Slashdot Mirror
When Your Data Absolutely, Positively has to be Destroyed (Video)
Here's a corporate motto for you: "Destroying data since 1959." Timothy ran into a company called Garner Products (which doesn't use that motto as far as we know), at a security conference. While most exhibitors were busily preserving or encrypting data one way or another, Garner was not only destroying data but delighting in it. And yes, they've really been doing this since 1959; they started out degaussing broadcast cartridges so broadcasters could re-use them without worrying about old cue tones creeping into new recordings. Now, you might ask, "Instead of spending $9,000 or more to render hard drives useless, couldn't you just use a $24 sledge hammer? And have the fun of destroying something physical as a free bonus?" Yes, you could. You'd get healthy exercise as well, and if you only wanted to destroy the data on the hard drives, so what? New drives are cheap these days. But some government agencies and financial institutions require degaussing before the physical destruction (and Garner has machines that do physical destruction, too -- which is how they deal with SSDs). Garner Products President Ron Stofan says in the interview that their destruction process is more certain than shooting a hard drive with a .45. But neither he nor Tim demonstrated a shooting vs. degaussing test for us, so we remain skeptical.
dd if=/dev/zero of=/dev/sda bs=1024 &
I still find the old fashioned way, "whack the drive real hard with a hammer and shatter the platter" combines the best parts of effectiveness and gratification.
"Ask not what your country can do for you." --John F. Kennedy
No, no, no. When it absolutely has to be destroyed, you use thermite.
"Let your heart soar as high as it will. Refuse to be average." - A. W. Tozer
Will it blend? Since 1959.
"Always forgive your enemies; nothing annoys them so much." - Oscar Wilde
I find a bath in NaOH to be a very effective way to destroy media past any possible recovery. Specially if you are going to incinerate it afterwards.
NaOH is also very cheap, and available everywhere, making it a wonderful low budget solution to use in the less cosmopolitan parts of the world.
morcego
Problem solved
http://saveie6.com/
Yeah, that approach works. Plus, how can you not trust a company whose slogan is "What needs shredding?"
Relabel them as disk duplicators.
Let the hilarity ensue.
This is a company that leeches off government contractors (Lockheed et al.) that have virtually infinite budgets paid by our tax dollars.
Thus, $9000 for a low-level wipe.
sure, you can pound or melt, but for my money, sandpapering the platters by hand is the best way to pay homage to your dearly departed bits.
If you are spending $9,000 to destroy some data, you are probably overvaluing data destruction vs simpler methods. This is probably done by companies that think someone is going to spend the time/money to break into their data for the useless information that is likely there. Most big companies can't even find their own data, let alone some hacker trying to piece things together.
Would be nifty if it spray painted the drive to show it was degaussed.
Coal is about $80/ton. Take about 1lb of that, light it, set a bunch of hard drives in the middle of it, put a house fan next to it... hard drives are a puddle of molten steel/plastic in about 10min and it cost you pennies. You can do the same with propane, but you'll need to build a burner and such.
And before anyone gets on their high horse about burning coal, keep in mind the little device they're using her was most likely powered by coal generated electricity.
What is the recommended method for destroying CD-ROMs and DVD-ROMs which have sensitive tax records (besides using a microwave)?
227-3517
Our former sysadmin purchased a drill press for the purpose of rendering old hard drives unrecoverable. Seemed both fun and practical.
Hammer time is therapy. Sweet vengeful therapy.
FWIW, I stopped shooting hard drives with a .45 after I watched one bounce off in an indeterminate direction. Now, that was .45ACP... .45-70, on the other hand...
Just hand it over to any teenager - they usually destroy most things that comes anywhere near them.
To guarantee swift and total destruction make sure to tell them to *please* be careful with it.
And that it is fragile and expensive.
I think BlendTec Will it Blend? would work quite well, don't you?
We have one of the hard drive degaussers in my company. It's like the trap cleaner in Ghostbusters!
You never expect irony, do you?
Want to be a professional wrestler? Visit www.iyfwrestling.com
@iyfwrestling
That actually doesn't work. I tried it. I could not even erase a floppy disk with permanent magnets.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
But it's fun. After all, we nearly kill ourselves for a living keeping all this data perfectly intact, 24x7x365.25.
