Slashdot Mirror
When Your Data Absolutely, Positively has to be Destroyed (Video)
Here's a corporate motto for you: "Destroying data since 1959." Timothy ran into a company called Garner Products (which doesn't use that motto as far as we know), at a security conference. While most exhibitors were busily preserving or encrypting data one way or another, Garner was not only destroying data but delighting in it. And yes, they've really been doing this since 1959; they started out degaussing broadcast cartridges so broadcasters could re-use them without worrying about old cue tones creeping into new recordings. Now, you might ask, "Instead of spending $9,000 or more to render hard drives useless, couldn't you just use a $24 sledge hammer? And have the fun of destroying something physical as a free bonus?" Yes, you could. You'd get healthy exercise as well, and if you only wanted to destroy the data on the hard drives, so what? New drives are cheap these days. But some government agencies and financial institutions require degaussing before the physical destruction (and Garner has machines that do physical destruction, too -- which is how they deal with SSDs). Garner Products President Ron Stofan says in the interview that their destruction process is more certain than shooting a hard drive with a .45. But neither he nor Tim demonstrated a shooting vs. degaussing test for us, so we remain skeptical.
dd if=/dev/zero of=/dev/sda bs=1024 &
I still find the old fashioned way, "whack the drive real hard with a hammer and shatter the platter" combines the best parts of effectiveness and gratification.
"Ask not what your country can do for you." --John F. Kennedy
No, no, no. When it absolutely has to be destroyed, you use thermite.
"Let your heart soar as high as it will. Refuse to be average." - A. W. Tozer
I find a bath in NaOH to be a very effective way to destroy media past any possible recovery. Specially if you are going to incinerate it afterwards.
NaOH is also very cheap, and available everywhere, making it a wonderful low budget solution to use in the less cosmopolitan parts of the world.
morcego
Problem solved
http://saveie6.com/
Yeah, that approach works. Plus, how can you not trust a company whose slogan is "What needs shredding?"
This is a company that leeches off government contractors (Lockheed et al.) that have virtually infinite budgets paid by our tax dollars.
Thus, $9000 for a low-level wipe.
Coal is about $80/ton. Take about 1lb of that, light it, set a bunch of hard drives in the middle of it, put a house fan next to it... hard drives are a puddle of molten steel/plastic in about 10min and it cost you pennies. You can do the same with propane, but you'll need to build a burner and such.
And before anyone gets on their high horse about burning coal, keep in mind the little device they're using her was most likely powered by coal generated electricity.
Our former sysadmin purchased a drill press for the purpose of rendering old hard drives unrecoverable. Seemed both fun and practical.
Just hand it over to any teenager - they usually destroy most things that comes anywhere near them.
To guarantee swift and total destruction make sure to tell them to *please* be careful with it.
And that it is fragile and expensive.
Open the drive shell. Pull out the platters. Place on top of pile of sticks. Pour gasoline on top of platters and sticks. Light match. Start fire. Roast marshmallows.
sudo make me a sandwich
I worked in a legal firm which specialized in e-discovery and forensics, they weren't data-recovery specialists, but they were able to pull data from slack space and previously rewritten areas. But that is besides the point. For client-privacy reasons, legal reasons, and corporate policy, they ended up with hundreds of hard drives per month that needed to be destroyed with no possible way to recover the data. A $24 sledgehammer is certainly a cheap and fun sounding answer. But after smashing five hard drives, this stops being fun, you're making a lot of noise, and someone would need to clean up the mess. I'm sure OSHA wouldn't approve of that either. We were in a corporate office in the middle of New York City, so smart-ass solutions like thermite; sodium hydroxide; shooting them with a .45, a shotgun, or a bazooka aren't going to fly. Because of chain of custody, you couldn't even take the hard disks into an empty field to do this.
The guy responsible for destruction started unscrewing everything, taking out the platters, then punching a hole in the platters with a screw-press. But like the sledgehammer solution, this was slow labor-intensive. I believe they ended up using a qualified HD destruction service, who would come to your office once a month, and give you metal confetti back. This of course isn't cheap. Eventually, purchasing one of these Garner devices would make economic sense.
My point is, sure, given our own devices, we can think of quick and fun ways to destroy a hard disk. But when you are limited by government and corporate rules, companies like Garner aren't just greedy, but filling a real need.
