Slashdot Mirror

← Back to Stories (view on slashdot.org)

When Your Data Absolutely, Positively has to be Destroyed (Video)

Posted by Roblimo on from the it's-all-about-the-magnetism dept.

Here's a corporate motto for you: "Destroying data since 1959." Timothy ran into a company called Garner Products (which doesn't use that motto as far as we know), at a security conference. While most exhibitors were busily preserving or encrypting data one way or another, Garner was not only destroying data but delighting in it. And yes, they've really been doing this since 1959; they started out degaussing broadcast cartridges so broadcasters could re-use them without worrying about old cue tones creeping into new recordings. Now, you might ask, "Instead of spending $9,000 or more to render hard drives useless, couldn't you just use a $24 sledge hammer? And have the fun of destroying something physical as a free bonus?" Yes, you could. You'd get healthy exercise as well, and if you only wanted to destroy the data on the hard drives, so what? New drives are cheap these days. But some government agencies and financial institutions require degaussing before the physical destruction (and Garner has machines that do physical destruction, too -- which is how they deal with SSDs). Garner Products President Ron Stofan says in the interview that their destruction process is more certain than shooting a hard drive with a .45. But neither he nor Tim demonstrated a shooting vs. degaussing test for us, so we remain skeptical.

26 of 295 comments (clear)

  1. dd by Anonymous Coward · · Score: 4, Informative

    dd if=/dev/zero of=/dev/sda bs=1024 &

    1. Re:dd by Gordonjcp · · Score: 4, Insightful

      Exactly. A single pass of /dev/zero will wipe all the data on the drive beyond any hope of recovery, and sure as hell doesn't cost nine grand.

    2. Re:dd by SpectreBlofeld · · Score: 3, Informative

      I encourage anyone who has 20 minutes to spare to watch this short Frontline documentary on E-waste:

      http://www.pbs.org/frontlineworld/stories/ghana804/video/video_index.html

      I bet lots of companies throwing out old hardware who are worried about data leakage could actually find use for their old drives in-house. Hell, just keep them in a closet somewhere until one of your in-use drives go bad (and they will).

    3. Re:dd by h4rr4r · · Score: 3, Insightful

      What are you going to do with several hundred 40GB IDE drives?
      How about some SCSI320 drives?

      No one has enough room to store all this crap.

    4. Re:dd by Hatta · · Score: 3, Interesting

      Does the DoD have evidence that data can be recovered from a zeroed drive? Or do the recommend overkill just because they can?

      --
      Give me Classic Slashdot or give me death!
    5. Re:dd by Frank+T.+Lofaro+Jr. · · Score: 5, Funny

      Just store your data using ReiserFS, kill the power and your data's dead too.

      --
      Just because it CAN be done, doesn't mean it should!
    6. Re:dd by acariquara · · Score: 5, Funny

      What are you going to do with several hundred 40GB IDE drives?

      World's crappiest RAID5?

      --
      Dear aunt, let's set so double the killer delete select all
    7. Re:dd by sexconker · · Score: 5, Insightful

      dd if=/dev/zero of=/dev/sda bs=1024 &

      Won't work on an SSD. You have no idea what the controller is doing behind the scenes. There is capacity on the SSD that is completely and utterly inaccessible to the host. When you write 256 GB of zeros to your 256 GB SSD, you've probably got 16 or 32 GB the controller hasn't told you about, with data you know nothing about. You have to issue the ATA SECURE ERASE command, and even then you'll have no idea if the controller actually respected it and wiped everything.

      For SSDs there are two reliable options.

      1: Encrypt everything in software so the key nor a hash of it could never possibly be stored on the drive in unencrypted form.
      2: Physical destruction.

    8. Re:dd by Anubis+IV · · Score: 3, Interesting

      The theory regarding how data could be recovered from a zeroed drive seems sound enough, namely that by measuring the difference between the analog signal captured directly from the head before it is converted to a digital signal, and then taking the difference between it and the digital signal, one can determine what the previous state was for each of those bits. And it also stands to reason that the various intelligence agencies who are purported to possess such capabilities would not be forthcoming in revealing their ability to do so.

      That said, regardless of whether the technology exists or not, people who advocate 7-pass and 35-pass overwrites are just wasting their time, since even the author of the paper that proposed the 35-pass method acknowledged that only a subset of those passes are necessary for any particular drive, and that with modern drives a simple series of random rewrites would be more than sufficient. He even referred to the way that many people were using his technique as "a kind of voodoo incantation".

