When Your Data Absolutely, Positively has to be Destroyed

Here's a corporate motto for you: "Destroying data since 1959." Timothy ran into a company called Garner Products (which doesn't use that motto as far as we know), at a security conference. While most exhibitors were busily preserving or encrypting data one way or another, Garner was not only destroying data but delighting in it. And yes, they've really been doing this since 1959; they started out degaussing broadcast cartridges so broadcasters could re-use them without worrying about old cue tones creeping into new recordings. Now, you might ask, "Instead of spending $9,000 or more to render hard drives useless, couldn't you just use a $24 sledge hammer? And have the fun of destroying something physical as a free bonus?" Yes, you could. You'd get healthy exercise as well, and if you only wanted to destroy the data on the hard drives, so what? New drives are cheap these days. But some government agencies and financial institutions require degaussing before the physical destruction (and Garner has machines that do physical destruction, too -- which is how they deal with SSDs). Garner Products President Ron Stofan says in the interview that their destruction process is more certain than shooting a hard drive with a .45. But neither he nor Tim demonstrated a shooting vs. degaussing test for us, so we remain skeptical.

dd

dd if=/dev/zero of=/dev/sda bs=1024 &

Re:dd

[Gordonjcp]

Exactly. A single pass of /dev/zero will wipe all the data on the drive beyond any hope of recovery, and sure as hell doesn't cost nine grand.

Re:dd

"We could get an image of the data-patterns"

Snake oil.

Re:dd

[SpectreBlofeld]

I encourage anyone who has 20 minutes to spare to watch this short Frontline documentary on E-waste:

http://www.pbs.org/frontlineworld/stories/ghana804/video/video_index.html

I bet lots of companies throwing out old hardware who are worried about data leakage could actually find use for their old drives in-house. Hell, just keep them in a closet somewhere until one of your in-use drives go bad (and they will).

Re:dd

[SpectreBlofeld]

...the first line of my above post got eaten somehow, which was: 'Not to mention the fact that destroying non-defective drives is FUCKING WASTEFUL'.

Re:dd

[Gordonjcp]

'Not to mention the fact that destroying non-defective drives is FUCKING WASTEFUL'.

A million times, this. You don't need a 2TB drive in your desktop that uses network shares for saving everything.

Re:dd

[Synerg1y]

Most of those legacy hard drives everybody always think can be re used are actually far lower RPM IDE hard drives. I'd be delighted to give one to somebody I don't like, but I think you get my point, they're not re-usable due to extremely poor performance.

Re:dd

[eln]

Not to DoD standards. Several (usually 3-7 passes with /dev/random (or /dev/urandom) followed by /dev/zero will erase data well enough for any standard out there other than those that specifically require physical destruction, though.

Re:dd

[h4rr4r]

What are you going to do with several hundred 40GB IDE drives?
How about some SCSI320 drives?

No one has enough room to store all this crap.

Re:dd

[fuzzyfuzzyfungus]

I'm pretty sure that boring business desktops are why they still make 80 and 160 gig drives.

On the network side, we can't shove more 2TB nearlines in fast enough to keep the users happy; but every desktop still goes out largely empty.

Re:dd

[Hatta]

Does the DoD have evidence that data can be recovered from a zeroed drive? Or do the recommend overkill just because they can?

Re:dd

[Frank+T.+Lofaro+Jr.]

Just store your data using ReiserFS, kill the power and your data's dead too.

Re:dd

[acariquara]

What are you going to do with several hundred 40GB IDE drives?

World's crappiest RAID5?

Re:dd

[dave562]

My experience has been that they recommend it just because they can. I have dealt with this in the past in consultation with the risk management teams of various financial industry clients of ours. The first couple of times they asked me to do 7 pass zeroing on multiple terabytes of data, I tried to push back on it. Not a single one of them could produce any proof that a single pass was insufficient to render the data unreadable. Yet they all insist that it must be done to DoD standard, 7 pass wipe. It is just one of those idiocies that comes from the "security and risk" people who do not really understand what the risk is and are just checking off boxes on a form that they do not really understand.

Re:dd

[Synerg1y]

People who use these services justify the cost because they get a certificate.

In all honesty though, you're completely right, that whole industry is one giant scare scam.

It's supposedly possible in a lab environment to try and recover deleted data off a wiped drive by comparing the digital and analog signal differentials I believe... but if the NSA has interest in you, that's the least of your problems.

My preference is to use OP's unix command, except I tend to like to use /dev/urandom instead and then put them on the curb at the biz during earth day, problem solved. I'd also consider if the hard drive at some point had such sensitive data that somebody would try to do a signal differential DR on it, it may be wise to wipe it and then hold on to it in the IT closet (non-criminal data of course).

Re:dd

Does the DoD have evidence that data can be recovered from a zeroed drive? Or do the recommend overkill just because someone can profit from it.?

Re:dd

I would suspect that anyone with a sufficiently good enough data recovery system can probably read the bits that have been zeroed. Since you're changing everything to the same state, it doesn't seem at all unlikely that reading small fluctuations in those "zero's" would be possible. I would think one pass of /dev/random followed by a pass of /dev/zero would probably be sufficient, but it takes a LONG time to do that. Certainly more than the 9 seconds it took to completely wipe the drive they put in the medium sized machine. Also, you can only write /dev/random or /dev/zero if the drive is still operable. If the drive dies and needs to be replaced, there isn't much hope other than destroying the drive physically, or wiping it with one of those machine.

I can say this though, if I worked in a data center, and had the job of wiping old drives being taken out of commission, I would definitely ask my company to buy one of those systems to save me the time and aggravation of doing it some other way.

Re:dd

[sexconker]

dd if=/dev/zero of=/dev/sda bs=1024 &

Won't work on an SSD. You have no idea what the controller is doing behind the scenes. There is capacity on the SSD that is completely and utterly inaccessible to the host. When you write 256 GB of zeros to your 256 GB SSD, you've probably got 16 or 32 GB the controller hasn't told you about, with data you know nothing about. You have to issue the ATA SECURE ERASE command, and even then you'll have no idea if the controller actually respected it and wiped everything.

For SSDs there are two reliable options.

1: Encrypt everything in software so the key nor a hash of it could never possibly be stored on the drive in unencrypted form.
2: Physical destruction.

Re:dd

We use them at work in production line computers. We have setups so old that the computer won't run with anything bigger due to BIOS limitations.

Re:dd

[nitehawk214]

I'm pretty sure that boring business desktops are why they still make 80 and 160 gig drives.

On the network side, we can't shove more 2TB nearlines in fast enough to keep the users happy; but every desktop still goes out largely empty.

And if you are buying your computers from a standard manufacturer, they cost the same as the TB drives. Might as well get the bigger drives.

Re:dd

yes, drive forensics labs are known to be able to recover data off a zero'd drive. as soon as you transition over to the analog domain, it is evident which bits have been ones prior to being zeros, and vice versa.

Re:dd

Why did this get modded down?

Re:dd

[flyingfsck]

Not to mention that the 'DoD Standard' is a myth. They actually have different erase and destroy requirements depending on the media type, but none of them require 7 times over write, since that is just a waste of time. The worst iIknow of is a 3 times overwrite if you want to re-use magnetic media at the same (or higher) classification level.

Re:dd

[mabhatter654]

Because their buddies in the CIA heard on a TV show that the NSA did this one thing and used it to recover the whole drive full of data and valid time stamps that sent a politician to jail!!!

Re:dd

[flyingfsck]

Ext2 would be better for the 'Bang Off' secure erase method.

Re:dd

[whoever57]

Most of those legacy hard drives everybody always think can be re used are actually far lower RPM IDE hard drives.

Wow! You must have some really old drives. Just looked at the 120GB hard drive that is sitting on my desk -- it's a 7200 RPM drive and was announced in 2001.

Re:dd

[Andy+Dodd]

Not guaranteed if the device does any form of block remapping...

Which every modern drive for the past decade has done...

Re:dd

[mabhatter654]

Non-criminal is the tricky part. Much of what one group orders done BECOMES criminal when political circumstance changes. As this happens quite often it being its all three sides if they just agree to destroy everything all the time.

Re:dd

Yes, Reiser is a killer alright.

Re:dd

A while back - say 3->4 years ago - some guy was convicted of having child
porn on his computer. His story was that he had bought the drive second hand.
The FBI recovered the data in question; admitting that the drive had been
hard formated several times. No matter the conviction held and the victum^H^H^H^H^H^H
guilty verdict held.

Re:dd

[Anubis+IV]

The theory regarding how data could be recovered from a zeroed drive seems sound enough, namely that by measuring the difference between the analog signal captured directly from the head before it is converted to a digital signal, and then taking the difference between it and the digital signal, one can determine what the previous state was for each of those bits. And it also stands to reason that the various intelligence agencies who are purported to possess such capabilities would not be forthcoming in revealing their ability to do so.

That said, regardless of whether the technology exists or not, people who advocate 7-pass and 35-pass overwrites are just wasting their time, since even the author of the paper that proposed the 35-pass method acknowledged that only a subset of those passes are necessary for any particular drive, and that with modern drives a simple series of random rewrites would be more than sufficient. He even referred to the way that many people were using his technique as "a kind of voodoo incantation".

Re:dd

[Alphadecay27]

There is a lot of FUD concerning data recovery. It is theoretically possible to recover data from older hard drives that have been overwritten. Peter Gutmann wrote a paper on the method then added an addendum that basically says it probably won't work on modern drives http://en.wikipedia.org/wiki/Gutmann_method#Criticism Most of the paranoia is based on a 16 year old paper which is no longer relevant + the fact that people often do a quick format instead of a full then wonder why their data is still recoverable.

I work for the government and I have met many managers who are technically capable of understanding that a single pass will do the trick. Every single one sticks with the party line (multipass wipe/physical destruction) to cover his ass.

Most data leaks happen when a hard drive is lost/stolen/not wiped at all. I have never heard of anyone recovering data from a formatted HD. Having a process at all is a good thing. It's the verification that you've wiped all the data that is important. Degaussing/shredding is an option for failed HDs but it is overkill otherwise.

Re:dd

[D1G1T]

I think a lot of people assume that the bad guys are only going to use commercially available file recovery software to try to get data off of a zeroed drive. Think scanning electron microscope, etc. Also remember that custodians of secret (military, diplomatic) or private (medical) information can be criminally or financially liable if it gets out. $10K for something quick and sure is totally worth it.

Re:dd

[omnichad]

If the drive still works.

Re:dd

[omnichad]

With the platter density, a 5400 RPM 500GB single platter drive gets much better throughput.

Re:dd

[omnichad]

CF cards are IDE-based. Just plug one into an adapter and plug it into the IDE port on the motherboard. Cheap, faster, and more reliable than the old 40GB drives.

Re:dd

[Penguinisto]

And if you are buying your computers from a standard manufacturer, they cost the same as the TB drives. Might as well get the bigger drives.

As a bonus, a really enterprising sysadmin will use the (aggregate) empty desktop disk space as a de-centralized near-term backup solution. Mind you, it should never replace tapes, snapshots, etc, but...

