Secure Hard Drive Deletion Appliance? 573
An anonymous reader asks "I am searching for a box into which I can plug a hard drive (IDE or SCSI of various flavors) and automatically begin a secure deletion process (DoD 2250 compliant or the like would be good). This is normally for dead drives which need to be RMA-ed. Because of various regulations (HIPAA for starters), we need to at least attempt to do a good job clearing the disk. I've heard from a number of places, including this Slashdot story, that degaussing isn't great. There are software solutions out there, but in general, I want to toss a replacement hard drive in and not have to hunt around for hardware to put the bad drive in in order to run the software. Given the right case, a solid state drive, some SCSI cards and one of various pieces of software, I can imagine such a beast. Has anyone seen someone selling something like this?" No case-opening is necessary to use a USB/IDE converter, which might be a good middle ground. Any other ideas?
Still Risky (Score:5, Insightful)
I believe the information is secured only if it's still in your hand.
A smashed drive tells no tales (Score:2)
Re:A smashed drive tells no tales (Score:5, Funny)
And yes, this most certainly IS an Amazon affiliate link. I believe that if the submitter or other government officials purchase this mission-critical security appliance, I am entitled to my consulting fee. As for the parent poster, well... Uh, I'll buy him a beer when the windfall from this new sledge hammer gig comes rolling in.
Re:A smashed drive tells no tales (Score:5, Funny)
The sledge hammer is the linux style solution. More work than is needed, what you need is user convience. Sledgehammers will tire you out, you don't want to do that all day long. What you need is the Remington 870 pump action shotgun. [remington.com] Available in assorted sizes and gauges, the 870 can erase as many as 5 hard drives in a single loading. The 870 comes in 12 gauge, 28 inch barrel for those SCSI drives, down to a .410 shotgun for those hard to wipe flash drives.
For maximum assurance of data erasure, the 870 cannot be beaten. Be sure to use number 3 shot or larger. Also available in left handed. [remington.com]
The Remington Gauge system follows the approved national standard, to avoid vendor lock-in. Shells from all competitors will function, though Remington shells are recommended for best preformance. Never doubt if your data was securely erased or not ever again! Come to Remington Country.
Re:A smashed drive tells no tales (Score:5, Funny)
Nice OS analogy: allow me to embrace and extend.
The sledgehammer is a simple, solid and effective tool, yet requires a modest degree of effort. It is available everywhere there is human settlement, is cheap, and has no running costs. A sledgehammer never requires any form of licence or permit to use. It also just works.
A pump-action shotgun may be easier for the lazy or weak to use; it may even be more fun. It certainly makes it easier to harm your neighbours, or shoot yourself in the foot. Remind you of anything?
Ashes to Ashes, Dust to Dust (Score:3, Interesting)
Still Risky Indeed (Score:5, Interesting)
I'm surprised he's even looking for this. I work in a place where for similar regulations we have to wipe HDs securely before disposal, but that's only for working ones. Damaged HDs cannot be sent back because of the info on them, they have to be destroyed locally. We take the platters out, but I'm not 100% sure how they get destroyed (probably degaussed then physically damaged). The companies we buy PCs from are aware of this too. If a drive dies in one of the PCs that's still under warranty, they replace it and we keep the old drive for proper disposal.
Such a device would only be useful for disposing of old PCs with functionnal HDs in them. I can't see the regulations let them do this.
Re:Still Risky Indeed (Score:3, Informative)
Army spec is 5 holes equadistant holes drilled through the platters.
Re:Still Risky Indeed (Score:4, Funny)
Re:Still Risky Indeed (Score:3, Funny)
uh-oh Were you in the military? If so, get cranial CT-scan, check for five equidistant holes. =)
Re:Still Risky (Score:4, Informative)
Re:Still Risky (Score:5, Informative)
Whenever somebody moves from one department to another, they need either a new PC, new HD, or a fresh setup on their old PC after a secure wipe. Every time somebody leaves the organisation, or a new person arrives. Every time a drive dies and the PC needs to get a new one under warranty.
Right now, I am probably doing a minimum of ten secure wipes every month. A new hard drive would cost roughly a hundred bucks. That's 12,000 dollars annually, minimum, just on hard drives, which would be wasted. That's a certain number of hours we would need to cut back the day program, leaving mentally retarded people roaming the streets without any help. Including the mentally retarded people who aren't allowed near children because they have sexually assaulted them in the past. That's a certain number of winter coats that can't be bought for people who can't work a steady job.
