Secure Hard Drive Deletion Appliance? 573
An anonymous reader asks "I am searching for a box into which I can plug a hard drive (IDE or SCSI of various flavors) and automatically begin a secure deletion process (DoD 2250 compliant or the like would be good). This is normally for dead drives which need to be RMA-ed. Because of various regulations (HIPAA for starters), we need to at least attempt to do a good job clearing the disk. I've heard from a number of places, including this Slashdot story, that degaussing isn't great. There are software solutions out there, but in general, I want to toss a replacement hard drive in and not have to hunt around for hardware to put the bad drive in in order to run the software. Given the right case, a solid state drive, some SCSI cards and one of various pieces of software, I can imagine such a beast. Has anyone seen someone selling something like this?" No case-opening is necessary to use a USB/IDE converter, which might be a good middle ground. Any other ideas?
Question Mark ... (Score:2, Interesting)
by QuaZar666 (164830) Alter Relationship on Thu 16 Jan 04:03AM (#5091822)
Now days the dod drills a hole through the platter on drives that are bad that have to be RMA'd and have contracts so all they have to return is the top of the drive with the label. as for drives they no longer need i do not know. im guessing they write 0 and 1 patterns on the drive 7+ times. (even then data recovery services could recover it)
Silly, but I have this association:
Ground control to major tom
Your circuit's dead, there's something wrong
Can you hear me, major tom?
CC.
BCWipe (Score:5, Interesting)
The ONLY current method proven to be secure (Score:4, Interesting)
http://driveslag.eecue.com [eecue.com]
If it's that important, destroy the drive (Score:2, Interesting)
Another possiblity is to use Bart's PE Builder [nu2.nu] and one of many MS-Windows-based shredders to make a bootable MS-Windows XP CD that does the same thing.
If overwriting the data one or more times does NOT meet legal requirements, then you should overwrite the data once as a precaution in case someone steals the drive before you can permanently erase it, disassemble the drive, drill holes in the platters, then heat the platters, including the drilled-out parts, long enough to completely degauss them. A fireplace should do the trick, but an autoclave or better yet a pottery or cement kiln would do a better job. A kiln might actually melt the platters, which is pretty much the ultimate in data destruction.
An embedded PC-driven entropy rewriter/degausser (Score:4, Interesting)
One word: Thermite (Score:2, Interesting)
Re:Uh, if the hard drive is dead (Score:2, Interesting)
Still Risky Indeed (Score:5, Interesting)
I'm surprised he's even looking for this. I work in a place where for similar regulations we have to wipe HDs securely before disposal, but that's only for working ones. Damaged HDs cannot be sent back because of the info on them, they have to be destroyed locally. We take the platters out, but I'm not 100% sure how they get destroyed (probably degaussed then physically damaged). The companies we buy PCs from are aware of this too. If a drive dies in one of the PCs that's still under warranty, they replace it and we keep the old drive for proper disposal.
Such a device would only be useful for disposing of old PCs with functionnal HDs in them. I can't see the regulations let them do this.
Degausser (Score:5, Interesting)
The drive housing may, in fact, shunt the field around the drive if it is ferromagnetic. (See if a magnet sticks to it)
If it were me, I'd make a nonmagnetic aluminum housing to screw the drive onto, pad the hell out of it (just incase I slipped), and head on over to Radiology, and use a 10 Tesla (or stronger) MRI to erase that bad boy. I'd rotate it in all 3 dimensions, more than once, just to make sure.
If the field you use demagnetizes to the servo and drive magnets, it'll probably be safe to return for replacement.
I agree that it's probably better to eat the cost of the drives than to risk the getting made the poster child for HIPAA. (You just know they'll looking for someone pull a Martha Stewart on.)
--Mike--
Re:BCWipe (Score:4, Interesting)
VIDEO - Destroying Drives with Acid and Thermite (Score:4, Interesting)
Watch it here [g4tv.com]
Don't Destroy - Encrypt (Score:5, Interesting)
Plenty of businesses use it to encrypt a hard drive (boot time password) prior to production. This way, if the drive fails mechanically and the data can't be destroyed (without physically destroying the drive), the data is still encrypted. As a plus, there is no need to wipe a drive since you only need erase the SafeGuard Kernel which renders it just about as useless. There was a case a while back where one of the European countries tried to brute force this software for a criminal trial and could not do so.