If you can park encrypted copies of critical data around redundantly on every desktop, deny the use of that space to the desktop user, and do it in a way that's automated? Sweet. Why do it? Because you could possibly recover lost data much faster than calling your offsite provider and waiting for a tape to arrive. It also serves as a last-ditch, everything-else-has-failed means of recovering whatever data it is that you deposited there. You;d have to set up some sort of RAID-like redundancy, and a means to automatically update that data on a semi-regular basis, but damn if it wouldn't work. As a bonus, you can put that disk space to legitimate use, instead of watching it get filled up with cat pictures and web cached files from facebook. If each desktop has a TB of drive, you could slash it to 300GB for the desktop user, and take 600GB+ (mind the overhead) from each desktop for company use. Even with only, say, 40 desktops? You could get up an easy 12 TB of aggregate storage with a RAID1-like redundancy - maybe 6 TB if you had 4 copies of each chunk of data, which is still nothing to sneeze at (especially if you've priced SAN shelving as a near-line backup depot...)

(...though if you were a true BOFH, you could do the same thing, say it's for company data, then use it for your own personal stash or whatever...)

Re:dd

[omnichad]

You misspelled CSI. The guy just looked at the drive and yelled "Enhance!" and all the data was back.

Re:dd

[gman003]

No. RPM hasn't changed much. I've seen 15KRPM drives that are as old as I am, and I've seen 5400RPM drives that came out yesterday.

What does change is data density, which does affect sequential read/write speeds (and to a much lesser extent random). So a modern desktop 7200RPM drive can have similar performance to a 10,000RPM server drive from 2004 (date pulled OOMA, use loosely).

Re:dd

It didn't get modded down. Sexconker evidently piled up some bad karma; click on the "-1" and you'll see that is the starting score. I don't have mod points, but if he gets upmodded for insightful and informative posts, he might get his 'good' karma back. Some oldtimers around here have stopped caring but are still mesmerized by the slow-mo trainwreck that is modern /..

Re:dd

[mindcandy]

You forgot the while().
You have to pay by the hour for the while().

Re:dd

[omnichad]

Wouldn't the drive TRIM the rest to speed up future writes? Or do you mean older SSD?

Re:dd

[LordLimecat]

Information of some kind is left on those hard drives, and I do not know that anyone has proven one way or the other that the information can be used to recover the original data.

But last I checked, "Good security" wasnt "theres definately a side-channel here, but I think we can ignore it because noone's abused it YET".

Re:dd

[mindcandy]

If it's old, then it's out of warranty. Yeah, I get the whole e-waste thing, and I'm sure it pains people to see a pallet of otherwise good 1TB drives headed off to be shredded into chips .. but remember they are 3-4 years old and having one go bad while is a far bigger PITA in terms of lost productivity, lost data, etc. than it is to just buy a new one for $100 and pay $1 for the old one to get securely scrapped.

Re:dd

[dave562]

A format is not the same as an overwrite. Even a low level format is not the same as zeroing.

Re:dd

[feenberg]

No, the claim that intelligence agencies can read overwritten data is not true. See
http://www.nber.org/sys-admin/overwritten-data-gutmann.html

Re:dd

[Impy+the+Impiuos+Imp]

This is interesting because there's a security company with a standing prize offer to anyone who can recover data from a simple wipe, no fucking patterns or multiple passes needed.

It's one of those proverbial things that seems to have no basis even in the deepest labs of NASA or the CIA.

Re:dd

[LordLimecat]

Do you have evidence that any of the failed SHA-3 candidates are crackable? Because security is about a whole lot more than "addressing confirmed threats".

Magnetic domains remain on overwritten harddrives, this is indisputable. The only question is whether anyone has the capability to recover data from them; but assuming "nah, its too difficult" seems to be making a whole lot of assumptions about tomorrow's technology.

Re:dd

[LordLimecat]

Formats (in Windows) do not delete anything except perhaps the file table. Even a "full format" just does a normal format, after full disk surface check (which is why it takes so long).

And Id assume he didnt mean "low level format", because those generally make your drive unusable.

Re:dd

[Gordonjcp]

I would suspect that anyone with a sufficiently good enough data recovery system can probably read the bits that have been zeroed. Since you're changing everything to the same state, it doesn't seem at all unlikely that reading small fluctuations in those "zero's" would be possible.

But you still need some way of knowing what the difference between a valid zero and the residual print-through is - and that difference is *tiny*.

Furthermore, drives haven't written 1s and 0s since the very earliest days of IDE, over 20 years ago. Now they use something similar to QAM so rather than trying to pick out the traces of 1010101010 from underneath 0000000000, you're trying to pick out 1758923065 from underneath 8959205253 - if you see what I mean.

I can say this though, if I worked in a data center, and had the job of wiping old drives being taken out of commission, I would definitely ask my company to buy one of those systems to save me the time and aggravation of doing it some other way.

You've got the asset number and the MAC addresses, right? PXE boot and DBAN...

Re:dd

[wiedzmin]

Unless it's an SSD drive, in which case you will end up with about 1% of data still left on the drive. For a terabyte drive, that's 10 gigs of your favorite home movies, on eBay: http://static.usenix.org/events/fast11/tech/full_papers/Wei.pdf

Re:dd

I still have a "Terra - system" that I need to get rid of. Data drives: 80 SCSI320 ...... 18GB drives. It was cool to run it in the winter... it successfully heated my house. (Actually - to much heat; had to open a window) last "used" to move all data from it to a single SATA drive.

Re:dd

[Synerg1y]

But lower RPM coupled with an IDE interface should eliminate ANY consideration on re-using the drives I'm referring to.

  RPM has to do with how fast a hard drive can retrieve data (access times) so that's where the data density would come in, if I'm retrieving more data per rotation, say 2x (theoretical) more, suddenly 7200rpm looks more like 14400RPM, which obviously > 10k SAS.

Re:dd

[RMingin]

Wrong. A single pass of zero is often recoverable. Not for civilians, sure, but recoverable nonetheless.

DOD published their specs for proper wiping of a hard disk. Those are still good baselines.

Re:dd

Exactly. A single pass of /dev/zero will wipe all the data on the drive beyond any hope of recovery, and sure as hell doesn't cost nine grand.

What about SSDs that shuffle the spare sectors for wear leveling? Those sectors won't be wiped, and they actually can be read back.

Re:dd

I have heard that the DoD (actually these are NSA requirements) standards are based in what is possible, at least in theory. But this does not mean that reconstructing data that has been overwritten 7 times and zeroed has been demonstrated by anybody. It really only means that somebody published some paper that claims it might be possible in some cases.

Is this requirement excessive? Of course it is, but remember that reduction in risk usually requires over design in the first place. You want to make sure a bridge doesn't fall down? Design it to hold 7 times the rolling load and derate it. That way, if the working load someday exceeds what you planned, you can easily raise the limits... OR if you are really bad in your design, you have a lot of headroom built in.

So the purpose is to "future proof" the destruction of all this data, and not necessarily a claim that the CIA/NSA can actually read the data off your drive that has been overwritten 7 times. Which, by the way, makes the physical destruction of the drive itself pretty sensible.

Re:dd

The IT dept at my firm actually tried to do this, and we had to stop engineering work on a number of projects until we figured out what they'd done and forced them to roll it back. A detailed ANSYS run (say, buckling modes of a large mast crane) will easily eat up hundreds of gigabytes of disk space in temporary solver files, even if the final results file on the network share is only a few megabytes. I'd assume that other calculation-heavy professions (CGI techs, maybe? Don't know) would have similar requirements. Just because the disk has a lot of space when you're looking at it doesn't mean that space doesn't get used.

Re:dd

[Synerg1y]

I don't know how it is where you're at, but for earth day we have programs that go around businesses and collect their "IT junk".

Re:dd

[Sqr(twg)]

Even if you assume that zeroing is 100 % sure, it has two obvious drawbacks.
1) It takes a long time. The disk has to be mounted in a computer, then written in its entirety, and read back to verify that the write was successful.
2) It does not work on drives that are broken.

If you're destroying more than one disk a day, you'll want to use a machine of some sort.

Re:dd

[Shadow99_1]

I've done this before in an old 'server' I was re-using. As is typical this had been laying around in the server room for 7 or 8 years even after it had been replaced (once upon a time it ran WinNT). My company at the time gave me no budget and said they wanted our website (which not even 500 people a year ever looked at) moved inhouse. So I repurposed this guy and seeing as how the enclosure was designed to hold a dozen or so drive I stuffed it full of old 40 GB drives I'd pulled from desktops and set up a RAID 5 arrangement with 10 of them. Was never really any reason not to do it. It made an ok little linux webserver running a CLI environment for remote access.

Re:dd

[muridae]

Do you really expect government agencies with redacted amounts of annual funding are going to demo their technology for a $500 prize? And the contest, if you were referring to "The Great Zero Challenge" has been closed for since the end of 2008!

Re:dd

[Synerg1y]

This:

http://mashable.com/2011/09/13/hard-drive-creations/

nobody would think to recover data from my skyline replica!

Re:dd

[Synerg1y]

But seriously, sending several hundred IDE drives away to be shredded sounds a lot more attractive at that point.

I'd argue you can save the company money by doing it yourself, but meh, you'd save many life hours and get paid exactly the same.

I suppose you can incorporate a process that prevents several hundred IDEs from stacking up in the first place.

Re:dd

[Gordonjcp]

Wrong. A single pass of zero is often recoverable. Not for civilians, sure, but recoverable nonetheless.

Bullshit. Once the data has been overwritten, it is *gone*, forever. There is no way to get it back. There is no "residual magnetism", and if there is it would be impossible to reconstruct it into a valid data stream.

It might be just-about-possible on 1970s MFM hard disks.

Re:dd

[Hillgiant]

2) It does not work on drives that are broken.

Broken drives are easy. Oxy-acetylene torch. I know of no data storage medium that can survive temperatures in excess of 3600 K.

Re:dd

[ultrasawblade]

What about

  - HPA

  - DCO

  - possible remnants of data in the drive's cache RAM

Re:dd

[Insightfill]

As a bonus, a really enterprising sysadmin will use the (aggregate) empty desktop disk space as a de-centralized near-term backup solution. Mind you, it should never replace tapes, snapshots, etc, but...

If you can park encrypted copies of critical data around redundantly on every desktop, deny the use of that space to the desktop user, and do it in a way that's automated? Sweet.

Many years ago, a company named "Mangosoft" had a product named "Medley" which would do this.. Each user would allocate a certain amount of their disk drive to the "Medley" drive, and all of the users (up to 25 max) would share a really big drive together. Earlier versions of this technology worked by basically keeping two copies of every file, and moving a copy to the local drive of the last user who accessed it. If a machine holding a file went down (power, etc.) then the list of files it held would be pushed around from other working machines to always ensure duplicates are still around.

Current versions of this would probably be GlusterFS, Coda and Tahoe.

Re:dd

[Ivan+Stepaniuk]

Not really. Since a long time ago, hard drives have spare sectors to reallocate the bad ones when a read error is encountered. If the disk has reallocated sectors, faulty sectors could keep data because they are not accessible or writable through the IDE/SATA interface anymore. After sequentially erasing the drive with dd, those sectors could be read using vendor specific commands, by manipulating the reallocation table or using a modified firmware on the drive, etc.

This does not mean that an HDD cannot be erased without damaging it, just that dd alone is not enough. Chances are small, but disks with reallocated sectors (specially 4K sectors) can still contain sensitive data.

Re:dd

[Endo13]

Even a "full format" just does a normal format, after full disk surface check (which is why it takes so long).