    9. Re:dd by omnichad · · Score: 3, Informative

      With the platter density, a 5400 RPM 500GB single platter drive gets much better throughput.

    10. Re:dd by Penguinisto · · Score: 5, Interesting

      And if you are buying your computers from a standard manufacturer, they cost the same as the TB drives. Might as well get the bigger drives.

      As a bonus, a really enterprising sysadmin will use the (aggregate) empty desktop disk space as a de-centralized near-term backup solution. Mind you, it should never replace tapes, snapshots, etc, but...

      If you can park encrypted copies of critical data around redundantly on every desktop, deny the use of that space to the desktop user, and do it in a way that's automated? Sweet. Why do it? Because you could possibly recover lost data much faster than calling your offsite provider and waiting for a tape to arrive. It also serves as a last-ditch, everything-else-has-failed means of recovering whatever data it is that you deposited there. You;d have to set up some sort of RAID-like redundancy, and a means to automatically update that data on a semi-regular basis, but damn if it wouldn't work. As a bonus, you can put that disk space to legitimate use, instead of watching it get filled up with cat pictures and web cached files from facebook. If each desktop has a TB of drive, you could slash it to 300GB for the desktop user, and take 600GB+ (mind the overhead) from each desktop for company use. Even with only, say, 40 desktops? You could get up an easy 12 TB of aggregate storage with a RAID1-like redundancy - maybe 6 TB if you had 4 copies of each chunk of data, which is still nothing to sneeze at (especially if you've priced SAN shelving as a near-line backup depot...)

      (...though if you were a true BOFH, you could do the same thing, say it's for company data, then use it for your own personal stash or whatever...)

      --
      Quo usque tandem abutere, Nimbus, patientia nostra?
    11. Re:dd by omnichad · · Score: 4, Funny

      You misspelled CSI. The guy just looked at the drive and yelled "Enhance!" and all the data was back.

    12. Re:dd by mindcandy · · Score: 3, Insightful

      If it's old, then it's out of warranty. Yeah, I get the whole e-waste thing, and I'm sure it pains people to see a pallet of otherwise good 1TB drives headed off to be shredded into chips .. but remember they are 3-4 years old and having one go bad while is a far bigger PITA in terms of lost productivity, lost data, etc. than it is to just buy a new one for $100 and pay $1 for the old one to get securely scrapped.

    13. Re:dd by dave562 · · Score: 3, Informative

      A format is not the same as an overwrite. Even a low level format is not the same as zeroing.

    14. Re:dd by Shadow99_1 · · Score: 4, Interesting

      I've done this before in an old 'server' I was re-using. As is typical this had been laying around in the server room for 7 or 8 years even after it had been replaced (once upon a time it ran WinNT). My company at the time gave me no budget and said they wanted our website (which not even 500 people a year ever looked at) moved inhouse. So I repurposed this guy and seeing as how the enclosure was designed to hold a dozen or so drive I stuffed it full of old 40 GB drives I'd pulled from desktops and set up a RAID 5 arrangement with 10 of them. Was never really any reason not to do it. It made an ok little linux webserver running a CLI environment for remote access.

      --
      we are all invisible unless we choose otherwise
    15. Re:dd by Synerg1y · · Score: 3, Interesting

      This:

      http://mashable.com/2011/09/13/hard-drive-creations/

      nobody would think to recover data from my skyline replica!

    16. Re:dd by Insightfill · · Score: 5, Informative

      As a bonus, a really enterprising sysadmin will use the (aggregate) empty desktop disk space as a de-centralized near-term backup solution. Mind you, it should never replace tapes, snapshots, etc, but...

      If you can park encrypted copies of critical data around redundantly on every desktop, deny the use of that space to the desktop user, and do it in a way that's automated? Sweet.

      Many years ago, a company named "Mangosoft" had a product named "Medley" which would do this.. Each user would allocate a certain amount of their disk drive to the "Medley" drive, and all of the users (up to 25 max) would share a really big drive together. Earlier versions of this technology worked by basically keeping two copies of every file, and moving a copy to the local drive of the last user who accessed it. If a machine holding a file went down (power, etc.) then the list of files it held would be pushed around from other working machines to always ensure duplicates are still around.

      Current versions of this would probably be GlusterFS, Coda and Tahoe.

  2. Thermite by 2starr · · Score: 4, Funny

    No, no, no. When it absolutely has to be destroyed, you use thermite.