For HIPAA, you'll need to physically destroy a drive if it has failed mechanically and you can't otherwise wipe it.
Don't get me wrong - this software is a pain in the ass since you have to decrypt a drive using the admin software if the underlying OS becomes unbootable. But it is a relatively simple solution, otherwise.
Bad Sectors are Your Enemy (Score:3, Interesting)
For example, in any situation that deals with classified data, once classified the disks can never, ever be unclassified without physical destruction. Part of the reason is that data recovery technology is VERY good, a few years ago, state of the art was the ability to recover data that had been overwritten up to 20 times.
In a nutshell, it worked by looking at the "edges" of the data tracks, because of the minute variations in head positioning, each time the drive wrote out data, the write head was not perfectly centered so there would be enough "splash" on the sides of the track to be able to recover the information. And that was a few years ago, who knows how good the tools are today.
Another thing to watch out for with all of these software solutions - you can only over-write what you can access. If the disk has acquired new bad sectors during its use, the controller automagically copies the data to a spare sector and then puts the bad sector on the "grown defect list." Generally, through software, you can't get to the sectors on the grown defect list - the controller has them remapped to the new sectors But, someone with the right tools can usually read those sectors well enough to extract the data from them.
Do you care about that level of security? I don't know, but you should at least be aware of fragility of most solutions proposed here so far.
Re:Still Risky (Score:4, Interesting)
Re:Bad Sectors are Your Enemy (Score:3, Interesting)
It may have been true in the 80s, but modern drives arent like those old stepper things where thermal expansion would lead to misaligned tracks that arent totaly overwriten, and modern drives dont have any real space between the tracks that can have any information. Today, a bit is saved in little more that is needed to be termally stable. Any remains of an old bit (even if it was the last state) would have to be at least an order of magnitude smaller (or it would cause errors). Something that small would flip simply because of kT.
At least civilian recovery firms werent able to recover data even ONCE overwritten with zeros 2 years back in a C'T test (not even worth mentioning thats the hardest task, and they also send drives that were overwritten with random bits and some which were overwritten 5 times, no need to tell the results there).
Just think about it: even if they pull out the platter and put it under an atomic force microscopy with a magnetic sensing tip, and really can identify a bit with 90% probability even after overwriting... if you need a byte, you are down to 50%, if you need a word, 18%.
And 90% may be doable if its overwriten once, but if its overwritten 5 times, it isnt.
How about using a microcontroller? (Score:2, Interesting)
This is kinda interesting, I think I'll look into it. Add a few buttons on the front of the dongle to chose your paranoia level..
Re:Bad Sectors are Your Enemy (Score:3, Interesting)
Finally someone in this discussion who gets it. Apart from that, the speed of an AFM/MFM microscope would be a couple of bytes per second. Good luck recovering a 40 GB harddisk with that. Nobody has ever demonstrated a successful recovery of overwritten data [nber.org].
AFAIK, data recovery normally deals with restoring data from drives with mechanical or electronic defects. Or with recovering deleted (but not overwritten) data, like the undelete tools in the DOS era.
Re:BCWipe (Score:4, Interesting)
Drives have been doing this for at least the past 10 years that I know of. My old WD Caviar and Maxtor 340MB drives did that around '94-'95.
This is the reason that hard drives suddenly started appearing on the market with seemingly no bad sectors to be marked by the file system to avoid. The days of seeing "B" blocks in Norton Disk Doctor and trying to "recover" them were mostly over. The truth was that there were bad sectors, but they were remapped to spares to make drives look good and help to guarantee minimum storage. Due to this, if you had a drive that did exhibit bad sectors, because the spares were all used up, then you had a really bad drive. I always took such drives back.
This is not new though.
Interestingly enough.... (Score:2, Interesting)
Step 1: Put drive on anvil and pound on it w/8-pound sledgehammer until no piece of the media is bigger than a quarter.
Step 2: Collect pieces, and slag in gas-fired incinerator.
Ashes to Ashes, Dust to Dust (Score:3, Interesting)
Re:Bad Sectors are Your Enemy (Score:3, Interesting)
That was an interesting link. However, I quote:
That is five minutes of acquisition time for around one byte of information. I actually thought it would be a few bytes per second, but it's even worse than that: five minutes per byte! That'd only be useful if you know where to look within many GBs of data. Before you've found c:/Users and Settings/Cyberspook/projects/classified/secret.do