Not true. It's a lot harder to recover data after a full format than a quick format. All the data recovery apps that work on a quick format or delete won't do squat if you do a full Windows format.

Also, a single low-level format or even zeroing a drive does not make it unreadable. I've already recovered data from such a drive. Granted, it wasn't very complete, but it certainly wasn't all gone.

The only way to be 100% certain none of your data is recoverable is to melt it down or grind it into a fine powder.

Re:dd

Not to DoD standards. Several (usually 3-7 passes with /dev/random (or /dev/urandom) followed by /dev/zero will erase data well enough for any standard out there other than those that specifically require physical destruction, though.

HDDerase accesses a firmware routine installed in all modern hard drives and wipes the whole drive, including bad sectors which may not be accessed by external wiper programs. I understand it's NIST approved. It's also a helluva lot faster than the routine you've described, as well as programs like DBAN.

http://en.wikipedia.org/wiki/HDDerase

Re:dd

[Hentes]

Many drives are thrown out because they stop working, in which case this method doesn't help.

Re:dd

[LordLimecat]

From the horse's mouth:
http://support.microsoft.com/kb/302686

When you choose to run a regular format on a volume, files are removed from the volume that you are formatting and the hard disk is scanned for bad sectors. The scan for bad sectors is responsible for the majority of the time that it takes to format a volume.

If you choose the Quick format option, format removes files from the partition, but does not scan the disk for bad sectors. Only use this option if your hard disk has been previously formatted and you are sure that your hard disk is not damaged.

If you installed Windows XP on a partition that was formatted by using the Quick format option, you can also check your disk by using the chkdsk /r command after the installation of Windows XP is completed.

There is no difference between running a quick format followed by chkdsk /r, and running a full format.

Re:dd

[definate]

I'd rather...
dd if=/dev/rand of=/dev/sda bs=1024 &

Re:dd

[number11]

Even if you assume that zeroing is 100 % sure, it has two obvious drawbacks.
1) It takes a long time. The disk has to be mounted in a computer,

Sort of. A $15 HD/USB adapter works, though it slows the process down some. But it's not as if you have to stay there and supervise it.

then written in its entirety, and read back to verify that the write was successful.
2) It does not work on drives that are broken.

This is true. For whatever reason, for me HDs that are smaller than 1G don't seem to hook up to USB very well, either.

Re:dd

[toddestan]

There's a lot of charities and non-profits that refurb old computers who would love to get a pallet like that. Both because hard drives are one of the more likely components to fail in older computers, and because so many of the computers that get donated to them have had the drives removed.

Re:dd

[mythosaz]

Citation Needed

Re:dd

everyone replying with comments like "dd" or "scam industry" and aren't just joking obviously don't understand the volume considerations and thus the convenience.
During our most recent datacenter conversion/virtualization it would have been handy to have a "degausser".

one might argue that having an industrial grinder or crusher of some nature would have more applications after you've destroyed the drives, and most likely a lot more fun, but I doubt you could justify the huge cost difference between the entry level "degausser" and a mutilating-destructo-fun-box.

Re:dd

[Zemran]

For $9000, I would rather go on a good holiday near a volcano and toss the drive in while I am there... There are so many total destruction options available (real rather than volcanic) that I cannot see why you would pay $9000. Have none of you seen what an oxy/acetylene torch does to a drive? A sledge hammer does not destroy the data, just the drive but oxy/acetylene destroys everything... even the KGB would not be able to find any data on the lump of molten metal left behind and I would still have change to buy a load of new drives.

Re:dd

[guruevi]

Not these days with SSD, hybrids and I suspect in the future regular hard drives as well employ data compression and deduplication on the fly in order to save on writes and thus less wearing on the memory chips. There's also a 5-25% (depending on quality and manufacturer) of extra space to perform wear leveling. dd if=/dev/random of=/dev/xxx a couple of times may be better given enough entropy.

Re:dd

[manu0601]

1: Encrypt everything in software so the key nor a hash of it could never possibly be stored on the drive in unencrypted form.

But keep in mind that what is cryptographically secure today will be easy to crack in a few years

Re:dd

[formfeed]

Exactly. A single pass of /dev/zero will wipe all the data on the drive beyond any hope of recovery, and sure as hell doesn't cost nine grand.

Assuming the zeros get (a) written at the exact same spot as the previous data and (b) an overwritten 1 looks exactly as an overwritten 0. And of course I am not talking about the capabilities of the hard drive to recover old data, but about the platters mounted in a machine that has a higher spatial resolution and reads more magnetic states than just 1 and 0.

Re:dd

[Endo13]

Yeah, because Microsoft always does a great job telling you exactly what all their software does, right? /sarcasm

A full format has always been necessary to build the file structure on an unformatted drive. It has always done more than a quick format + checkdisk, because a quick format only clears the journal and a check disk only checks and does repairs. In Vista and later, a full format also does a low-level format.

Re:dd

[formfeed]

What are you going to do with several hundred 40GB IDE drives?

World's crappiest RAID5?

World's most powerful refrigerator magnets?

Re:dd

Exactly. A single pass of /dev/zero will wipe all the data on the drive beyond any hope of recovery, and sure as hell doesn't cost nine grand.

Zero wipe will wipe out the center of the recorded track. Realigning the read head on the drive by a minute amount can catch the magnetic border of the recording left by the zero wipe. Also, you are left with weak 1 bits and strong 0 bits which specialized equipment can pick up after a zero wipe. Multi-pass random wipe is better, but still recoverable by special forensic hardware.

Re:dd

[PhrostyMcByte]

Anyone remember The Great Zero Challenge?

For solid state drives a physical destruction might be required, but I'm still not convinced anyone could beat the challenge with a HDD if it were still happening today.

Then again, why not just encrypt everything. No need to do anything when you're done with the data, then.

Re:dd

[rtb61]

Even better if they truly such worry warts to spend that kind of cash, why not upgrade performance and simply go with SSD drives, that over write pass will be super fast and in the interim they will gain a significant performance boost.

Re:dd

Line them up and shot em!

Re:dd

I just run badblocks -w

It does 4 passes of data just to be safe and then checks the result to make sure the drive is in good health so you can use it again.

Re:dd

So, your own, in-house version of MEGA, then.

Where do I sign up?

Re:dd

Quad sized original xbox drive? Boot drive for something that only boots from IDE?

Re:dd

[Gordonjcp]

You've not actually read further up this thread, have you?

Drives don't write 1s and 0s, and they haven't done since before Jurassic Park was released.

Re:dd

[Gordonjcp]

So with a bad sector, you might be able to recover a couple of bytes of the old data. Maybe.

Bear in mind that the most likely reason for the drive to map out a sector is because it can no longer find the address marks to tell where the sector starts. If that's the case then no amount of vendor-specific commands will fix that...

Re:dd

Wrong. A single pass of zero is often recoverable. Not for civilians, sure, but recoverable nonetheless.

Bullshit. Once the data has been overwritten, it is *gone*, forever. There is no way to get it back. There is no "residual magnetism", and if there is it would be impossible to reconstruct it into a valid data stream.

It might be just-about-possible on 1970s MFM hard disks.

As anyone who has done HDD manufacturing firmware can tell you, you can write a pattern to a track, then step (partially) off track and read bits that had been written on the previous pass. You won't get a clear picture, but you will get partial information. There are many variables, including width of the write element vs read element on the head, read channel characteristics, servo stability, etc. This is why several overwrites are needed.

Re:dd

Exactly. A single pass of /dev/zero will wipe all the data on the drive beyond any hope of recovery, and sure as hell doesn't cost nine grand.

What about SSDs that shuffle the spare sectors for wear leveling? Those sectors won't be wiped, and they actually can be read back.

SSDs that support the Security Erase command (especially those that support the Military erase modes) can, if FW is written properly, erase/rewrite all NAND blocks that contain user data, including defective blocks which have been spared-out.

Of course if the defective blocks are defective because the NAND erase command had failed, then the original data might never be eliminated, even after a Security Erase command. Then again, the point is fairly moot because the "original data" on the media will still be randomized/encrypted bits, and even a data recovery company would find it very time consuming and difficult to even TRY to recover that data. And then they won't succeed, unless the SSD architecture was really dumb.

Re:dd

[BrokenHalo]

World's most powerful refrigerator magnets?

Well said. I've got lots of those, but my wife keeps bitching about broken fingernails from pulling them off the fridge. ;)

Re:dd

What about

  - HPA

  - DCO

  - possible remnants of data in the drive's cache RAM

Certainly with HPA (host protected area), the dd command won't be touching those LBAs. But then, what is stored in HPA is generally not user data, but the system restore image from Dell, etc.

Most drives cache RAM will be lost as soon as the drive loses power.

Re:dd

[BrokenHalo]

The guy just looked at the drive and yelled "Enhance!" and all the data was back.

Only on the shows with microsoft product placement. Mostly they have to type:

lkasdfshwbfkljsbdvkjhwdebvkjhbsdfvb

...to get it to work. ;)

Re:dd

[matfud]

Well that is the problem. Hard disks are not digital. The analog signal recorded does depend on what was written before and what was written after the data of interest. You can't tell which as far as I know. But there are residual traces that potentially could be used to get some information.

The military have some stringent requirements. But most of those are to do with the process of discarding disks. A paper trail from the source of the disk to an easy to verify destoyed disk.

As long as the process works then there is a chain of custody from the original use through to data destrution through to physical destruction and a very broken bit of metal and silicon that can be accounted for.
The people doing the data destuction and physical destruction will probalby not have a security clearene to potentially see the information on the disks before destruction.

This is why the military and government have these requirements. Industry does not need them and does not tend to have a process in place to handle that.But "if it is good enough for the NSA then it is what we should do" mentality still exsts.

Re:dd

[allan_small]

Hm... depends on how paranoid you are. Perhaps /dev/random is a better source.

Re:dd

[skovnymfe]

Sure but as the guy in the video says, simply overwriting the disk isn't NSA approved, and some places need to be NSA approved to stay in business.

Re:dd

[Gordonjcp]

You're missing the point.

If you write 1s and 0s to a disk then overwrite them then *theoretically* it is possible to look at the data coming off the disk, and work out that a 1 that's a little higher than normal was previously a 1, a 0 that's a little higher was previously a 1 and so on.

But this only works with extremely old drives.

With modern drives, the signal written by the heads on disk is quite complex and consists of a mixture of signals with rapidly changing amplitude and phase. It's not as simple as on or off. How do you tell the difference between a really strong residual "1" and a really faint residual "7"? You can't, pretty much.

The military do not have some big magic machine that can extract data from overwritten hard disk tracks. It's not possible to do this, on any drive that's younger than the Internet.

Re:dd

SSD's are already internally encrypted with 256bit AES. You just have to run the drive erase tool from the manufacturer, which erases the internal table the SSD uses. It takes 5 seconds.

Re:dd

[LordLimecat]

They actually do, but if you want to insist that Microsoft (and technicians everywhere) knows less about what a "full format" does than you do, you can believe that.

I would wonder, of course, why-- if it were the case that the full format "sets up the file structure"-- I can do a quick format on
  * A "Mac-ready" drive
  * A freshly purchased drive
  * A drive which has been DBAN'd
  * A drive which has had "dd if=/dev/urandom of=/dev/sda" run on it

and it works with exactly the same performance as a full format, if the full format is doing "extra things".