    --

    "Let your heart soar as high as it will. Refuse to be average." - A. W. Tozer

  3. Sodium Hydroxide by morcego · · Score: 3, Funny

    I find a bath in NaOH to be a very effective way to destroy media past any possible recovery. Specially if you are going to incinerate it afterwards.

    NaOH is also very cheap, and available everywhere, making it a wonderful low budget solution to use in the less cosmopolitan parts of the world.

    --
    morcego
  4. This is not for us. by rodrigoandrade · · Score: 5, Insightful

    This is a company that leeches off government contractors (Lockheed et al.) that have virtually infinite budgets paid by our tax dollars.

    Thus, $9000 for a low-level wipe.

    1. Re:This is not for us. by gl4ss · · Score: 3, Insightful

      actually low level wipe sounds more useful and more impervious to an overdesigned harddrive problem(the casing in this process remains intact - I guess there's some physics involved why the hd casing couldn't protect the discs themselves while the hd electronics themselves get fried by the process).

      and well, if you plop that 9k you can wipe as many drives as you want I suppose.

      --
      world was created 5 seconds before this post as it is.
  5. COAL by Charliemopps · · Score: 3, Informative

    Coal is about $80/ton. Take about 1lb of that, light it, set a bunch of hard drives in the middle of it, put a house fan next to it... hard drives are a puddle of molten steel/plastic in about 10min and it cost you pennies. You can do the same with propane, but you'll need to build a burner and such.

    And before anyone gets on their high horse about burning coal, keep in mind the little device they're using her was most likely powered by coal generated electricity.

  6. Crazy System Admin by scribblej · · Score: 3, Insightful

    Our former sysadmin purchased a drill press for the purpose of rendering old hard drives unrecoverable. Seemed both fun and practical.

  7. There's already an age-group for that. by u64 · · Score: 3, Funny

    Just hand it over to any teenager - they usually destroy most things that comes anywhere near them.
    To guarantee swift and total destruction make sure to tell them to *please* be careful with it.
    And that it is fragile and expensive.

  8. Seriously though... by paranoid123 · · Score: 3, Insightful

    I worked in a legal firm which specialized in e-discovery and forensics, they weren't data-recovery specialists, but they were able to pull data from slack space and previously rewritten areas. But that is besides the point. For client-privacy reasons, legal reasons, and corporate policy, they ended up with hundreds of hard drives per month that needed to be destroyed with no possible way to recover the data. A $24 sledgehammer is certainly a cheap and fun sounding answer. But after smashing five hard drives, this stops being fun, you're making a lot of noise, and someone would need to clean up the mess. I'm sure OSHA wouldn't approve of that either. We were in a corporate office in the middle of New York City, so smart-ass solutions like thermite; sodium hydroxide; shooting them with a .45, a shotgun, or a bazooka aren't going to fly. Because of chain of custody, you couldn't even take the hard disks into an empty field to do this. The guy responsible for destruction started unscrewing everything, taking out the platters, then punching a hole in the platters with a screw-press. But like the sledgehammer solution, this was slow labor-intensive. I believe they ended up using a qualified HD destruction service, who would come to your office once a month, and give you metal confetti back. This of course isn't cheap. Eventually, purchasing one of these Garner devices would make economic sense. My point is, sure, given our own devices, we can think of quick and fun ways to destroy a hard disk. But when you are limited by government and corporate rules, companies like Garner aren't just greedy, but filling a real need.

  9. We Sandblasted ours by billstewart · · Score: 3, Interesting

    Back in the 80s I ran a computer center that handled classified data, and we used DEC RM05 removable-disk-pack drives on a VAX. The AR380-380 regs for declassifying storage media gave us a few choices

    - Degaussing with NSA-certified Big Magnets (not in MY computer lab, where I still have disks I want to keep!) - NSA-certified software. The big deal isn't just overwriting it 3-7 times to prevent the KGB from using electron microscopes on it, it's making sure that you've really erased all the data, including the spare and bad blocks remapped by the disk controllers, and if you only had one disk drive in the machine, the software needed to be able to keep running from RAM even after you'd erased the operating system including the files for your disk-wiping commands. (Too much paperwork required.) - Physical destruction. Why, yes, we're a large company with a machine shop down in the basement, and they have Sandblasters! Win!

    I was no longer sysadmin by the time they closed the classified processing system. My successor got to disassemble the dozen or so disk packs we had and take them down to the machine shop for sandblasting.

    Remember how ever sysadmin in the 80s used to have a disk on their wall with decorative scratches on it from a head crash? Hers was pure shiny metal.

    --

    Bill Stewart
    New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks