Forgot your password?
typodupeerror
Data Storage Privacy

Secure Hard Drive Deletion Appliance? 573

Posted by timothy
from the write-a-lot-of-xs-and-os dept.
An anonymous reader asks "I am searching for a box into which I can plug a hard drive (IDE or SCSI of various flavors) and automatically begin a secure deletion process (DoD 2250 compliant or the like would be good). This is normally for dead drives which need to be RMA-ed. Because of various regulations (HIPAA for starters), we need to at least attempt to do a good job clearing the disk. I've heard from a number of places, including this Slashdot story, that degaussing isn't great. There are software solutions out there, but in general, I want to toss a replacement hard drive in and not have to hunt around for hardware to put the bad drive in in order to run the software. Given the right case, a solid state drive, some SCSI cards and one of various pieces of software, I can imagine such a beast. Has anyone seen someone selling something like this?" No case-opening is necessary to use a USB/IDE converter, which might be a good middle ground. Any other ideas?
This discussion has been archived. No new comments can be posted.

Secure Hard Drive Deletion Appliance?

Comments Filter:
  • Still Risky (Score:5, Insightful)

    by fembots (753724) on Monday April 11, 2005 @07:24PM (#12206596) Homepage
    If you have something so important, it might be best to destroy/keep the dead drives and pay for new ones, which aren't that expensive compared to the risk of someone finding out a way to recover your data even after it's been processed by the state-of-the-art secure deletion processor.

    I believe the information is secured only if it's still in your hand.
    • Precisely. Why RMA a drive if you're so worried? Smash it and bin the fragments.
      • by SYFer (617415) <syfer&syfer,net> on Monday April 11, 2005 @08:12PM (#12207021) Homepage
        Might I suggest the Wilton 20003 12 lb. Unbreakable Double Faced Sledge Hammer? [amazon.com] At 12 pounds and with a shock absorbing handle, you'll find this fully OSHA-compliant device will serve your needs admirably.

        And yes, this most certainly IS an Amazon affiliate link. I believe that if the submitter or other government officials purchase this mission-critical security appliance, I am entitled to my consulting fee. As for the parent poster, well... Uh, I'll buy him a beer when the windfall from this new sledge hammer gig comes rolling in.

        • by focitrixilous P (690813) on Monday April 11, 2005 @11:29PM (#12208419) Journal
          Allow me to embrace and extended.

          The sledge hammer is the linux style solution. More work than is needed, what you need is user convience. Sledgehammers will tire you out, you don't want to do that all day long. What you need is the Remington 870 pump action shotgun. [remington.com] Available in assorted sizes and gauges, the 870 can erase as many as 5 hard drives in a single loading. The 870 comes in 12 gauge, 28 inch barrel for those SCSI drives, down to a .410 shotgun for those hard to wipe flash drives.

          For maximum assurance of data erasure, the 870 cannot be beaten. Be sure to use number 3 shot or larger. Also available in left handed. [remington.com]

          The Remington Gauge system follows the approved national standard, to avoid vendor lock-in. Shells from all competitors will function, though Remington shells are recommended for best preformance. Never doubt if your data was securely erased or not ever again! Come to Remington Country.

          • by gormanly (134067) on Tuesday April 12, 2005 @04:12AM (#12209849)

            Nice OS analogy: allow me to embrace and extend.

            The sledgehammer is a simple, solid and effective tool, yet requires a modest degree of effort. It is available everywhere there is human settlement, is cheap, and has no running costs. A sledgehammer never requires any form of licence or permit to use. It also just works.

            A pump-action shotgun may be easier for the lazy or weak to use; it may even be more fun. It certainly makes it easier to harm your neighbours, or shoot yourself in the foot. Remind you of anything?

            • Do what governments do. Grind the HDs to dust (metalic and otherwise). Then store the dust. My recomendation is to melt the grindings down and turn them into paperweights for the office. No chance of a lawsuit if, for some reason, an HD doesn't get wiped.
    • Still Risky Indeed (Score:5, Interesting)

      by Nik13 (837926) on Monday April 11, 2005 @08:01PM (#12206940) Homepage
      If the drive is faulty, you just might not be able to overwrite the info (not reliably anyways).

      I'm surprised he's even looking for this. I work in a place where for similar regulations we have to wipe HDs securely before disposal, but that's only for working ones. Damaged HDs cannot be sent back because of the info on them, they have to be destroyed locally. We take the platters out, but I'm not 100% sure how they get destroyed (probably degaussed then physically damaged). The companies we buy PCs from are aware of this too. If a drive dies in one of the PCs that's still under warranty, they replace it and we keep the old drive for proper disposal.