There are a lot of articles out there by tech journalists which repeat the meme that it somehow makes a difference, but it doesnt; Im willing to bet that if you were to zero out your drive, install windows, plant a single 100MB video on that drive, and then full format it, that I could recover that video file 95% intact within 30 minutes.

Re:dd

[LordLimecat]

Incidentally, no, vista does not low-level format the drive. Low-level formatting requires tools supplied by the drive vendor and cannot generally be done "in the field" without rendering your drive useless.

At this point im suspecting that you are a troll, and I dont really have a desire to argue with someone who wants to ignore documentation by the company who makes the very tools we are discussing.

Re:dd

[tirefire]

What about seek times in a low-RPM, high-capacity drive?

I have two 3.5" drives in my desktop. One is a Western Digital 250GB 7200 RPM ATA/133 drive from 2005, the other is a Western Digital 5400 1TB 5400 RPM "green" SATA 3.0gbps drive from around 2011.

The 5400 RPM drive is nice and fast for big files, but lord help you if you install a game on it. Load times are easily twice as long for a big AAA game like Crysis.

I checked and both drives have three platters. Is this what's killing my 5400 RPM drive?

Re:dd

> A single pass of /dev/zero will wipe all the data on the drive beyond any hope of recovery

Actually no. Yeah, I get it: you're a digital weeny so if you don't see the digital out you think that there is nothing to read.

In the analog world, not so much. If you open up the drive and read out the analog signals from the head itself, you'll discover you can still see the remnants of the original data in analog form even after doing a "/dev/zero" write. If you are truly paranoid, this is still a non-zero risk.

Re:dd

That server had 5 IDE controllers? I'm assuming it was using software RAID?

Re:dd

[gregor-e]

I'm a fan of Darik's Boot and Nuke. Quick and effective.

Re:dd

[Shadow99_1]

Admittedly this was nearly five years ago now, so details I recall are a little blurry... But I know it had 3 RAID cards in it... I'm assuming each ran 2 sets of IDE ports (2 channels per card). I have no idea why it had those, it just did. I spent $0 and put a bunch of junk in one place. Win/win for me... Oh yeah... and it did serve webpages... so win/win/win...?

Re:dd

[sexconker]

TRIM doesn't do anything with regards to excess space that is hidden from the host. TRIM just means the controller is told to overwrite a block, not just mark it as available.

Re:dd

[sexconker]

SSD's are already internally encrypted with 256bit AES. You just have to run the drive erase tool from the manufacturer, which erases the internal table the SSD uses. It takes 5 seconds.

Not all SSDs are. And why would you trust the manufacturer? Do you trust OCZ?

Re:dd

[matfud]

Me thinks you are missng my point.

The reason this is done is for accountability and process. The military do not have a magic machne to retrieve data. I'm sure that if they wanted to they could get some specialist in to give it a try. I doubt they would suceed.

What they want is a clear process for disposal. Media storage came from A it has been transfered to B and then C. It is now in the correct place to dispose of it. Degauss then crush.
When the auditors ask you can show them the nice crushed disk (serial numbers included)
And it does not involve plugging it in to a potentially corrupted computer.

Re:dd

[omnichad]

I'm pretty sure it zeroes every formerly used sector. Even if it won't be used right away for performance reasons. Erasing is the slowest operation on an SSD. The drive wouldn't leave any unused sectors in anything but a ready-to-write state. That's the whole point of TRIM.

Re:dd

[peawormsworth]

dd if=/dev/zero of=/dev/sda bs=1024 &

Won't work on an SSD.

For SSDs there are two reliable options.

1: Encrypt everything in software so the key nor a hash of it could never possibly be stored on the drive in unencrypted form. 2: Physical destruction.

Agreed

Most people dont realize how permanent solid state drives really are. I send USB keys through the wash in my pants by accident and the data was fine.

I now use software encryption on all my hard drives. To wipe them I use /dev/urandom and then smash them with a hammer on pavement to complete the process.

I expect in many years, SD drives, sticks and cards will be a significant archaeological find.

Re:dd

[sexconker]

dd if=/dev/zero of=/dev/sda bs=1024 &

Won't work on an SSD.

For SSDs there are two reliable options.

1: Encrypt everything in software so the key nor a hash of it could never possibly be stored on the drive in unencrypted form.
2: Physical destruction.

Agreed

Most people dont realize how permanent solid state drives really are. I send USB keys through the wash in my pants by accident and the data was fine.

I now use software encryption on all my hard drives. To wipe them I use /dev/urandom and then smash them with a hammer on pavement to complete the process.

I expect in many years, SD drives, sticks and cards will be a significant archaeological find.

With any luck, solid state's durability will put Jodi Arias on death row. Bitch put the camera containing pics of the murder in the washing machine, but they got the data.

Re:dd

[Gordonjcp]

Oh yeah, I mean if you have a process that says that then I guess there's no way round it. However, it's a pointless waste of time that just adds to the ever-growing pile of e-waste that isn't really being dealt with properly.

I know from personal experience that at least one organisation that deals with confidential medical information simply hooks a pallet of decomissioned machines up to power and a switch, PXE boots the whole lot into DBAN, and calls it a day at that. "Good Enough".

Re:dd

[matfud]

I can not disagree. It is wastefull and silly...
Most of the time it is a "good enough" approach to just wipe the data and only reuse the drives in the same or above the security classification it had.

Even that is a pontless waste of time and effort.

But you have a choice. Try and dispose of the drives your self (and suffer the consequences if a few go missing) or send it through an approved destruction channel. (sign a bit of paper and it is now someone elses problem)

Re:dd

[Gordonjcp]

The "somebody else's problem" is good, but it's expensive.

All you need to do is configure one of the "scrap" machines as a PXE boot server, find a switch from somewhere, and then get your trainee to do all the plugging in and unplugging.

"Here you go, it's a vitally important job, and a big responsibility. Now do this pallet, and when you're done, do this pallet, and then when you've done *that* do this pallet. Then I'll teach you how to drive the forklift..."

Re:dd

[matfud]

Nobody said it was cheap.

One of the security risks is that you have to plug the media into a computer. The operators are probalby not allowed to even potentially see the data. And who knows what the computer will do with the data. So degauss and crush.

Oddly enough I do agree with you. but once a system is in place it can be very hard to remove. If there is a system for dsposal then it is easier to use it than figure out a new protocol for your self.

If that is in place then it is easy for unrelated companies to point it out as an example of how things "must" be done.

As I said this is not really a technology issue. It s an sysdemic process issue. You don't need to do it and I do not either. But if there is an extant method to dispose of media then it will be used even if it is overkill

Re:dd

Ehhh - modern perpendicular recording drives are typically safely wiped after only a single pass - 2 to 3 passes is more than sufficient..

Re:dd

[lewiscr]

That is true for both HDD and SSD, it's just less common to use it for HDDs. IIRC, 10% of the HDD platter is reserved for sector re-mappings. HDDs usually reserve re-mapping events for things like starting-to-fail sectors and bad sectors created during manufacturing. SSDs use re-mapping to prevent flash wear.

When I wipe an HDD or SSD, it's because they've been replaced after failing SMART. The SMART attribute Reallocated_Sector_Ct tells me how many HDD sectors had my data, but are no longer accessible to me. Some of my older SSDs have a low double-digit Reallocated_Sector_Ct value. That indicates that these SSDs only increment that attribute for re-maps due to failing sectors rather than wear leveling.

Hammered

[goldspider]

I still find the old fashioned way, "whack the drive real hard with a hammer and shatter the platter" combines the best parts of effectiveness and gratification.

Re:Hammered

Sounds silly, but I take the cover off of the drive, slide a hand-saw blade across the surface of each platter for a few seconds, bend it with a pair of pliers to get underneath and to the next top surface, then repeat. I've gotten the process down to about 10 minutes and would doubt that anyone can retrieve much from it, and wierdly enough enjoy it.

Re:Hammered

They can still use a scanning tunneling electron microscope to read data off the fragments.

Thermite!

The only way to be sure.

Re:Hammered

[h4rr4r]

A sledge hammer would be a lot faster.

I find something in the 30 caliber rifle line to be a far more fun way to destroy data though.

Re:Hammered

[khallow]

This. I imagine the most effect means would be to degauss the drive (to meet the official terms of the contract) and then bake it well above the critical point for the magnetic media in question. Thermite satisfies that part quite well and it wouldn't be hard to make a standard setup for slagging harddrives with thermite.

They probably could also modify a pizza oven (with conveyor belt) to get a high throughput baking system.

Re:Hammered

[PolygamousRanchKid+]

combines the best parts of effectiveness and gratification.

Yeah, they said:

their destruction process is more certain than shooting a hard drive with a .45.

But plinking hard drives is more fun. Good, wholesome, family fun.

Re:Hammered

[Bob+the+Super+Hamste]

Old hard drives are one of my favorite targets. I usually take the magnets out first and then shoot them with my SKS. My only complaint is they don't dance like empty pop cans do (hit them near the top or bottom and watch them spin and jump). Once they are so full of holes you have a better chance of going through an existing one than hitting metal they go into the recycle bin as at that point what is left is just the aluminum case and coated aluminum platters as the motor has been shot off at that point.

Re:Hammered

In the military we would skip degaussing. We also skipped dev/zero and dev/random unless the disk was secret/top secret. We would simply chip the disks in a custom rig, then melting it all down to a nice little goo, and recycling it. Your method would probably suffice, but for some reason people get crazy when there's top secret information on the disks. Chipping+melting disks is very fast and the data is unrecoverable.

Re:Hammered

[D1G1T]

Somehow I can't imagine organizations asking 60 year old secretaries to head out to the parking lot in steel toed boots and safety goggles. Thus these machines.

Re:Hammered

[sandytaru]

We do that for systems retired from medical offices, but we give the drive a good DBAN first. THEN we disassemble it (a coworker of mine collects the magnets for some reason) and then smash the platters a few times with a hammer for funsies.

Re:Hammered

[LordLimecat]

If its a laptop drive, a quick thwack with the handle of a screwdriver will result in the platters shattering in a satisfying manner. I might recommend covering the platter with paper, unless you enjoy shrapnel going every which way.

Re:Hammered

[Bob+the+Super+Hamste]

their destruction process is more certain than shooting a hard drive with a .45.

Sounds like they need to have better aim and/or use more than one shot. As powerful as a .45 may seem (probably .45ACP) they really aren't that impressive. For example I have seen one of my buddies shoot an old hard drive with a 20 slug and it dented the case and platters nicely but really didn't go in and sent the drive bouncing down range. The drive had 3 aluminum platters a steel cover and aluminum case. Now granted a .45 ACP and a 20 gauge slug (about .61) aren't exactly the same but from some quick searching the 20 gauge slug delivers substantially more energy (typically about 3 times as much) than a .45 ACP. As such I would assume that the increased cross sectional area of the 20 gauge slug is compensated for by the increased velocity and by extension energy and thus a .45 ACP would produce similar damage to the 20 gauge only on a smaller scale. If they are talking about a .45 long colt then it is pointless but a .454 casull is an entirely different beast.

Re:Hammered

[LDAPMAN]

It's not the energy of the round that counts, it's the energy actually spent destructively on the target. The formula for maximum destruction in this case is to have the maximum kinetic energy energy delivered to the smallest area with high efficiency. So, you don't want a 20 gauge slug. It's easily deformed, has a large impact area, and unless you have the drive held very securely would just knock it downrange. I'd use a small caliber, high speed rifle cartridge. 7mm mag or even .223 would do nicely!