There are two basic threat models here - the DriveSavers level and the KGB level. dd will overwrite most of the bits on your drive, but remember that modern hard drives don't actually let you write physical blocks on the drive; the disk controllers remap requests, replace bad blocks with spares, move stuff around, hide stuff in hidden partitions like the Host Protected Area that standard Linux tools can't access, etc. Commercial data recovery companies like DriveSavers aren't going to find much after a dd, but there may be some data left in the good parts of bad blocks, and if you're dealing with military secrets, that may be enough to be dangerous.
(I've got a 500 GB PATA drive which some cretinous external-drive hardware remapped down to 200 GB when I replaced a bad disk; Linux tools weren't able to fix it, even though we rebuilt the kernel to fix a few things, because it didn't know how to ask the BIOS nicely, nor did WinXP. Linux was able to shrink the usable partition further, though :-)
The other issue is the KGB threat model. DriveSavers isn't going to drag out electron microscopes and other ridiculously high-tech stuff to catch the magnetic images of that 1 bit that weren't quite wiped out by writing a 0 bit over it. Your commercial data's just not worth that much. Military secrets might be. But sandblasting the disk means never having to say you're sorry.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
I sometimes need to destroy hard drives at work. I do it right in front of the user so they know their old data isn't going anywhere. I open the computer, pull out the drive, open the drive, get a screw driver under the disk plate and use it as a lever. The plates will either bend or shatter depending on material.
Back in the 80s I ran a computer center that handled classified data, and we used DEC RM05 removable-disk-pack drives on a VAX. The AR380-380 regs for declassifying storage media gave us a few choices
- Degaussing with NSA-certified Big Magnets (not in MY computer lab, where I still have disks I want to keep!) - NSA-certified software. The big deal isn't just overwriting it 3-7 times to prevent the KGB from using electron microscopes on it, it's making sure that you've really erased all the data, including the spare and bad blocks remapped by the disk controllers, and if you only had one disk drive in the machine, the software needed to be able to keep running from RAM even after you'd erased the operating system including the files for your disk-wiping commands. (Too much paperwork required.) - Physical destruction. Why, yes, we're a large company with a machine shop down in the basement, and they have Sandblasters! Win!I was no longer sysadmin by the time they closed the classified processing system. My successor got to disassemble the dozen or so disk packs we had and take them down to the machine shop for sandblasting.
Remember how ever sysadmin in the 80s used to have a disk on their wall with decorative scratches on it from a head crash? Hers was pure shiny metal.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Does the DoD have evidence that data can be recovered from a zeroed drive?
Modern hard drives identify bad sectors on the physical media and remap them in a way that is transparent to the operating system. Wiping the HD with /dev/zero will not zero out these sectors, because the OS does not see them, and the HD will not touch them once they're marked bad. If they contained confidential data prior to being marked bad then that data may well be recoverable. It's a huge long shot, but nation-states have the time and resources to chase such long shots.
Physical destruction is really the only way to be sure. Encrypting the drive from the get-go is the next best thing, since any bad sectors will contain encrypted data, though with the cheap price of drives these days you may just as well destroy it when you're done with it.
I want peace on earth and goodwill toward man.
We are the United States Government! We don't do that sort of thing.
Or will it shred?
http://www.youtube.com/watch?v=sQYPCPB1g3o
The truth shall set you free!
When I was in the Navy, we had equipment to destroy classified (paper) material onboard the ship. I always wondered what the logic in equipment selection was, but there were certain approved ways of destroying classified materials based on classification. Lower levels of classification could be disposed through this garbage disposal like thing that had sea water running through it. Next level up was an JP-5 fueled incinerator, and for the highest level was a mechanical shredder that would turn paper into the finest powder.
I once took an excursion to Reddit, and later HN. Unlimited up/down voting sucks when dealing with a hive-mind.
At least it didn't wipe this hard drive that was found among the debris from the Columbia accident:
http://www.computerworld.com/s/article/9083718/Shuttle_i_Columbia_s_i_hard_drive_data_recovered_from_crash_site_
Remember "News for Nerds, Stuff that Matters"? Help make it a reality again! http://soylentnews.org