      Such a device would only be useful for disposing of old PCs with functionnal HDs in them. I can't see the regulations let them do this.
    • Re:Still Risky (Score:4, Informative)

      by homer_ca (144738) on Monday April 11, 2005 @08:13PM (#12207037)
      It may be easier to pay extra for a warranty that lets you keep the failed hard drive. Dell [dell.com] has one. Others probably do too. Or considering how cheap hard drives are, just buy a few spare drives for the whole office and don't RMA the failed drives. The risk there is if you get a batch of bum drives. It happened at my office. Every single Maxtor drive from one order of Dells failed in less than a year. It was just bad sectors so we could still wipe them.
    • Re:Still Risky (Score:5, Informative)

      by forkazoo (138186) <wrosecrans&gmail,com> on Monday April 11, 2005 @08:38PM (#12207226) Homepage
      Uhhh... I disagree. I work at an organisation which falls under HIPAA. All the money we would spend on new hard drives for no apparent reason would mean that developmentally delayed persons in the community would be unable to get access to the resources we exist to provide.

      Whenever somebody moves from one department to another, they need either a new PC, new HD, or a fresh setup on their old PC after a secure wipe. Every time somebody leaves the organisation, or a new person arrives. Every time a drive dies and the PC needs to get a new one under warranty.

      Right now, I am probably doing a minimum of ten secure wipes every month. A new hard drive would cost roughly a hundred bucks. That's 12,000 dollars annually, minimum, just on hard drives, which would be wasted. That's a certain number of hours we would need to cut back the day program, leaving mentally retarded people roaming the streets without any help. Including the mentally retarded people who aren't allowed near children because they have sexually assaulted them in the past. That's a certain number of winter coats that can't be bought for people who can't work a steady job.

      So, we use a utility called DBAN, Darik's Boot And Nuke. It's part of a free x86 rescue CD I downloaded. It comes with a bootable linux live CD, which includes an ntfs resizer, and memtest86. I usually just run it in teh machine where the HD is, rather than pulling the HDD out. In particular, this is much handier for laptops than a special device would be. OTOH, it would be easy enough to get an external hot swap caddy, and use it as your appliance, just plug it into any machine.

      Also, you can always just dd /dev/random onto your disk a few times. Anybody know any good reason why that would be insuffiecient?
      • Re:Still Risky (Score:4, Interesting)

        by fireloins (139444) on Monday April 11, 2005 @10:31PM (#12208099) Homepage
        I always figured that the safest way to wipe a hard drive would be to heat it up above the Curie temperature. Once all of those domains are randomized, there ain't no information left. Anyone have any idea what T_C is for a hard drive platter? I would guess its in the 700K range, which unfortunately is too hot for your standard oven. But if you have a friend who works at a brick oven pizza parlor, that would probably do the trick.
      • Re:Still Risky (Score:5, Insightful)

        by Marty200 (170963) on Monday April 11, 2005 @10:37PM (#12208139)
        Whenever somebody moves from one department to another, they need either a new PC, new HD, or a fresh setup on their old PC after a secure wipe. Every time somebody leaves the organisation, or a new person arrives. Every time a drive dies and the PC needs to get a new one under warranty.

        Right now, I am probably doing a minimum of ten secure wipes every month. A new hard drive would cost roughly a hundred bucks. That's 12,000 dollars annually, minimum, just on hard drives, which would be wasted.


        You are missing the point. You can wipe a fully function drive that is staying inside your organisation and be fairly sure no one will get to the deleted info. But if the drive is broken, you can't besure the drive has been fully erased. And then you are sending it off to someone outside your organisation who may decided to see what you left on it.

        Also, you can always just dd /dev/random onto your disk a few times. Anybody know any good reason why that would be insuffiecient?

        Because the drive is broken. Chances are you can't write to it.

        Best bet is to keep the drives and destroy them yourselves. If you buy enough stuff you can probably get something worked out with your vendor so you get a deal on warranty replacements.

        MG
      • Re:Still Risky (Score:5, Informative)

        by bersl2 (689221) on Tuesday April 12, 2005 @12:30AM (#12208835) Journal
        Read the DBAN FAQ page:
        Q: Is the Gutmann method the best method?


        A: No.

        Most of the passes in the Gutmann wipe are designed to flip the bits in MFM/RLL encoded disks, which is an encoding that modern hard disks do not use.

        In a followup to his paper, Gutmann said that it is unnecessary to run those passes because you cannot be reasonably certain about how a modern hard disk stores data on the platter. If the encoding is unknown, then writing random patterns is your best strategy.

        In particular, Gutmann says that "in the time since this paper was published, some people have treated the 35-pass overwrite technique described in it more as a kind of voodoo incantation to banish evil spirits than the result of a technical analysis of drive encoding techniques. As a result, they advocate applying the voodoo to PRML and EPRML drives even though it will have no more effect than a simple scrubbing with random data... For any modern PRML/EPRML drive, a few passes of random scrubbing is the best you can do".

        Read these papers by Peter Gutmann:
    • by dsginter (104154) on Monday April 11, 2005 @09:16PM (#12207520)
      SafeGuard Easy [utimaco.com]

      Plenty of businesses use it to encrypt a hard drive (boot time password) prior to production. This way, if the drive fails mechanically and the data can't be destroyed (without physically destroying the drive), the data is still encrypted. As a plus, there is no need to wipe a drive since you only need erase the SafeGuard Kernel which renders it just about as useless. There was a case a while back where one of the European countries tried to brute force this software for a criminal trial and could not do so.

      For HIPAA, you'll need to physically destroy a drive if it has failed mechanically and you can't otherwise wipe it.

      Don't get me wrong - this software is a pain in the ass since you have to decrypt a drive using the admin software if the underlying OS becomes unbootable. But it is a relatively simple solution, otherwise.
  • Question Mark ... (Score:2, Interesting)

    by foobsr (693224)
    Re:Oh, man. Hear it comes. (Score:5, Informative)
    by QuaZar666 (164830) Alter Relationship on Thu 16 Jan 04:03AM (#5091822)
    Now days the dod drills a hole through the platter on drives that are bad that have to be RMA'd and have contracts so all they have to return is the top of the drive with the label. as for drives they no longer need i do not know. im guessing they write 0 and 1 patterns on the drive 7+ times. (even then data recovery services could recover it)

    Silly, but I have this association:
    Groun
    • The data density per square inch on modern drives is such that drilling a whole through the platter leaves a LOT of data behind that can be recovered by a determined person. I suspect that classified drives are still destroyed much more thoroughly than this.
      • One of my jobs in the Air Force was destroying classified drives. This was almost ten years ago and we were much more thorough even back then. Think things that go "boom". I *really* miss that part of the job.
      • 1 word (or is it two?) Wood-chipper.
        • NSA sends their drives (and plenty of other equipment) through something like this, munching stuff to tiny fragments for recycling. Not sure how much of the recycling process happens on-site, but IIRC the final processing is done off-site.
    • by Anonymous Coward
      Your post is like an Oreo cookie, the stuff in the middle is good, but what is with the crap at the top and the bottom? ;)
    • by silentbozo (542534)
      Overwriting only works if the drive is still capable of writing. I've dealt with drives so hosed after we got the data off, that we could barely wipe the partition map. There was still a lot of data left behind on the platter that we could no longer touch because the writing heads/drive electronics were in such bad shape, the drive refused to either be recognized, or to accept commands.

      In these cases, you have to decide: is it more important that you RMA the drive (in which case, you really can't do an
  • Data destruction. (Score:5, Insightful)

    by BWJones (18351) * on Monday April 11, 2005 @07:24PM (#12206600) Homepage Journal
    It really depends upon what level of security you are talking about. Degaussing certainly does not do the job adequately enough for some purposes, but the issue of maintaining a box that has all the hardware to be backwards compatible can be cumbersome and expensive. I suspect you are not in a sensitive/classifed government position as they have protocols for this sort of thing, but if you truly have seriously data sensitive needs for hard drives you are going to retire, I would suggest first formatting the drive with multiple writes and reads of serial 1's and 0's which should prevent 99.9% of data recovery attempts. An older G4 tower running OS X, should allow you to recognize and mount drives formatted with a variety of operating systems. Stick a couple of SCSI cards in it and an ATA and SATA card (Sonnet makes a combined card) which should give you multiple SCSI formats, ATA, Firewire and USB depending upon your needs. If you are really paranoid, actually disassembling the drives, degaussing and physically destroying the platters will finish the job. Believe it or not, data can even be reconstructed at the microscopic level through the use of electron microscopy, so the more damage done to the physical media, the harder it is to extract information.

    • HAHA a G4? Running OSX? AFAIK there is no OS on the planet that can handle reading more partition table formats and handle more actual filesystems than Linux. Also, bad hard drives sometimes kill computers, I have had it happen to me personally. It would be best to use the oldest PCI-bus system you have for this particular task, so if you kill it, you aren't sad when you throw it in the bin.

      If you TRULY are worried about the sanctity of your data, it should be written to disk only in encrypted form, the k

      • It would be best to use the oldest PCI-bus system you have for this particular task, so if you kill it, you aren't sad when you throw it in the bin.

        Since this is a labor intensive process, you also want a fast computer. Losing a G4 shouldn't be bank-breaking for any business.
        • And given that this will be done by a business, I suppose they won't choke on the ridiculous idea of buying an expen$ive, shiny Unix workstation just to trash it's OS and put an OSS alternative on it?

          Sorry folks... I love Linux, I love Macs - but the last thing I will do is by an Apple TO RUN LINUX ON IT. Damn.

          Here is a clue - $500 gets you an up-to-date Sempron Socket-A computer or an okay Socket 764 AMD-64 computer you can run Linux on. Fo' real, yo.
      • Re:Data destruction. (Score:3, Informative)

        by BWJones (18351) *
        OS X does not support Linux's ext2/3 and Reiser right now to my knolwedge, but there is an open source implementation of ext2 available for OS X. That said, OS X can at least boot ext2 filesystems. proc is also not supported, but the following are supported natively in OS X: volfs, union, synthfs, specfs, ramfs, nullfs, loop*, fdesc, devfs, deadfs, cddafs, WebDAV, SMB/CIFS, NFS, FTP, AFP, UFS, UDF, NTFS, MSDOS, ISO9660, HFS+ and HFS. Pretty impressive for an out of the box OS that is also easy to use an
    • I deal with this all the time. There are a few methods that have been approved. You can format with a writting a complete random 0's, 1's across the entire disk 3 times (this includes the protected area where the MBR sits and is hidden from normal usage). Or you can destroy the disk completely. Typically destruction of the disk entails dismantaling the enclosure, removing the platters and then emmersion in a acid or burning in furnace to melt the platters. Hammers are not recommended as the broken pieces ca
  • by drinkypoo (153816) <martin.espinoza@gmail.com> on Monday April 11, 2005 @07:25PM (#12206605) Homepage Journal
    Then you're not going to be writing anything to it anyway.

    The best you can do is use a degausser, since you can't open the drive without voiding your warranty.

  • Home Depot (Score:4, Funny)

    by Sebastopol (189276) on Monday April 11, 2005 @07:25PM (#12206610) Homepage
    ...44 Oz. Framing Hammer.

    Just explain to the RMA operator how you work for a "major construction contracting firm"...
  • dban.sourceforge.net (Score:5, Informative)

    by Anonymous Coward on Monday April 11, 2005 @07:27PM (#12206624)
    dban.sourceforge.net
  • by slashjames (789070) on Monday April 11, 2005 @07:28PM (#12206627)
    http://dban.sourceforge.net/
    Good hardware detection, GPL.
  • Norton Diskreet (Score:2, Informative)

    by wiredlogic (135348)
    Use good old Norton Diskreet (DOS version) and automate it with a batch file running on a tired old PC set out to pasture. All supplies are available on Ebay.
  • Two Ways (Score:3, Insightful)

    by BrynM (217883) * on Monday April 11, 2005 @07:29PM (#12206636) Homepage Journal
    The first is the standard degausser. This may render the drive inoperable, but will erase data securely with just a run through the machine. An example I found was this [datadev.com]. There are many [google.com] more out there.

    The second method is to set up a *nix box with some hot swap drive bays and use that (I actually prefer this method). You can find removable bays all over the place and use *nix to format the drive writing all 0s to it.

    I don't think anyone makes a machine exactly like you describe, but both of these methods will do the trick. Good luck!

    • Re:Two Ways (Score:3, Informative)

      by RealAlaskan (576404)
      You can find removable bays all over the place and use *nix to format the drive writing all 0s to it.

      As I recall, you're better off using a string of alternating 1s and 0s, followed by a string of 0s and 1s, like so: 10101010 followed by 01010101. This maximises the ``change'' you're making on each pass, and so it messes up the traces of the old information the fastest.

      Back when we were still using Western Digital RLL boards, we used to write (and then read, of course) those patterns to a HD to stress

  • BCWipe (Score:5, Interesting)

    by jascat (602034) on Monday April 11, 2005 @07:30PM (#12206644)
    I have used BCWipe [jetico.com] to declassify Secret hard drives. They have a DOS version you can throw on a MS-DOS boot disk and a linux version you can put on a livecd. Either works equally well.
    • Is BCWipe legally authorized for that use though?
      • Re:BCWipe (Score:4, Interesting)

        by jascat (602034) on Monday April 11, 2005 @08:36PM (#12207216)
        From everyone I talked to at various levels, it is actually recommended. The important part is that it supports the DoD prescribed method.
      • Re:BCWipe (Score:5, Informative)

        by TFloore (27278) on Monday April 11, 2005 @11:48PM (#12208567)
        Is BCWipe legally authorized for that use though?