Re:Hammered

[afidel]

It depends on if it's a glass or aluminium platter.

Re:Hammered

[SolitaryMan]

Encrypt it in the first place. That way nobody will be able to find out what kind of pr0n you were masturbating to, if you die unexpectedly.

Unless of course you die while masturbating.

Re:Hammered

[Hamsterdan]

I'm wondering what the Curie point is for modern HDDs...

Re:Hammered

http://eecue.com/c/driveslag

Re:Hammered

flash video huh?

i thought you guys would be using html5

i wouldn't bother actually - if you can hardly manage to properly embed an swf file or block trolls from making monkeys out of your website by submitting extremely long comments then maybe you should stick to installing itunes for neighbors. impressive stuff.

Re:Hammered

[PolygamousRanchKid+]

Actually, I was thinking more of a .50 BMG, Armor-Piercing-Explosive-Incendiary, APEI-169, M02 . . .

Re:Hammered

[funwithBSD]

Thermite...

The Mythbusters way!

Re:Hammered

[Bob+the+Super+Hamste]

I actually use 7.62x39 cartridges against old hard drives as they rip right through hard drives and don't send them bouncing down range. My point was that I don't think a .45 handgun round (exception for the .454 casull) wouldn't do much even though it sounds impressive. Also most handgun rounds are hollow point and easily deform so comparing it to something I have actually seen, a 20 gauge slug against a hard drive, seemed appropiate as the performance of a .45 ACP is much closer to that of the 20 gauge slug than a 7mm mag, .223, or 7.62x39 cartridge.

Re:Hammered

[sandytaru]

I think this comment was intended for someone else.

Complete utter advertisement

This company & this technology has been around for a while doing this, it's not some "new" idea. Please get this horse shit off our site.

Re:Complete utter advertisement

[mabhatter654]

But it's fun. After all, we nearly kill ourselves for a living keeping all this data perfectly intact, 24x7x365.25.

There are entire companies that DESTROY SHIT FOR MONEY!!

One day you you can be fired for losing A file... The next these guys get to have the fun tearing ALL THE FILES to shreds. Let that settle in your mind and embrace the Stone of Sisyphus we push up the hill every day.

Thermite

[2starr]

No, no, no. When it absolutely has to be destroyed, you use thermite.

Re:Thermite

Or if you have a welding cutting torch, roast it that way, once the platters get above the Curie temp then the magnetism is lost. I should make a spectacular fire as the aluminum case burns with all that oxygen as well.

Re:Thermite

I use an Oxy-acetylene torch with a very large rosebud. I dare anyone to recover something useful from the molten mass.

Re:Thermite

Thermite doesnt leave the media intact you you can show it to someone that the data was destroyed. Ran into this with CDs. They made a grinder that grinds down the disk and destroyes the data layer but leaves the disk/label intact so you can "prove" it was destroyed. Government sillyness at its finest.

Re:Thermite

Does modern art count?

Re:Thermite

$9000 to wipe a drive? Crack it open, pour some gas on it, and set the damn thing on fire. Done for less than $10.

Re:Thermite

[mabhatter654]

Is an Electric Arc Furnace good enough? It melts 50 tons of steel....

Re:Thermite

[omnichad]

Wha? Isn't the data layer on a CD-R just micrometers below the label?

Re:Thermite

Yes, the data layer on CD-Rs is directly underneath the label, with NOTHING in between it and the label. So the previous poster is an absolute idiot. And he's medieval too - "destroyes". Ye olde CD-Rs! How can anything "grind down the disk (sic) and destroy(e) the data layer" but "leave the disk(sic)/label intact"?

Even somebody who doesn't know where the data layer is in a CD-R can see that this doesn't make any sense. WTF?

Re:Thermite

thermite is a good start but, nuking it from orbit is always the better choice when you really really want to be sure

Re:Thermite

[muridae]

The AC you replied to does say CDs, not CD-R. The data layer in those is the bottom layer of poly-carbonate, and the metallic layer above is just a mirror. Above those is another reinforcing layer and then the label. It would be easy enough to grind down until hitting metal, and then stop the drill/grinder.

Re:Thermite

[omnichad]

But what kind of sensitive data is mass-produced on pressed discs? That's really what I'm getting at. Wouldn't be very sensitive if a thousand copies were made.

Shredder

Why not just invest in a industrial shredder and throw everything in it. Will be much cheaper in the long run.

Re:Shredder

[fuzzyfuzzyfungus]

Yeah, that approach works. Plus, how can you not trust a company whose slogan is "What needs shredding?"

In b4 dice downmodd

And that concludes Roblimo's daily Slashvertisement courtesy of Dice.com.

How about...

[Dancindan84]

Will it blend? Since 1959.

Grinder?

Can't we just drop it into a slot and grind it do dust?

Soooooooo much snake oil!!!!!!!

Just melt the damn thing. A big acid bath or hot furnace will sort it out. $9000 is a rip off, a scam of cosmic proportions. No wonder our nations are broke.

Re:Soooooooo much snake oil!!!!!!!

[mabhatter654]

To be fair, any furnace capable of melting a Hard Drive is going to cost more than $9000 when you figure in permits and utilities...

Melting stuff for money is expensive.

Sodium Hydroxide

[morcego]

I find a bath in NaOH to be a very effective way to destroy media past any possible recovery. Specially if you are going to incinerate it afterwards.

NaOH is also very cheap, and available everywhere, making it a wonderful low budget solution to use in the less cosmopolitan parts of the world.

Re:Sodium Hydroxide

[h4rr4r]

Drives are made of aluminum right?

Remember not to smoke while you use that approach then.

Re:Sodium Hydroxide

[morcego]

Drives are made of aluminum right?

Remember not to smoke while you use that approach then.

I see you noticed the "extra" beauty of the process :)

Re:Sodium Hydroxide

[flyingfsck]

That is the MacBeth data erasure method: Bubble, bubble, toil and trouble...

Open shop near a crematory

[Billly+Gates]

Problem solved

For April Fools Day

[bobstreo]

Relabel them as disk duplicators.

Let the hilarity ensue.

Re:For April Fools Day

[biek]

DVD Polisher :)

Re:For April Fools Day

[mabhatter654]

That goes right next to the fax/shredder combo unit!

Re:For April Fools Day

[camperdave]

One past April fools day I posted an "Official Notice" by the shredder saying that all documents needed to be signed before being shredded. Unfortunately, one of the main users of the shredder was born on April 1st, and could smell an April Fools Day prank a mile away.

This is not for us.

[rodrigoandrade]

This is a company that leeches off government contractors (Lockheed et al.) that have virtually infinite budgets paid by our tax dollars.

Thus, $9000 for a low-level wipe.

Re:This is not for us.

[gl4ss]

actually low level wipe sounds more useful and more impervious to an overdesigned harddrive problem(the casing in this process remains intact - I guess there's some physics involved why the hd casing couldn't protect the discs themselves while the hd electronics themselves get fried by the process).

and well, if you plop that 9k you can wipe as many drives as you want I suppose.

Re:This is not for us.

At $9000 per drive it's probably cheaper to send the drives into low earth orbit and have them burn up on re-entry...

Re:This is not for us.

[Tmack]

You missed the part where they sell a drive crusher too... drives a wedge down the middle of the drive, or puts lots of holes in an SSD, up to 2 at a time.

-T

Re:This is not for us.

[MMC+Monster]

Aren't there places that sell hard drive shredders? Google found me this one on the first page of results: http://www.ameri-shred.com/Hard_Drive_Shredder.html

Degaussers aren't that expensive, either, are they?

How are these guys able to charge so much?

Re:This is not for us.

How many hours would you want to pay someone to smash drives with a hammer before $9000 becomes a good deal? It's a simple cost/benefit analysis that any large company or organization would make, government contractor or not.

Re:This is not for us.

something something government regulations

Just shredding doesn't satisfy most government regulations. I guess someone can put the pieces together and read the information thus degaussing is required.

Truth be told, if someone reassembled a shredded hard drive and was able to retrieve the information, I say let him have it; he's earned it.

Re:This is not for us.

[rok3]

When you consider the cost of a potential data breach $9000 (for years worth of hard drives) is nothing. I love to hate 'the man' as much as the next guy but there is a time, a place, and a need for standardized destruction of data.

Re:This is not for us.

[Waccoon]

I'd imagine wiping 200 hard drives individually would take a while. A full format of a 3TB drive takes several hours, and that's just a single pass.

Re:This is not for us.

[gl4ss]

yep but they don't do it crush and then degaus? they seem to do it degaus machine and then crushing, while the other way would seem more practical from data wipe perspective.

bit dust

[markhahn]

sure, you can pound or melt, but for my money, sandpapering the platters by hand is the best way to pay homage to your dearly departed bits.

Re:bit dust

"Don't breathe this. "

Value?

[Bigby]

If you are spending $9,000 to destroy some data, you are probably overvaluing data destruction vs simpler methods. This is probably done by companies that think someone is going to spend the time/money to break into their data for the useless information that is likely there. Most big companies can't even find their own data, let alone some hacker trying to piece things together.

Re:Value?

[mabhatter654]

But it's like when you used to shred stuff.. SOMEBODY is out there with nothing better to do than scotch tape your pages together... That's like 95% of how criminal hackers get started.

Re:Value?

[Tmack]

Ask yourself, is it worth it for a bank, gmail, the FBI to invest $9k (or more, for the higher-end device), or risk $X0,000 * $NumberOfCustomers in legal fees and triage and incident response if a bad drive were to escape into the wild? I can guarantee you a single investment of $9k is a no-brainer and is dirt cheap compared to any incident response for stolen data. Not sure what "simpler methods" exist than: 1. insert drive, 2. ??? 3. drive is dead/data gone. When you have to get rid of multiple drives a week, things like this are a must-have.

-T

Re:Value?

[cdrudge]

If you are decommissioning a lot of drives, $9,000 may be a drop in the bucket compared to the time or effort required to wipe them alternative means. If you are just sliding them through 9 seconds a drive, it's quick and easy to go through a ton of them in very short order. And anyone can do it from Ethyl the 80 year old receptionist to John the 16 year old summer high school intern.

If you have to rely on disassembly, the process is time consuming per drive.

If you rely on physical destruction, either by sledge hammer, drill, gun, or thermite, then there are obvious risks of injury or worse, and no real company is knowingly going to sanction the latter activities. And the former methods require a decent amount of strength to do many drives thoroughly.

A single serious PCI, HIPPA, or whatever other regulation acronym violation can easily cost what that one $9,000 purchase would be.

Re:Value?

Exactly. Plus, here in Canada the Banks make like a Billion Dollars a year. The $9K is tax deductable...

Mark it

[hey]

Would be nifty if it spray painted the drive to show it was degaussed.

Re:Mark it

[flyingfsck]

To really erase data magnetically, the degausser will probably warp the platters.

http://www.fiftythree.org/etherkiller/

http://www.fiftythree.org/etherkiller/

just make one with ide and sata plugs

.45

I will go with the gun every time. A round from a rifle will do a better job than a handgun.

But, will it blend?

That is the question!

COAL

[Charliemopps]

Coal is about $80/ton. Take about 1lb of that, light it, set a bunch of hard drives in the middle of it, put a house fan next to it... hard drives are a puddle of molten steel/plastic in about 10min and it cost you pennies. You can do the same with propane, but you'll need to build a burner and such.

