial entity, this level of paranoia is rarely required. Most businesses don't have any data that would be a problem if it leaked even 5 years in the future - even credit card numbers have a shorter lifespan than that, so if someone recovered a five-year-old list of credit card numbers they wouldn't get anything of value.