        That's easy...

        NO.

        BCWipe and other such applications will allow you to use a classified (up to SECRET only, nothing more sensitive) harddrive in an unclassified computer/network, but you must STILL track that harddrive, and physically destroy it when you excess the computer. The utility is approved for re-purposing the drive, but it must still be disposed of as any other classified storage, i.e., physically destroyed.

        TS and higher drives may NOT be re-purposed like this, they must be physically destroyed.

        Generally, "physically destroyed" means the drive must be disassembled, and the individual platters wiped with a magnet of a gauranteed minimum field strength. (Sorry, I'd tell you the required field strength, but I don't remember off hand.) After this, the platters can be disposed of just like shredded classified documents would be.

        10 years ago using BCWipe-style software was approved in DOD for declassifying harddrives. This is not the case any more. Pay attention to how harddrives work. They've gotten too smart for this to be guaranteed to wipe data now. They ship with "excess" sectors, and can internally remap any bad sectors to these excess sectors, reading data from them and copying it when the sector is internally detected as "going bad but still accessible". Data in these "bad" remapped sectors can be accessed when the drive is connected in diagnostic mode. If you have a classified storage device, within certain boundaries, you won't know if the drive has performed such a remapping and hidden classified data that could be recovered by an intelligent operator. Therefor, BCWipe-style software is only approved for re-purposing where you maintain physical control of the harddrive. To dispose of the harddrive, you must physically destroy it, basically because the drives have gotten too smart.
        • Re:BCWipe (Score:4, Interesting)

          by Shanep (68243) on Tuesday April 12, 2005 @05:27AM (#12210099) Homepage
          To dispose of the harddrive, you must physically destroy it, basically because the drives have gotten too smart.

          Drives have been doing this for at least the past 10 years that I know of. My old WD Caviar and Maxtor 340MB drives did that around '94-'95.

          This is the reason that hard drives suddenly started appearing on the market with seemingly no bad sectors to be marked by the file system to avoid. The days of seeing "B" blocks in Norton Disk Doctor and trying to "recover" them were mostly over. The truth was that there were bad sectors, but they were remapped to spares to make drives look good and help to guarantee minimum storage. Due to this, if you had a drive that did exhibit bad sectors, because the spares were all used up, then you had a really bad drive. I always took such drives back.

          This is not new though.
  • Drill Press (Score:3, Funny)

    by LighthouseJ (453757) on Monday April 11, 2005 @07:30PM (#12206650)
    Hard drives are so cheap that you can just destroy the hard drive with a drill press. Afterall, they say construction workers that demolish buildings have the highest job satisfaction, you can get your own taste of that.
    • by Ingolfke (515826)
      Have you every tried to use a drill press on a hard drive that is being used? Man... neither have I, but when you do send me the pictures, ok.
  • These guys [ibas.com] will have a solution for you. They know how to recover the data. They know how to erase it past any hope of recovery.

    Disclaimer: Affiliations from past work experience.

  • by tomRakewell (412572) on Monday April 11, 2005 @07:31PM (#12206661)
    Smash the thing to bits! What's wrong with that?
    • You can't RMA the bits. The summary says he wants to wipe all data off drives so he can RMA them and not worry the manufacturer will be able to see anything.
  • Plastique Explosives.
  • by wherley (42799) * on Monday April 11, 2005 @07:31PM (#12206664)
    See http://www.g4tv.com/unscrewed/features/45707/Dark_ Tip_Destroy_All_Data.html [g4tv.com]
    have a few pieces of s/w and h/w mentioned there. use the floppy method on a standalone machine to plug your disk into and wipe it. try Darik's Boot and Nuke method: http://dban.sourceforge.net/ [sourceforge.net]
    • ...I am fairly certain that the only way to get this done is by causing the IDE hard drive to fall from a metal catwalk into liquid metal. I tried using liquid nitrogen and a hammer once but when I woke up in the morning the hard drive was reconstituted back inside my box and all the data was intact.

      I am pretty sure that SATA drives need a priest, holy water, a crucifix, and a copy of the Roman rituals.