And before anyone gets on their high horse about burning coal, keep in mind the little device they're using her was most likely powered by coal generated electricity.

Re:COAL

[Bob+the+Super+Hamste]

Hell you don't need to build a burner. A cheap propane/MAPP dual fuel brazing torch will do the same thing in just seconds as well.

Re:COAL

[muridae]

Now take that puddle out and show the serial number to the auditor to prove that the drive was destroyed. Oh, you can't?

Re:COAL

Is there any risk of emissions from the drives as they melt?

Re:COAL

[k31bang]

Coal is about $80/ton. Take about 1lb of that, light it, set a bunch of hard drives in the middle of it, put a house fan next to it... hard drives are a puddle of molten steel/plastic in about 10min and it cost you pennies. You can do the same with propane, but you'll need to build a burner and such.

$80 a ton? Where and what kind? Anthracite is around $200 a ton in the PA region. Where I am, in the South West, I was paying around $300 a ton for bituminous coal this past winter.

Also, coal burns a little diffrently than wood. Make sure the air is coming from under the bed of coals.

Re:COAL

[Charliemopps]

I blacksmith. So I don't use the fancy stuff you use for heat. Sulfur content doesn't matter. Also, those of us that do old school things that require coal stick together. Often 1 guy gets 100 ton, because he's got a train (no I'm not kidding) then he'll sell the rest of us a couple of truck beds worth here and there at cost provided the next time he has a steam exhibition we help out by giving demos.

Re:COAL

No it won't. It's not capable of generating sufficient heat. That said, probably neither is the GP's idea.

Because of the way that heat spreads, at a rate that is exponential in relation to the surrounding temperature, most flames burn at about the same temperature regardless of fuel source. Thus, to achieve temperatures hot enough to turn a hard drive into a pool of metal, you not only need to release a lot of heat at once (like burning a large amount of coal, rather than relying on a small torch) but you also need to insulate the heat from the surrounding environment, otherwise it will dissipate too quickly to allow temperature to rise sufficiently.

So probably what you actually want to do is get ten pounds of coal, dig a hole in the ground, install a cast-iron vent pipe, then pour in some coal, light it, and supply constant forced fresh air through the vent pipe. Then cover the top with something somewhat insulative, like a thin piece of concrete and a pile of dirt. Then wait a few hours for it to dry out all of the moisture, as that moisture destroys what little insulative properties the soil and concrete have. Then open it back up, add more coal and your hard drives, and close it up again. Give it a good hour and you should be able to open it back up and find only lumps of metal at the bottom.

Re:COAL

[Khashishi]

You also need to purchase a kiln or something.

How about CD-ROMS and DVD-ROMs?

[packrat0x]

What is the recommended method for destroying CD-ROMs and DVD-ROMs which have sensitive tax records (besides using a microwave)?

Re:How about CD-ROMS and DVD-ROMs?

[mlts]

I just snap them in half. Bent one way, they will shatter, the other way, they will just bend.

This won't be useful for top secret data where someone might have a custom jig to read tracks on pieces of CD/DVD media, but for almost everyone else, tossing the shattered media into multiple piles and tossing each pile in a separate wastebin is good enough.

Re:How about CD-ROMS and DVD-ROMs?

[Sparticus789]

Open the drive shell. Pull out the platters. Place on top of pile of sticks. Pour gasoline on top of platters and sticks. Light match. Start fire. Roast marshmallows.

Re:How about CD-ROMS and DVD-ROMs?

[omnichad]

Most halfway decent shredders will shred a CD. Could still be read with special-purpose equipment but would not be easy at all.

Re:How about CD-ROMS and DVD-ROMs?

Put the CD in a vice. Use a 40 grit flap wheel disc on your grinder on it for even just a second (on the "label" side) and I can guarantee the data is beyond recovery by ANYTHING. Could also use a bench grinder with a wire brush wheel. Or even a DA sander, jitterbug sander, etc, etc.

For DVDs you might need to grind a while longer to get through the polycarbonate. Maybe for those you might do better with a bench grinder, although you'll probably load up the wheel with plastic, which isn't safe.

Re:How about CD-ROMS and DVD-ROMs?

[muridae]

For production ROMs, someone above mentioned grinding through the lower layer of poly-carbonate and metal, destroying the data layer and the reflective layer. That leaves the label intact for audits. For -+R -+RW, why not a microwave? The read/write layer is the metalic layer in those, so a microwave would take care of the data. After it has been shown or recorded for audits, then shredding to further get rid of the disk.

Note: I'm not certified to answer this by any agency. If you are under certain restrictions on how you handle this tax data, follow them instead.

Re:How about CD-ROMS and DVD-ROMs?

no need. just scratch at the label side with a sharp point.ironically, the label side of a cd is far more vulnerable than the shiny side. Or microwave - but that smells bad.

Re:How about CD-ROMS and DVD-ROMs?

[Keybounce]

Just don't eat those marshmallows ... you don't know what's in the smoke that gets into them.

Unleash the pyro in yourself...

a couple of pounds of thermite, a pile of drives underneath, ignite, enjoy the show... (be sure to have a proper crucible or heat rated concrete underneath - or at least a good sand-pit that you're prepared to see turned into glass....

Re:Unleash the pyro in yourself...

drink coffee, then post - use thermate, not thermite - better burn, more intrusive with the slag.

Crazy System Admin

[scribblej]

Our former sysadmin purchased a drill press for the purpose of rendering old hard drives unrecoverable. Seemed both fun and practical.

Re:Crazy System Admin

[pscottdv]

After drill press, 24 hours in salt water.

get the magnets out

and while doing thatslide them across the platters a few times
throw the rest in the recycle bin
magnets are cool

Re:get the magnets out

[flyingfsck]

That actually doesn't work. I tried it. I could not even erase a floppy disk with permanent magnets.

More than excercise!

[Sponge+Bath]

Hammer time is therapy. Sweet vengeful therapy.

Re:More than excercise!

[jayteedee]

Thermite will solve all your problems (http://en.wikipedia.org/wiki/Thermite) and provide nearly infinite amusement.

Greed and waste

Typical American corporate greed, paranoia and wastefulness.

Everyone's out to get that secret data which enables the thieves to bring the company to its knees. Don't bother with a couple of fills of random and solid data over the drive - make sure to break it and throw it out for little or no recycling after the first back-up.

Soon they'll consume SD cards like sheets of toilet paper.

Re:Greed and waste

[Tmack]

Those fills of random bits work real well when the drive fails and can no longer be accessed.... A motivated entity could possibly recover the bits still on chip/disc, its up to the organization to decide how to dispose of the drive and if its worth their/their clients' interest in making sure the data is not recoverable. I wouldn't want my bank to simply toss a bad drive out in the normal garbage.... -T

Unsure about .45

FWIW, I stopped shooting hard drives with a .45 after I watched one bounce off in an indeterminate direction. Now, that was .45ACP... .45-70, on the other hand...

There's already an age-group for that.

[u64]

Just hand it over to any teenager - they usually destroy most things that comes anywhere near them.
To guarantee swift and total destruction make sure to tell them to *please* be careful with it.
And that it is fragile and expensive.

Re:There's already an age-group for that.

[flyingfsck]

...or ship it by US Mail with a 'Fragile, Handle With Care' sticker on it.

Re:There's already an age-group for that.

[ProZachar]

Actually, you might have better luck with a label that says "Atheist":
http://news.slashdot.org/story/13/03/27/0240241/usps-discriminates-against-atheist-merchandise

Re:There's already an age-group for that.

[rpstrong]

It starts younger. Place a small boy in an otherwise empty room with two bowling balls. Come back in half an hour. He will have broken one, and lost the other.

But...

[djbckr]

I think BlendTec Will it Blend? would work quite well, don't you?

Degaussers are fun

[SoundGuyNoise]

We have one of the hard drive degaussers in my company. It's like the trap cleaner in Ghostbusters!

Nuke it from orbit

That's the only sure way.

ATA Secure Erase

hdparm --security-erase

faster and more secure than a bunch of passes of /dev/zero and/or /dev/random

Time is money

[mindcandy]

There is a reason for this sort of gear
Time is money.

As an example, we have a couple thousand PCs that are dumped each year due to lifecycle replacement. Yes, these are perfectly good PCs that could be wiped and loaded with (whatever) and donated .. but THAT COSTS MONEY. Loosing even ONE hard drive with data on it puts us in the newspaper, hence the policy is :

No data storage device leaves intact, ever.

We have the guys in facilities run them through a giant metal bandsaw, and that's BEFORE they go to be shredded/recycled (which, ironically, we pay THEM for, despite the fact that we're talking about tons of aluminum/steel/whatever .. but they won't burn off the insulation out back like JimBob either).

The reason you don't use .45ACP or sledgehammers is one of liability. Before the bandsaw method we used sledgehammers until some idiot hurt himself. When somebody looses a finger due to stupidity we'll probably buy one of these.

Data storage is cheap. Losing info is not.

I work for a big electronics company and we have a company that just shreds all of our data storage systems and computers. It's literally a giant shredder they just toss everything into and it comes out in tiny bits on the other side. Computers and storage are cheap now a days. Not only that but they do it for free since we let them keep all of the metals for resale.

Sales pitch? These have been around a while

http://blog.evernote.com/tech/2012/09/25/protecting-your-data-the-broken-drives-edition/

An $8,975 hammer ..

[dgharmon]

Data Shredder

Re:An $8,975 hammer ..

[ModernGeek]

Doing that to a thousand hard drives seems fun, but whenever you look at the practicality of it, you quickly realize that a $10,000 degausser isn't that bad of a deal whenever it can wipe a drive in six seconds rather than trying to do it in hours by writing zeros over it.

Slashdvertisement?

Nice slashdvertisement, but we did extensive research into this technology a couple of years back and Garner had a number of shortcomings... namely, their products were not made in USA, they were not certified and could not accommodate large drives with enclosures still attached, requiring a lot of manual labor. In the end we went with Data Security Inc. who had huge degaussing units, made in USA and certified to NSA data destruction standards. But I guess coughing up some money for conferences and advertising is what gets you business novadays.

Seriously though...

[paranoid123]

I worked in a legal firm which specialized in e-discovery and forensics, they weren't data-recovery specialists, but they were able to pull data from slack space and previously rewritten areas. But that is besides the point. For client-privacy reasons, legal reasons, and corporate policy, they ended up with hundreds of hard drives per month that needed to be destroyed with no possible way to recover the data. A $24 sledgehammer is certainly a cheap and fun sounding answer. But after smashing five hard drives, this stops being fun, you're making a lot of noise, and someone would need to clean up the mess. I'm sure OSHA wouldn't approve of that either. We were in a corporate office in the middle of New York City, so smart-ass solutions like thermite; sodium hydroxide; shooting them with a .45, a shotgun, or a bazooka aren't going to fly. Because of chain of custody, you couldn't even take the hard disks into an empty field to do this. The guy responsible for destruction started unscrewing everything, taking out the platters, then punching a hole in the platters with a screw-press. But like the sledgehammer solution, this was slow labor-intensive. I believe they ended up using a qualified HD destruction service, who would come to your office once a month, and give you metal confetti back. This of course isn't cheap. Eventually, purchasing one of these Garner devices would make economic sense. My point is, sure, given our own devices, we can think of quick and fun ways to destroy a hard disk. But when you are limited by government and corporate rules, companies like Garner aren't just greedy, but filling a real need.

LurnKorektGrammer

"Encrypt everything in software so NEITHER the key nor a hash of it could EVER possibly be stored"...

Re:LurnKorektGrammer

[sexconker]

The "neither" is not necessary, actually.
Hell, I nearly but the "nor a hash of it" in parenthesis, which would make the "neither" straight up wrong.

Absolutely, Positively?

[MMC+Monster]

If you absolutely, positively must destroy your data, you must succeed in destroying the universe.

Baring that, perhaps access to a black hole could be of benefit.

Re:Absolutely, Positively?

[Sponge+Bath]

If you absolutely, positively must destroy your data, you must succeed in destroying the universe.

"If you wish to make apple pie from scratch, you must first create the universe." - Carl Sagan

Re:Absolutely, Positively?

[Keybounce]

But information leaks out of black holes :-)

Erasing ALL the bits is much harder than that

[billstewart]

There are two basic threat models here - the DriveSavers level and the KGB level. dd will overwrite most of the bits on your drive, but remember that modern hard drives don't actually let you write physical blocks on the drive; the disk controllers remap requests, replace bad blocks with spares, move stuff around, hide stuff in hidden partitions like the Host Protected Area that standard Linux tools can't access, etc. Commercial data recovery companies like DriveSavers aren't going to find much after a dd, but there may be some data left in the good parts of bad blocks, and if you're dealing with military secrets, that may be enough to be dangerous.

(I've got a 500 GB PATA drive which some cretinous external-drive hardware remapped down to 200 GB when I replaced a bad disk; Linux tools weren't able to fix it, even though we rebuilt the kernel to fix a few things, because it didn't know how to ask the BIOS nicely, nor did WinXP. Linux was able to shrink the usable partition further, though :-)

The other issue is the KGB threat model. DriveSavers isn't going to drag out electron microscopes and other ridiculously high-tech stuff to catch the magnetic images of that 1 bit that weren't quite wiped out by writing a 0 bit over it. Your commercial data's just not worth that much. Military secrets might be. But sandblasting the disk means never having to say you're sorry.

Re:Erasing ALL the bits is much harder than that

[Gordonjcp]

The other issue is the KGB threat model. DriveSavers isn't going to drag out electron microscopes and other ridiculously high-tech stuff to catch the magnetic images of that 1 bit that weren't quite wiped out by writing a 0 bit over it.

As I mentioned in an earlier post, that's an overly-simplistic way of looking at hard disks, and one that hasn't worked since before the vast majority of /. readers - hell, even the folks that created the site - were born.

You cannot magically read off "magnetic signatures" and reconstruct data from a drive, after the data has been overwritten. If you believe that you can, then presumably you believe in homeopathic medicine too, since it's the same principle.

Re:Erasing ALL the bits is much harder than that

Name 1 company out there that can recover a /dev/zero'd drive. They do NOT exist. If they did they would make a killing.

This all comes from some dude who figured out a very specific drive type in the early 90s could with about 80% certainty be read under an electron microscope. In the paper it was in 'theory'. In practice they never pulled it off even with the same tech. Even with the old MFT drive which had feature sizes you could see in an electron microscope. These days not so much.

Also people are talking about remapped drive data. By definition those sectors are corrupt and are unreadable. You may get some stuff but I doubt it. If it has bad sectors you are going to bin it anyway. You probably will not be able to format it. So shredding is probably an ok idea.

As for your 500GB drive dev/zero the whole drive then recreate the MFT (at least the first 64k). That is what is wrong your MFT table is messed up. If you are feeling especially brave you could modify it by hand (first sector on the drive btw).

Re:Erasing ALL the bits is much harder than that

[billstewart]

MFT? Are you thinking MFM?

But if you're handling classified data, a drive that's got bad sectors that you're going to bin is precisely the kind of drive you want to wipe with something better than /dev/zero. You may or may not get anything useful - it's much more likely that you'll get some random chunk of operating system software or word-process than a few KB of SECRET PLANS, but if you're the KGB, it's worth a try, and bad guys or Drivesavers are going to have their own custom disk controllers. And no, those sectors are not by definition a corrupt pile of random bits - they're a block of bits that produces an error message, and maybe they're all bad or maybe just a few bytes at one end are bad, but a regular disk controller is going to hand them to you a block at a time and remap them if it's getting errors, so a serious attacker who's using his own custom disk controller is going to override that. A really well-designed regular disk controller is going to decide that if it's gotten correctable errors on a block more than X times, it's going to copy the data onto a good block while it still can and map out the old block.

I tried a few different things to convince that drive to give me all my space back, but at some point the obvious tradeoff was to give up and buy another one. And that one had bad blocks so I returned it to Fry's :-)

My cheap alternative

[A+well+known+coward]

I sometimes need to destroy hard drives at work. I do it right in front of the user so they know their old data isn't going anywhere. I open the computer, pull out the drive, open the drive, get a screw driver under the disk plate and use it as a lever. The plates will either bend or shatter depending on material.

Re:That's not I folks It's Jeremiah Cornelius... a

All I know is that we're all really tired of seeing your two walls of texts on every article.

Demagnetize

Can that thing really demagnetize neodymium magnets ?

disassemble

[AxemRed]

The way I handled it while working an IT in college: disassemble the drives. After everything was taken apart, I would destroy the platters by shattering them or bending and breaking them into multiple pieces (depending on the material.) I would also break any circuit boards. Then I would throw all the scrap in the trash and save the magnets (because they're awesome.) It was a good way to kill time while waiting for a disk re-image to finish.

what a moron

[slashmydots]

Erasing data incorrectly singe 1959. Smashing it into microscopic bits leaves the magnetic data on the platter chunks intact. It's not that big of a leap to assume that we could develop a device that could read the 0's and 1's off of a chunk of a platter.
A 7-pass 0 and 1 alternating wipe is unrecoverable by anyone anywhere ever. Then you can leave it intact. By the way, you'll never guess what my last job was. Go ahead, guess, I'll wait.










I took the certification course and test and got HIPAA certified to erase all the leased computers at a huge hospital. There is one allowable way to do it and that's it. So that company is a bunch of morons who don't know what they're doing. Maybe they inhaled too much Paladium and can't think straight. Speaking of that, that's another good reason not to smash hard drives.

Re:what a moron

You, sir, are the moron.

We Sandblasted ours

[billstewart]

Back in the 80s I ran a computer center that handled classified data, and we used DEC RM05 removable-disk-pack drives on a VAX. The AR380-380 regs for declassifying storage media gave us a few choices

- Degaussing with NSA-certified Big Magnets (not in MY computer lab, where I still have disks I want to keep!) - NSA-certified software. The big deal isn't just overwriting it 3-7 times to prevent the KGB from using electron microscopes on it, it's making sure that you've really erased all the data, including the spare and bad blocks remapped by the disk controllers, and if you only had one disk drive in the machine, the software needed to be able to keep running from RAM even after you'd erased the operating system including the files for your disk-wiping commands. (Too much paperwork required.) - Physical destruction. Why, yes, we're a large company with a machine shop down in the basement, and they have Sandblasters! Win!

I was no longer sysadmin by the time they closed the classified processing system. My successor got to disassemble the dozen or so disk packs we had and take them down to the machine shop for sandblasting.

Remember how ever sysadmin in the 80s used to have a disk on their wall with decorative scratches on it from a head crash? Hers was pure shiny metal.

Degauss?

[Cramer]

I think they are seriously underestimating the magnetic strength of modern drives. A "9000 gauss" field wouldn't do jack to the platters. It'll certainly f*** up the electronics and coils, but I have money that says the bits are just fine. [see also: Mythbusters attempt to erase a credit card]

For the record, I've read the specs on DLT tapes. It is impractical to "bulk erase" them due to their extremely high magnetic density. While commodity erasers will screw them up, they will not "erase" them -- parts of your data is still there and can be read with specialized hardware. The requirements I read for .gov tapes (many years ago) said "incinerate" with no talk of magnetic erasure. (note: the drive's erase function *will* destroy the data, but it spools the entire tape across the erase head.)

bad sectors....

[Shakrai]

Does the DoD have evidence that data can be recovered from a zeroed drive?

Modern hard drives identify bad sectors on the physical media and remap them in a way that is transparent to the operating system. Wiping the HD with /dev/zero will not zero out these sectors, because the OS does not see them, and the HD will not touch them once they're marked bad. If they contained confidential data prior to being marked bad then that data may well be recoverable. It's a huge long shot, but nation-states have the time and resources to chase such long shots.

Physical destruction is really the only way to be sure. Encrypting the drive from the get-go is the next best thing, since any bad sectors will contain encrypted data, though with the cheap price of drives these days you may just as well destroy it when you're done with it.

We just shred them.

We just call the shredding company and have them shredded.

Re:How about... Will it shred?

[Technician]

Or will it shred?

http://www.youtube.com/watch?v=sQYPCPB1g3o

.45 ACP

Having shot drives with a .45, I have to agree that their method is more effective. .45 from a Kimber 1911 bounced, leaving huge dent!

Re:How about... Will it shred?

[MyFirstNameIsPaul]

When I was in the Navy, we had equipment to destroy classified (paper) material onboard the ship. I always wondered what the logic in equipment selection was, but there were certain approved ways of destroying classified materials based on classification. Lower levels of classification could be disposed through this garbage disposal like thing that had sea water running through it. Next level up was an JP-5 fueled incinerator, and for the highest level was a mechanical shredder that would turn paper into the finest powder.

Re:warp platters

The platters are either aluminum or glass. Warping those magnetically would take a very strong field, much stronger than even a nuclear EMP. A moderately strong alternating field is quite sufficient. As others have noted, thermal erasing is even more reliable.

More NSA shill nonsense

If NSA shills can convince you betas that effective erasing or destroying HDDs is 'difficult', fewer of you will bother, making their job easier. Security papers that purport to explain the scientific methods used to 'recover' properly erased data from HDDs are actually NSA black propaganda.

-Smash a HDD with a sledge hammer, and the data is gone for good.
-Erase data on a HDD using a proper method (over-write with apparent valid random data to defeat OS and firmware algorithms that merely flag sectors as 'empty') and the data is gone for good.
-Use Truecrypt with a decent password, and the data CANNOT be accessed without the password

These are 3 simple facts of life that NSA shills on forums work so very hard to convince you are not true.

Of course, these days security services rely on the fact that everything people do with their computer leaves multiple traces all over the place, so the user isn't even aware of exactly what files may need protecting or erasing. More and more, cloud computing DEMANDS that all storage is 'sniffable' at their end- ruling out obvious forms of encryption (like zips with passwords). ChormeOS is actually "everything you do you share with Google".

Remember, the NSA has no magic 'UFO' technology. If your encryption is good enough, and your passwords secure enough (both best achieved with public domain knowledge and tools), your files are 'safe'- at least until you are so much of a target that micro-cameras and keyloggers are used against you.

Most citizens only face such concerns after goons working for the police state initiate 'fishing' expeditions on your computer equipment at the border, or after an arrest for something non-computer related, like attending a protest. Or maybe the cops don't like the fact that you were recording an act of police brutality on your phone.

In Britain, a 'difficult' potential London Mayor candidate was taken out by prosecuting him for have consensual gay images of adult males on his phone (an 'innocent' verdict didn't repair his ruined political career).

