Slashdot Mirror
When Your Data Absolutely, Positively has to be Destroyed (Video)
Here's a corporate motto for you: "Destroying data since 1959." Timothy ran into a company called Garner Products (which doesn't use that motto as far as we know), at a security conference. While most exhibitors were busily preserving or encrypting data one way or another, Garner was not only destroying data but delighting in it. And yes, they've really been doing this since 1959; they started out degaussing broadcast cartridges so broadcasters could re-use them without worrying about old cue tones creeping into new recordings. Now, you might ask, "Instead of spending $9,000 or more to render hard drives useless, couldn't you just use a $24 sledge hammer? And have the fun of destroying something physical as a free bonus?" Yes, you could. You'd get healthy exercise as well, and if you only wanted to destroy the data on the hard drives, so what? New drives are cheap these days. But some government agencies and financial institutions require degaussing before the physical destruction (and Garner has machines that do physical destruction, too -- which is how they deal with SSDs). Garner Products President Ron Stofan says in the interview that their destruction process is more certain than shooting a hard drive with a .45. But neither he nor Tim demonstrated a shooting vs. degaussing test for us, so we remain skeptical.
This is a company that leeches off government contractors (Lockheed et al.) that have virtually infinite budgets paid by our tax dollars.
Thus, $9000 for a low-level wipe.
Just store your data using ReiserFS, kill the power and your data's dead too.
Just because it CAN be done, doesn't mean it should!
What are you going to do with several hundred 40GB IDE drives?
World's crappiest RAID5?
Dear aunt, let's set so double the killer delete select all
dd if=/dev/zero of=/dev/sda bs=1024 &
Won't work on an SSD. You have no idea what the controller is doing behind the scenes. There is capacity on the SSD that is completely and utterly inaccessible to the host. When you write 256 GB of zeros to your 256 GB SSD, you've probably got 16 or 32 GB the controller hasn't told you about, with data you know nothing about. You have to issue the ATA SECURE ERASE command, and even then you'll have no idea if the controller actually respected it and wiped everything.
For SSDs there are two reliable options.
1: Encrypt everything in software so the key nor a hash of it could never possibly be stored on the drive in unencrypted form.
2: Physical destruction.
And if you are buying your computers from a standard manufacturer, they cost the same as the TB drives. Might as well get the bigger drives.
As a bonus, a really enterprising sysadmin will use the (aggregate) empty desktop disk space as a de-centralized near-term backup solution. Mind you, it should never replace tapes, snapshots, etc, but...
If you can park encrypted copies of critical data around redundantly on every desktop, deny the use of that space to the desktop user, and do it in a way that's automated? Sweet. Why do it? Because you could possibly recover lost data much faster than calling your offsite provider and waiting for a tape to arrive. It also serves as a last-ditch, everything-else-has-failed means of recovering whatever data it is that you deposited there. You;d have to set up some sort of RAID-like redundancy, and a means to automatically update that data on a semi-regular basis, but damn if it wouldn't work. As a bonus, you can put that disk space to legitimate use, instead of watching it get filled up with cat pictures and web cached files from facebook. If each desktop has a TB of drive, you could slash it to 300GB for the desktop user, and take 600GB+ (mind the overhead) from each desktop for company use. Even with only, say, 40 desktops? You could get up an easy 12 TB of aggregate storage with a RAID1-like redundancy - maybe 6 TB if you had 4 copies of each chunk of data, which is still nothing to sneeze at (especially if you've priced SAN shelving as a near-line backup depot...)
(...though if you were a true BOFH, you could do the same thing, say it's for company data, then use it for your own personal stash or whatever...)
Quo usque tandem abutere, Nimbus, patientia nostra?
As a bonus, a really enterprising sysadmin will use the (aggregate) empty desktop disk space as a de-centralized near-term backup solution. Mind you, it should never replace tapes, snapshots, etc, but...
If you can park encrypted copies of critical data around redundantly on every desktop, deny the use of that space to the desktop user, and do it in a way that's automated? Sweet.
Many years ago, a company named "Mangosoft" had a product named "Medley" which would do this.. Each user would allocate a certain amount of their disk drive to the "Medley" drive, and all of the users (up to 25 max) would share a really big drive together. Earlier versions of this technology worked by basically keeping two copies of every file, and moving a copy to the local drive of the last user who accessed it. If a machine holding a file went down (power, etc.) then the list of files it held would be pushed around from other working machines to always ensure duplicates are still around.
Current versions of this would probably be GlusterFS, Coda and Tahoe.