There are entire companies that DESTROY SHIT FOR MONEY!!
One day you you can be fired for losing A file... The next these guys get to have the fun tearing ALL THE FILES to shreds. Let that settle in your mind and embrace the Stone of Sisyphus we push up the hill every day.
There is a reason for this sort of gear
.. but THAT COSTS MONEY. Loosing even ONE hard drive with data on it puts us in the newspaper, hence the policy is :
.. but they won't burn off the insulation out back like JimBob either).
.45ACP or sledgehammers is one of liability. Before the bandsaw method we used sledgehammers until some idiot hurt himself. When somebody looses a finger due to stupidity we'll probably buy one of these.
Time is money.
As an example, we have a couple thousand PCs that are dumped each year due to lifecycle replacement. Yes, these are perfectly good PCs that could be wiped and loaded with (whatever) and donated
No data storage device leaves intact, ever.
We have the guys in facilities run them through a giant metal bandsaw, and that's BEFORE they go to be shredded/recycled (which, ironically, we pay THEM for, despite the fact that we're talking about tons of aluminum/steel/whatever
The reason you don't use
To be fair, any furnace capable of melting a Hard Drive is going to cost more than $9000 when you figure in permits and utilities...
Melting stuff for money is expensive.
Data Shredder
AccountKiller
I worked in a legal firm which specialized in e-discovery and forensics, they weren't data-recovery specialists, but they were able to pull data from slack space and previously rewritten areas. But that is besides the point. For client-privacy reasons, legal reasons, and corporate policy, they ended up with hundreds of hard drives per month that needed to be destroyed with no possible way to recover the data. A $24 sledgehammer is certainly a cheap and fun sounding answer. But after smashing five hard drives, this stops being fun, you're making a lot of noise, and someone would need to clean up the mess. I'm sure OSHA wouldn't approve of that either. We were in a corporate office in the middle of New York City, so smart-ass solutions like thermite; sodium hydroxide; shooting them with a .45, a shotgun, or a bazooka aren't going to fly. Because of chain of custody, you couldn't even take the hard disks into an empty field to do this.
The guy responsible for destruction started unscrewing everything, taking out the platters, then punching a hole in the platters with a screw-press. But like the sledgehammer solution, this was slow labor-intensive. I believe they ended up using a qualified HD destruction service, who would come to your office once a month, and give you metal confetti back. This of course isn't cheap. Eventually, purchasing one of these Garner devices would make economic sense.
My point is, sure, given our own devices, we can think of quick and fun ways to destroy a hard disk. But when you are limited by government and corporate rules, companies like Garner aren't just greedy, but filling a real need.
If you absolutely, positively must destroy your data, you must succeed in destroying the universe.
Baring that, perhaps access to a black hole could be of benefit.
Help! I'm a slashdot refugee.
Those fills of random bits work real well when the drive fails and can no longer be accessed.... A motivated entity could possibly recover the bits still on chip/disc, its up to the organization to decide how to dispose of the drive and if its worth their/their clients' interest in making sure the data is not recoverable. I wouldn't want my bank to simply toss a bad drive out in the normal garbage.... -T
Support TBI Research: http://www.raisinhope.org
There are two basic threat models here - the DriveSavers level and the KGB level. dd will overwrite most of the bits on your drive, but remember that modern hard drives don't actually let you write physical blocks on the drive; the disk controllers remap requests, replace bad blocks with spares, move stuff around, hide stuff in hidden partitions like the Host Protected Area that standard Linux tools can't access, etc. Commercial data recovery companies like DriveSavers aren't going to find much after a dd, but there may be some data left in the good parts of bad blocks, and if you're dealing with military secrets, that may be enough to be dangerous.
(I've got a 500 GB PATA drive which some cretinous external-drive hardware remapped down to 200 GB when I replaced a bad disk; Linux tools weren't able to fix it, even though we rebuilt the kernel to fix a few things, because it didn't know how to ask the BIOS nicely, nor did WinXP. Linux was able to shrink the usable partition further, though :-)
The other issue is the KGB threat model. DriveSavers isn't going to drag out electron microscopes and other ridiculously high-tech stuff to catch the magnetic images of that 1 bit that weren't quite wiped out by writing a 0 bit over it. Your commercial data's just not worth that much. Military secrets might be. But sandblasting the disk means never having to say you're sorry.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
I sometimes need to destroy hard drives at work. I do it right in front of the user so they know their old data isn't going anywhere. I open the computer, pull out the drive, open the drive, get a screw driver under the disk plate and use it as a lever. The plates will either bend or shatter depending on material.
All I know is that we're all really tired of seeing your two walls of texts on every article.
The way I handled it while working an IT in college: disassemble the drives. After everything was taken apart, I would destroy the platters by shattering them or bending and breaking them into multiple pieces (depending on the material.) I would also break any circuit boards. Then I would throw all the scrap in the trash and save the magnets (because they're awesome.) It was a good way to kill time while waiting for a disk re-image to finish.
Erasing data incorrectly singe 1959. Smashing it into microscopic bits leaves the magnetic data on the platter chunks intact. It's not that big of a leap to assume that we could develop a device that could read the 0's and 1's off of a chunk of a platter.
A 7-pass 0 and 1 alternating wipe is unrecoverable by anyone anywhere ever. Then you can leave it intact. By the way, you'll never guess what my last job was. Go ahead, guess, I'll wait.
I took the certification course and test and got HIPAA certified to erase all the leased computers at a huge hospital. There is one allowable way to do it and that's it. So that company is a bunch of morons who don't know what they're doing. Maybe they inhaled too much Paladium and can't think straight. Speaking of that, that's another good reason not to smash hard drives.
Back in the 80s I ran a computer center that handled classified data, and we used DEC RM05 removable-disk-pack drives on a VAX. The AR380-380 regs for declassifying storage media gave us a few choices
- Degaussing with NSA-certified Big Magnets (not in MY computer lab, where I still have disks I want to keep!) - NSA-certified software. The big deal isn't just overwriting it 3-7 times to prevent the KGB from using electron microscopes on it, it's making sure that you've really erased all the data, including the spare and bad blocks remapped by the disk controllers, and if you only had one disk drive in the machine, the software needed to be able to keep running from RAM even after you'd erased the operating system including the files for your disk-wiping commands. (Too much paperwork required.) - Physical destruction. Why, yes, we're a large company with a machine shop down in the basement, and they have Sandblasters! Win!I was no longer sysadmin by the time they closed the classified processing system. My successor got to disassemble the dozen or so disk packs we had and take them down to the machine shop for sandblasting.
Remember how ever sysadmin in the 80s used to have a disk on their wall with decorative scratches on it from a head crash? Hers was pure shiny metal.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
I think they are seriously underestimating the magnetic strength of modern drives. A "9000 gauss" field wouldn't do jack to the platters. It'll certainly f*** up the electronics and coils, but I have money that says the bits are just fine. [see also: Mythbusters attempt to erase a credit card]
For the record, I've read the specs on DLT tapes. It is impractical to "bulk erase" them due to their extremely high magnetic density. While commodity erasers will screw them up, they will not "erase" them -- parts of your data is still there and can be read with specialized hardware. The requirements I read for .gov tapes (many years ago) said "incinerate" with no talk of magnetic erasure. (note: the drive's erase function *will* destroy the data, but it spools the entire tape across the erase head.)
Does the DoD have evidence that data can be recovered from a zeroed drive?
Modern hard drives identify bad sectors on the physical media and remap them in a way that is transparent to the operating system. Wiping the HD with /dev/zero will not zero out these sectors, because the OS does not see them, and the HD will not touch them once they're marked bad. If they contained confidential data prior to being marked bad then that data may well be recoverable. It's a huge long shot, but nation-states have the time and resources to chase such long shots.
Physical destruction is really the only way to be sure. Encrypting the drive from the get-go is the next best thing, since any bad sectors will contain encrypted data, though with the cheap price of drives these days you may just as well destroy it when you're done with it.
I want peace on earth and goodwill toward man.
We are the United States Government! We don't do that sort of thing.
Or will it shred?
http://www.youtube.com/watch?v=sQYPCPB1g3o
The truth shall set you free!
When I was in the Navy, we had equipment to destroy classified (paper) material onboard the ship. I always wondered what the logic in equipment selection was, but there were certain approved ways of destroying classified materials based on classification. Lower levels of classification could be disposed through this garbage disposal like thing that had sea water running through it. Next level up was an JP-5 fueled incinerator, and for the highest level was a mechanical shredder that would turn paper into the finest powder.
I once took an excursion to Reddit, and later HN. Unlimited up/down voting sucks when dealing with a hive-mind.
Melty melty. Slagged bits are hard to recover.
Vote monkeys into Congress. They are cheaper and more trustworthy.
So these are the jerks who wiped out most of the first six seasons of Dr. Who?
when it has to be destroyed is to drop it into a volcano. Works for rings.
At least it didn't wipe this hard drive that was found among the debris from the Columbia accident:
http://www.computerworld.com/s/article/9083718/Shuttle_i_Columbia_s_i_hard_drive_data_recovered_from_crash_site_
Remember "News for Nerds, Stuff that Matters"? Help make it a reality again! http://soylentnews.org
I was asked to help out someone at the university I work at deal with a large number of drives both working and nonworking that were being trashed or sent to surplus. (Old outdated ones mostly. But, the computer I'm writing this on is cobbled together from parts from our surplus, so they do get reused when possible.)
Was rather amazed at the prices charged by Garner. $9K should have a lot more pyrotechnics. At least like a Michael Bay movie, not just a quiet humming and no pieces flying
In the end, we opted for proper use of DBAN on the working ones and taking the nonworking ones down to my shop and driving a heavy punch through the platters with an arbor press. (Note to our department safety droid who might be reading this: Safety glasses were used. :)
Problem solved cheaply, and great stress relief for the person. His eyes lit up at the good old fashioned blue collar destructiveness of it.
Garner! The data ANNIHILATOR!
At least that was my first reaction to their marketing copy.
Longer ago than I care to remember, while in the Air Force, one "extra detail" I ended up with a few times was to destroy some mainframe magnetic tapes that had been used for Top Secret and above data. The protocol we (there HAD to be two people doing it) were required to follow was to run each tape TWICE through a very large automated degaussing machine and THEN strip the tape OFF the reel into a "BURN BAG" which was taken under guard to an incinerator and burned. I guess they were afraid of all those bits floating off into the Either with the smoke -- and this was LONG before there was Ethernet!
I'm ex Navy too. Personally used the shredder. The dust had to fit through a metal screen before it could exit the shredding section. It would make great blown in insulation, except the flamibility factor. The shredder was larger than my car.
The truth shall set you free!
... addresses the subject and is at the same time very entertaining!
(Warning: large video download... but its worth it!)
"And That's How I Lost My Eye: Exploring Emergency Data Destruction"
by Shane Lawson, Bruce Potter & Deviant Ollam
https://media.defcon.org/dc-19/video/DEF%20CON%2019%20Hacking%20Conference%20Presentation%20By%20-%20Lawson%20Potter%20and%20Deviant%20Ollam%20-%20And%20Thats%20How%20I%20Lost%20My%20Eye%20Exploring%20Emergency%20Data%20Destruction%20-%20Video.m4v
Thermite
Another day closer to redwood heaven
I was at that RSA Conference and what was interesting is that there was a data recovery booth across from the data destruction booth. I though it would be interesting to see which one would win.
The reason for destroying data - today it may be incriminating data and private information but in 100 years it would be a goldmine for researchers.
When we look back at information from 100 years ago we can't really blame anyone and everything was on paper, and a lot of what we produce today is electronic - what will the researchers in 100 years look at? Are we creating a black hole in history?
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
The shredder is the only one I didn't use, but a friend did when we were in training on the ship. I had no idea what he was doing that day and he showed up at lunch looking like he just walked through a snowstorm.
I once took an excursion to Reddit, and later HN. Unlimited up/down voting sucks when dealing with a hive-mind.
I have a special storage space for harddisks that died or are removed from discarted pc's. Properly erasing the drives with software conforming to military wiping standards will cost me many hours. A couple of years back I saw an article about data recovery, a highly specialized company was able to recover data even from a disk shot with a nail gun. The only real failure in recovery was a computer displayed in the lobby that was mostly melted in a fire. Now I throw anywhere between 20 and 30 disks a year in a fire after removing the pcb's, they mely to strange artworks. One time it was too dry to make a fire, removing the platters and putting them in an over at the highest temp for half an hour peeled the magnetic coating (be cairfull with notebook harddisks, those have glass/ceramic platters that are break and shatter with many sharp fragments)
But lower RPM coupled with an IDE interface should eliminate ANY consideration on re-using the drives I'm referring to.
Don't count on it. Some of us geeks are total pack-rats. I still have an old Slackware box running as a mail server which still has an early motherboard and low-rpm IDE drives. The machine doesn't need to have a high spec to still be useful, and I still have lots of spare parts to keep it running for at least another 15 years if I feel like it.
That said, I think I have a foolproof destruction method: in an earlier life I used to be a blacksmith, and I still have my 500lb pneumatic hammer. A few good wallops from that mother will leave even the most sturdy HDD thinner than a bee's dick, and I defy anybody to extract any data from it.
CF cards are IDE-based. Just plug one into an adapter and plug it into the IDE port on the motherboard.
Warning: not all CF-to-IDE adapter provide all the necessary connections (wires) to support UDMA speeds. With some you're back to PIO slow speed and high CPU usage, even if the CF card support UDMA-133 or whatever.
(Remember all this stories of IDE cable where the only difference is a hole punched into the ribbon to disconnect 1 wire? It's exactly the same story. So check closely if the adapter you're buying supports UDMA).
Cheap, faster, and more reliable than the old 40GB drives.
Faster: See above.
Reliable: well, it's flash. It's less flacky than a 20 years old IDE drive. *BUT* its sensitive to the same kind of limited erase-rewrite cycles as any other SSD (except this is a IDE-SSD with a connector downsize to 1 inch :-P )
So use a flash-friendly filesystem with proper tuning to the file system to adapt to flash, and with proper tuning to the rest of the OS to decrease the amount of writes.
(More ram, use ramdisk ('tmpfs') for temporary stores ('/tmp' and co))
Might want to use RAID-5 or RAID-6. (So a burned CF card doesn't impact much).
Alternative: Might want to use BTRFS or ZFS, with the file system tuned to be resilient to the loss of 1 or 2 drives/card (ZFS: use RAID-Z or RAID-Z2, BTRFS: configure to always keep 2-3 copies spread across several drives).
The advantages is that you can mix-and-match sizes of HDD / CF card.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
With a 22-250 stuffed with 40-grain bullets@4200 fps. I had the drive set up at 25 yards, facing me - I aimed for the spindle, and by sheer luck hit it dead-on. At that speed, the thing literally detonated; the covers were intact but bulged, outside of that there was nothing left bigger than my fingernail...even the frame. Possibly the most satisfying act of destruction I've ever carried out.
Facts do not cease to exist because they are ignored. - Aldous Huxley
How is this better and cheaper than a $35 microwave oven? Have you seen what these do to a CD or any other kind of disk?
And it's cost competitive with a bullet.
I can read that many slashdot posters are quite creative in finding cheaper and easier ways to destroy data -- so I can only suppose that the business model here is; "We make you look cooler so you can pad that giant budget."
Hex stochastic noise scrambling of a drive before repeated degaussing and then Regulation level 5 shredding just sounds more responsible on a budget than; "Chunked that thing in the microwave and watched the sparks, dude!"
>>"ad space available -- low rates!!!"
The light is green, the trap is clean. The data is incarcerated in our custom-built storage facility.
The "neither" is not necessary, actually.
Hell, I nearly but the "nor a hash of it" in parenthesis, which would make the "neither" straight up wrong.
So tired of reading these disk destruction threads. This question comes up on Slashdot every few months and it's the same, tired, old nonsense. If you really cared about your data not falling into nefarious hands, you would've encrypted it in the first place.
There's no serious, practical reason to give a hard drive a spectacular destruction other to satisfy primitive urges.