      And I just use a shotgun (or chainsaw) on my CD-RW's because the only way to stop them is by "remov
  • Drive Duplicator... (Score:5, Informative)

    by hated (54222) on Monday April 11, 2005 @07:32PM (#12206674) Homepage
    http://www.driveduplicators.com/124.html

    Its primarily a hard drive duplicator but it also has DoD 5220.22-M level wipe. Sorry to plug a specific product :)
    • Looks hella expensive though. Something you'd expect to see MiB toting around, not civilians.
      • by hated (54222)
        The portable appears to be $379...not too bad. If they're looking for HIPAA complaince they should have at least that much to spend. I guess its up to their management though. If they don't want to spend the money then they will have to accept the risk and explain to any auditors why they don't wipe drives.
  • I have.. (Score:3, Funny)

    by Heem (448667) on Monday April 11, 2005 @07:33PM (#12206678) Homepage Journal
    I have such a machine. I call it "Sledge Hammer"

    also a great stress relief tool, ala "Office Space"
  • You must have seen Shred mentioned in the previous discussion. It's GNU coreutils so comes as standard with most Linux (ahem: GNU/Linux) distributions, and deals with file references in your filesystem.

    Shred is not complicated enough to waste files that has been stored on a journaled filesystem, which includes NTFS, ext3, ReiserFS and friends. This doesn't stand in the way of you plugging in a device, for example by USB/Firewire enoclosure), having it automount, according to your distribution's setup, be
  • Go to http://www.granitedigital.com/catalog/pg28_firewi r eidesmartlcdbridge.htm and pick up one of their FireView firewire bridge boards, with display. This is a conventional IDE-to-firewire board, but has a diagnostic system on board, with a two line alphanumeric display and two menu buttons. With this, you can tell the hard drive to do a low level reformat, without even hooking it up to a PC. All you need is a regular USB or firewire external hard drive case and replace its regular bridge board with a
  • by hellomynameisclinton (796928) on Monday April 11, 2005 @07:35PM (#12206705)
    These guys have even done the demonstration for you:
    http://driveslag.eecue.com [eecue.com]
  • Is the drive dead or not?

    Seems to me the drive is either working or it isn't.

    If it's not working, software erasure isn't going to work. If it is working, it's not broken.

    Just my $0.02

    Michael
  • I think HIPPA requirements are met by the electronic equivalent of a cross-cut shredder, destruction beyond all possible recovery is not required. A multi-pass overwrite is probably enough. Almost all bootable Linux CDs have the basic tools to do this, but you may find it handy to write a shell script to automate the process. Some may even have e-z shredders right there in the KDE or Gnome menus. Get a distro that reads USB drives and an external USB/IDE box and you are in business.

    Another possiblity i
  • by ikewillis (586793) on Monday April 11, 2005 @07:38PM (#12206736) Homepage
    ...is my recommended approach. I actually built one of these myself, powered by an embedded Linux PC that boots from CD-ROM. It uses modular exponentation to generate a cryptographically random sector distribution list, to which it writes entropy data generated from an onboard Random Event Generator. It repeats this process 10 times consecutively, then cuts power to the drive and degausses the entire disk. This process is extensive enough to ensure that even the world's most sophisticated data recovery experts will recovery nary a bit from such a drive, and I've automated it to a plug and play process. Simply insert the drive into the degaussing chamber and attach data and power cables, then throw the switch. Wait about an hour or so, and the drive comes out irrevocably blank.
  • by JungleBoy (7578) on Monday April 11, 2005 @07:38PM (#12206738)
    Slashdot already covered the best method of data destruction.

    Drive Slagging [eecue.com]!
  • One word: Thermite (Score:2, Interesting)

    by jamesshuang (598784)
    Drop a nice little mixture of aluminum and iron oxide on the drive, ignite it. Nothing will retrieve that data, not even electron microscopy.
  • Two words

    Shotgun

    It also does wonders on zombies :-)

    Cheers,
    Adolfo
  • curie point (Score:2, Informative)

    by dfuller (304852)

    There is no substitute for heat.

    Cook the drive past the Curie Point with a
    blowtorch. You'd be amazed what folks can recover
    from drives even if they've been "destroyed."

  • load it into a skeet shoot device, launch it, and shoot it with a shotgun. repeat until its blown up good.
  • How would you use anything to destroy the data through the bus on a dead drive - the reason you're replacing it in the first place?
  • Seriously. If you're RMAing a drive because it's dead, there ain't no magic appliance that's going to bring it back to life long enough to erase (read "overwrite", because that's what really happens) the data.

    And no external magnet is going to erase it either. Well, not short of the kind of magnets they use for MRI scans.