Fire

[bryan1945]

Melty melty. Slagged bits are hard to recover.

Degaussing broadcast cartridges since 1959?

[khelms]

So these are the jerks who wiped out most of the first six seasons of Dr. Who?

You can buy their HD-2 model for only $3,975.00

There are also options less expensive on their website for $3975.00, just saying if you don't want to spend $9k!

The obvious solution...

[CanadianMacFan]

when it has to be destroyed is to drop it into a volcano. Works for rings.

Re-entry heat isn't reliable enough...

[Ellis+D.+Tripp]

At least it didn't wipe this hard drive that was found among the debris from the Columbia accident:

http://www.computerworld.com/s/article/9083718/Shuttle_i_Columbia_s_i_hard_drive_data_recovered_from_crash_site_

$9,000 ?!!??

Hah! I'm a big DoD contractor, and I send my HDs to China to be destroyed (don't trust that Russian company anymore)... way cheaper! We also give them the encryption key so they can verify the data is indeed no longer accessible.

Oh I thought it was Monday already.

Re:ext2

Ext2 is actually pretty good about surviving crashes, I've even had it (mostly) recoverable after severe corruption due to overheating memory. Ext3 has a few nasty corner cases with the journal, although ordered mode eliminates most of them. Ext4 is the one where you can lose already written files due to a crash.

I looked at them a couple years ago:

[Hartree]

I was asked to help out someone at the university I work at deal with a large number of drives both working and nonworking that were being trashed or sent to surplus. (Old outdated ones mostly. But, the computer I'm writing this on is cobbled together from parts from our surplus, so they do get reused when possible.)

Was rather amazed at the prices charged by Garner. $9K should have a lot more pyrotechnics. At least like a Michael Bay movie, not just a quiet humming and no pieces flying

In the end, we opted for proper use of DBAN on the working ones and taking the nonworking ones down to my shop and driving a heavy punch through the platters with an arbor press. (Note to our department safety droid who might be reading this: Safety glasses were used. :)

Problem solved cheaply, and great stress relief for the person. His eyes lit up at the good old fashioned blue collar destructiveness of it.

Brawndo?

[Torodung]

Garner! The data ANNIHILATOR!

At least that was my first reaction to their marketing copy.

Redundant Destruction

[Gim+Tom]

Longer ago than I care to remember, while in the Air Force, one "extra detail" I ended up with a few times was to destroy some mainframe magnetic tapes that had been used for Top Secret and above data. The protocol we (there HAD to be two people doing it) were required to follow was to run each tape TWICE through a very large automated degaussing machine and THEN strip the tape OFF the reel into a "BURN BAG" which was taken under guard to an incinerator and burned. I guess they were afraid of all those bits floating off into the Either with the smoke -- and this was LONG before there was Ethernet!

Will it blend

As per title

Re:How about... Will it shred?

[Technician]

I'm ex Navy too. Personally used the shredder. The dust had to fit through a metal screen before it could exit the shredding section. It would make great blown in insulation, except the flamibility factor. The shredder was larger than my car.

No, you can't use a $24 sledge hammer.

How can you guarantee that people can't recover bits off a damaged and warped platter? You can't.

Drive destruction is a Serious Business (TM) precisely because you're paying for the guarantee that the data is GONE. Unrecoverable. That there is nobody nor anything in the universe that can possibly bring it back short of inventing a time machine.

I have worked for folks (which is why I'm posting as an AC) who have had some crazy, crazy drive destruction policies in place. SOP was to degauss the drive, drill multiple holes through the platters, then sweep the entire mess into a fortified ziplock baggie and place it into a specialized shipping container. That container was taken to a secure location where the entire baggie was essentially tossed into a giant furnace (yes, it's not eco friendly, and no, these people didn't give a shit). The resulting pool of liquid slag and metal was then forged into a round puck and shipped back, where it is placed in a vault for a minimum of five years before going to the dump. The drive and returned puck are weighed multiple times during this procedure and they knew exactly how much a whole drive versus slagged drive should weigh.

This entire process was brutally expensive, but it was the only way to be 100% sure. They even paid a company with an MFM to take a look at a test drive filled with very specific data after it was melted down into an ingot. That company laughed when they saw the drive, but took their job seriously (they were being paid big bucks for the report) and attempted to recover -any- data at all. As I recall, they had the ingot X-rayed, attempted to determine what portions of it might have originally been the platters, sliced it up a few times then tried to read it under their scope. They couldn't retrieve anything and management was rather pleased by this.

So really, it's not about destroying the disk. It's about guaranteeing the data is gone. I worked at a school before I worked for the guys above, and we didn't really give a shit about the disk drives from old servers. Wipe the drive with DBAN, take it out back and whack it with a hammer. Nobody cares because the data didn't warrant spending thousands of dollars to make sure it was destroyed. However, $9000 is a small price to pay when the data on your disk drives is potentially priceless in the wrong hands.

Too bad if someone cut your power

It just occurred to me that it would be too bad if someone cut the power for your building, if you were to rely on being able to use an electrically powered machine for destroying/damaging computer equipment.

How is this news?

How is this news? Been using their products for years. This is nothing new. You even say they have been doing this since 1959.

equipment shredding rules

Equipment shredding is simple and efficient.
Plus, you can be environment friendly and recycle the equipment.

http://www.networkworld.com/news/2011/042511-google-hard-drive-shredding.html?page=1

This DEFCON Presentation...

[braindrainbahrain]

... addresses the subject and is at the same time very entertaining!
(Warning: large video download... but its worth it!)

"And That's How I Lost My Eye: Exploring Emergency Data Destruction"
by Shane Lawson, Bruce Potter & Deviant Ollam

https://media.defcon.org/dc-19/video/DEF%20CON%2019%20Hacking%20Conference%20Presentation%20By%20-%20Lawson%20Potter%20and%20Deviant%20Ollam%20-%20And%20Thats%20How%20I%20Lost%20My%20Eye%20Exploring%20Emergency%20Data%20Destruction%20-%20Video.m4v

easy problem to solve. one word

[Ziest]

Thermite
 

Been There done that

[javamann]

I was at that RSA Conference and what was interesting is that there was a data recovery booth across from the data destruction booth. I though it would be interesting to see which one would win.

And from the other perspective.

[Z00L00K]

The reason for destroying data - today it may be incriminating data and private information but in 100 years it would be a goldmine for researchers.

When we look back at information from 100 years ago we can't really blame anyone and everything was on paper, and a lot of what we produce today is electronic - what will the researchers in 100 years look at? Are we creating a black hole in history?

Re:How about... Will it shred?

[MyFirstNameIsPaul]

The shredder is the only one I didn't use, but a friend did when we were in training on the ship. I had no idea what he was doing that day and he showed up at lunch looking like he just walked through a snowstorm.

Kill your data with fire!

[bitflusher]

I have a special storage space for harddisks that died or are removed from discarted pc's. Properly erasing the drives with software conforming to military wiping standards will cost me many hours. A couple of years back I saw an article about data recovery, a highly specialized company was able to recover data even from a disk shot with a nail gun. The only real failure in recovery was a computer displayed in the lobby that was mostly melted in a fire. Now I throw anywhere between 20 and 30 disks a year in a fire after removing the pcb's, they mely to strange artworks. One time it was too dry to make a fire, removing the platters and putting them in an over at the highest temp for half an hour peeled the magnetic coating (be cairfull with notebook harddisks, those have glass/ceramic platters that are break and shatter with many sharp fragments)

I think you're an optimist.

[BrokenHalo]

But lower RPM coupled with an IDE interface should eliminate ANY consideration on re-using the drives I'm referring to.

Don't count on it. Some of us geeks are total pack-rats. I still have an old Slackware box running as a mail server which still has an early motherboard and low-rpm IDE drives. The machine doesn't need to have a high spec to still be useful, and I still have lots of spare parts to keep it running for at least another 15 years if I feel like it.

That said, I think I have a foolproof destruction method: in an earlier life I used to be a blacksmith, and I still have my 500lb pneumatic hammer. A few good wallops from that mother will leave even the most sturdy HDD thinner than a bee's dick, and I defy anybody to extract any data from it.

Warning: CF and UDMA

[DrYak]

CF cards are IDE-based. Just plug one into an adapter and plug it into the IDE port on the motherboard.

Warning: not all CF-to-IDE adapter provide all the necessary connections (wires) to support UDMA speeds. With some you're back to PIO slow speed and high CPU usage, even if the CF card support UDMA-133 or whatever.

(Remember all this stories of IDE cable where the only difference is a hole punched into the ribbon to disconnect 1 wire? It's exactly the same story. So check closely if the adapter you're buying supports UDMA).

Cheap, faster, and more reliable than the old 40GB drives.

Faster: See above.

Reliable: well, it's flash. It's less flacky than a 20 years old IDE drive. *BUT* its sensitive to the same kind of limited erase-rewrite cycles as any other SSD (except this is a IDE-SSD with a connector downsize to 1 inch :-P )

So use a flash-friendly filesystem with proper tuning to the file system to adapt to flash, and with proper tuning to the rest of the OS to decrease the amount of writes.
(More ram, use ramdisk ('tmpfs') for temporary stores ('/tmp' and co))

Might want to use RAID-5 or RAID-6. (So a burned CF card doesn't impact much).

Alternative: Might want to use BTRFS or ZFS, with the file system tuned to be resilient to the loss of 1 or 2 drives/card (ZFS: use RAID-Z or RAID-Z2, BTRFS: configure to always keep 2-3 copies spread across several drives).
The advantages is that you can mix-and-match sizes of HDD / CF card.

insane

this dude made me want to pull my hair...

The best drive-shooting I ever did was

[caveat]

With a 22-250 stuffed with 40-grain bullets@4200 fps. I had the drive set up at 25 yards, facing me - I aimed for the spindle, and by sheer luck hit it dead-on. At that speed, the thing literally detonated; the covers were intact but bulged, outside of that there was nothing left bigger than my fingernail...even the frame. Possibly the most satisfying act of destruction I've ever carried out.

Re:The best drive-shooting I ever did was

[Bob+the+Super+Hamste]

I might have to use the Finnish M39 I acquired on a drive and see what a FMJ 148 grain 7.62x54r round would do when shot into the spindle. It may not be as fast but it will be carrying a similar amount of energy, although using a 203 grain soft point may produce a more dramatic effect.

Better and Cheaper not always the goal...

[Vitriol+Angst]

How is this better and cheaper than a $35 microwave oven? Have you seen what these do to a CD or any other kind of disk?

And it's cost competitive with a bullet.

I can read that many slashdot posters are quite creative in finding cheaper and easier ways to destroy data -- so I can only suppose that the business model here is; "We make you look cooler so you can pad that giant budget."

Hex stochastic noise scrambling of a drive before repeated degaussing and then Regulation level 5 shredding just sounds more responsible on a budget than; "Chunked that thing in the microwave and watched the sparks, dude!"

Just like...

[jonwadsworth]

The light is green, the trap is clean. The data is incarcerated in our custom-built storage facility.

Can we get over this?

[sidragon.net]

So tired of reading these disk destruction threads. This question comes up on Slashdot every few months and it's the same, tired, old nonsense. If you really cared about your data not falling into nefarious hands, you would've encrypted it in the first place.

There's no serious, practical reason to give a hard drive a spectacular destruction other to satisfy primitive urges.