    If you just want to make sure the drive is unreadable before disposing of it, use a drill press.
  • I use an external firewire enclosure and wipe [sourceforge.net] to nuke drives that I ebay.

    There's a self-booting CD diskzapper [diskzapper.com] that looks like it ought to do the trick, though I have not used it.

    Other posters mentioned Darik's Boot and Nuke [sourceforge.net] as a floppy-boot solution.

    The ultimate boot cd [ultimatebootcd.com] has a number of different disk wipers on it -- and a ton of other useful utilities on it. No self respecting geek should be without a copy.

    The Recovery Is Possible [tux.org] bootable CD has a copy of wipe [sourceforge.net] on it.

    I wouldn't be suprised if Knoppix-S [knoppix-std.org]
  • Attacking the magnetic media is surprisingly hard. Doable, as other posters have said, but hard.

    Let's stipulate that my solution to the literal question is let the pros do it [experteraser.com] (which also addresses the liability issues).

    So I have another question. Heat is hard on magnetism. What if we hit the drive with an oxy-acetylene torch? Would you have to melt it (expensive), or would the hard drive stop being recoverably with an electron microscope long before then?

    I'd prefer this be answered by someone with experi
  • Here: http://www.softwareandstuff.com/TOL10248.html

    Anyways, it can repair as well as delete.
  • An old PC and a copy of DBAN [sourceforge.net] works just fine for me. But while I do decommission drives with HIPAA in mind, I don't do more than a few every year.

    But I like that USB-IDE idea... in combination with the GPL'd Eraser [heidi.ie] it should make wiping old drives a lot easier for me, and let me get rid of that dusty dinosaur I keep around for wiping drives.
  • Destroy them (Score:3, Informative)

    by agoliveira (188870) <<adilson> <at> <adilson.net>> on Monday April 11, 2005 @07:50PM (#12206859)
    If you prize so much the confidentiality of the date to go to very extreme measures like high level gear just for that, as cheap as the HDs are now, I would just throw them inside a furnace.
  • Not all in jest, may I suggest just using a big magnet in the form of a hammer with which a 5 year old kid will smash the drive to dust? Combining the physical damage/destruction with the repeated strong magnetic influence, this should be enough for anyone. 8-)
  • Why not use software that encrypts everything written to the HDD? I'm no security expert, but you could probably rest easier when retiring/returning HDDs if you're using Pointsec. All of the laptops where I work have Pointsec on them so that if they are lost or stolen, the data on them is probably safe.
  • From the comments of this slashdot.org story [slashdot.org] it seems setting an ATA password after wiping the disk would help head off a person trying to read the data. It would raise the bar pretty high. A person would need fancy equipment to get back into the drive.

    According to the article, resetting the password wipes the drive automatically via the drive's firmware.
  • we have a csc duplicator that we use to erase and copy drives.. VERY slow.. but it does the job. CSC Portable Pro Drive Service/Test/Duplication Workstation [corpsys.com]
  • by metoc (224422) on Monday April 11, 2005 @07:58PM (#12206914)
    The general rule of thumb for data security sensitive industries is to never return the platters.

    Most governments have arrangements to either get a discount up front, or to get the manufacturer to accept the top cover as proof the drive is destroyed, and then provide a warranty replacement.

    For everyone else it is the cost of doing business. Depending on your business the risk is measured in years in court, 7+ digit claims and real impacts on stock price. Replacing failed harddrives out of pocket is cheap.

    Best thing to do is remove the platters and store them as they take up less space, and once you have enough pay a degauss service to blast the entire box. Even then, get an artist to turn them into a piece of art for your front lobby.
    • by djtack (545324) on Monday April 11, 2005 @09:03PM (#12207417)
      I work for a university, and I have been able to get warranty replacements from Western Digital by faxing them a letter on company letterhead, explaining the reasons why we can't return the drive, and attaching a picture of the drive's top plate.

      We then let the geeks have fun destroying the disks. ;) But the parent is absolutely right. If you can't get replacements this way, you'll just have to deal with the cost of replacing them yourself.
  • If it's dead, it is DEAD. No plugging it into a box to write zeros and ones.

    Your BEST bet is to eat the cost of the drives, and then degauss and then melt/feed to industrial grinder the remains.

    Maybe you can cut some kind of deal with the bendor to just return the PCB top part, or maybe part of the drive case, but most likely they will laugh at you for trying to waste their time.

  • Degausser (Score:5, Interesting)

    by ka9dgx (72702) on Monday April 11, 2005 @08:31PM (#12207183) Homepage Journal
    If you want the data gone, but can't physically destroy the patters, you'll need more than the tape demagnetizer from Radio Shack to degauss it. You need a DC magnetic field, a damned strong one. The field at the surface of the disk platters must be at least 3000 Oersted (0.3 Tesla).

    The drive housing may, in fact, shunt the field around the drive if it is ferromagnetic. (See if a magnet sticks to it)

    If it were me, I'd make a nonmagnetic aluminum housing to screw the drive onto, pad the hell out of it (just incase I slipped), and head on over to Radiology, and use a 10 Tesla (or stronger) MRI to erase that bad boy. I'd rotate it in all 3 dimensions, more than once, just to make sure.

    If the field you use demagnetizes to the servo and drive magnets, it'll probably be safe to return for replacement.

    I agree that it's probably better to eat the cost of the drives than to risk the getting made the poster child for HIPAA. (You just know they'll looking for someone pull a Martha Stewart on.)

    --Mike--

  • by ghobbsus (833550) on Monday April 11, 2005 @09:06PM (#12207444)
    There was a two-part segment on the Screen Savers with Patrick Norton and Kevin Rose covering methods of data destruction, including software, grinding, acid, thermite...

    Watch it here [g4tv.com]
  • by Jah-Wren Ryel (80510) on Monday April 11, 2005 @09:34PM (#12207675)
    When you say "secure" I have to ask "how secure?"

    For example, in any situation that deals with classified data, once classified the disks can never, ever be unclassified without physical destruction. Part of the reason is that data recovery technology is VERY good, a few years ago, state of the art was the ability to recover data that had been overwritten up to 20 times.

    In a nutshell, it worked by looking at the "edges" of the data tracks, because of the minute variations in head positioning, each time the drive wrote out data, the write head was not perfectly centered so there would be enough "splash" on the sides of the track to be able to recover the information. And that was a few years ago, who knows how good the tools are today.

    Another thing to watch out for with all of these software solutions - you can only over-write what you can access. If the disk has acquired new bad sectors during its use, the controller automagically copies the data to a spare sector and then puts the bad sector on the "grown defect list." Generally, through software, you can't get to the sectors on the grown defect list - the controller has them remapped to the new sectors But, someone with the right tools can usually read those sectors well enough to extract the data from them.

    Do you care about that level of security? I don't know, but you should at least be aware of fragility of most solutions proposed here so far.
    • I always hear this "overwritten 20 times can be recovered" claim, but it really sounds like a bunch of tinfoil myth to me.

      It may have been true in the 80s, but modern drives arent like those old stepper things where thermal expansion would lead to misaligned tracks that arent totaly overwriten, and modern drives dont have any real space between the tracks that can have any information. Today, a bit is saved in little more that is needed to be termally stable. Any remains of an old bit (even if it was the l
      • Just think about it: even if they pull out the platter and put it under an atomic force microscopy with a magnetic sensing tip, and really can identify a bit with 90% probability even after overwriting... if you need a byte, you are down to 50%,

        Finally someone in this discussion who gets it. Apart from that, the speed of an AFM/MFM microscope would be a couple of bytes per second. Good luck recovering a 40 GB harddisk with that. Nobody has ever demonstrated a successful recovery of overwritten data [nber.org].

        AFA

  • by Allnighterking (74212) on Tuesday April 12, 2005 @12:02AM (#12208680) Homepage
    To wipe the drive insert a knoppix disk, once booted mount your partitions. Cd to a partition and type

    # shred [options] *

    man shred for specifics but shred does NSA style wipes of HDD with as many overwrites as you want (25 is stock) then follow it up with rm -Rf * (since shred destroys the data not the "name") then once all files on all partitions are "wiped" fdisk it, one big partition and put a new file system on it.

    This can be done to NSA standards with a little bit of effort.

    shred is beyond any doubt the most overlooked utility in Linux/Unix.
  • by Decker-Mage (782424) <jack_of_shadows@yahoo.com> on Tuesday April 12, 2005 @02:40AM (#12209514)
    We've discussed this issue to death over in the Computer Forensics list (http://www.securityfocus.com). The conclusion is that the only mechanism that is absolutely compliant is physical destruction of the platter(s). There is a deguasser that may meet current compliancy requrements (note: current!), however it runs about $40,000 per unit and as coercivity increases with new designs, will quickly become obsolete.

    Sorry folks, I'd rather rely on my community there than a bunch of fellow /.'s (grin). Elitist? Yar!

Adding manpower to a late software project makes it later. -- F. Brooks, "The Mythical Man-Month"

Working...