So, we use a utility called DBAN, Darik's Boot And Nuke. It's part of a free x86 rescue CD I downloaded. It comes with a bootable linux live CD, which includes an ntfs resizer, and memtest86. I usually just run it in teh machine where the HD is, rather than pulling the HDD out. In particular, this is much handier for laptops than a special device would be. OTOH, it would be easy enough to get an external hot swap caddy, and use it as your appliance, just plug it into any machine.
Also, you can always just dd
Re:Still Risky (Score:4, Interesting)
Re:Still Risky (Score:5, Insightful)
Right now, I am probably doing a minimum of ten secure wipes every month. A new hard drive would cost roughly a hundred bucks. That's 12,000 dollars annually, minimum, just on hard drives, which would be wasted.
You are missing the point. You can wipe a fully function drive that is staying inside your organisation and be fairly sure no one will get to the deleted info. But if the drive is broken, you can't besure the drive has been fully erased. And then you are sending it off to someone outside your organisation who may decided to see what you left on it.
Also, you can always just dd
Because the drive is broken. Chances are you can't write to it.
Best bet is to keep the drives and destroy them yourselves. If you buy enough stuff you can probably get something worked out with your vendor so you get a deal on warranty replacements.
MG
Re:Still Risky (Score:5, Informative)
Don't Destroy - Encrypt (Score:5, Interesting)
Plenty of businesses use it to encrypt a hard drive (boot time password) prior to production. This way, if the drive fails mechanically and the data can't be destroyed (without physically destroying the drive), the data is still encrypted. As a plus, there is no need to wipe a drive since you only need erase the SafeGuard Kernel which renders it just about as useless. There was a case a while back where one of the European countries tried to brute force this software for a criminal trial and could not do so.
For HIPAA, you'll need to physically destroy a drive if it has failed mechanically and you can't otherwise wipe it.
Don't get me wrong - this software is a pain in the ass since you have to decrypt a drive using the admin software if the underlying OS becomes unbootable. But it is a relatively simple solution, otherwise.
Re:I say... (Score:4, Insightful)
Question Mark ... (Score:2, Interesting)
by QuaZar666 (164830) Alter Relationship on Thu 16 Jan 04:03AM (#5091822)
Now days the dod drills a hole through the platter on drives that are bad that have to be RMA'd and have contracts so all they have to return is the top of the drive with the label. as for drives they no longer need i do not know. im guessing they write 0 and 1 patterns on the drive 7+ times. (even then data recovery services could recover it)
Silly, but I have this association:
Groun
Re:Question Mark ... (Score:2)
Re:Question Mark ... (Score:2, Funny)
Re:Question Mark ... (Score:2)
Re:Question Mark ... (Score:2)
Re:Question Mark ... (Score:2)
I recall articles about drives with people's personal stuff on them, but not DOD classified information.
In fact, I recall being in a facility with two networks some years ago. I was politely informed to plug my laptop into network connection A, not network connection B, because if I plugged into network connection B, my laptop was no longer allowed to leave the facility. OK, A it was.
Re:Question Mark ... (Score:2, Funny)
Re:Question Mark ... (Score:3, Insightful)
In these cases, you have to decide: is it more important that you RMA the drive (in which case, you really can't do an
Data destruction. (Score:5, Insightful)
Re:Data destruction. (Score:2, Flamebait)
If you TRULY are worried about the sanctity of your data, it should be written to disk only in encrypted form, the k
Re:Data destruction. (Score:2)
Since this is a labor intensive process, you also want a fast computer. Losing a G4 shouldn't be bank-breaking for any business.
Re:Data destruction. (Score:3, Funny)
Sorry folks... I love Linux, I love Macs - but the last thing I will do is by an Apple TO RUN LINUX ON IT. Damn.
Here is a clue - $500 gets you an up-to-date Sempron Socket-A computer or an okay Socket 764 AMD-64 computer you can run Linux on. Fo' real, yo.
Re:Data destruction. (Score:3, Informative)
This guy is correct... (Score:3, Informative)
Re:Data destruction. (Score:5, Informative)
Happy torching!
Uh, if the hard drive is dead (Score:5, Insightful)
The best you can do is use a degausser, since you can't open the drive without voiding your warranty.
Re:Uh, if the hard drive is dead (Score:2, Interesting)
Re:Uh, if the hard drive is dead (Score:5, Funny)
Home Depot (Score:4, Funny)
Just explain to the RMA operator how you work for a "major construction contracting firm"...
dban.sourceforge.net (Score:5, Informative)
DBAN - Darik's Boot and Nuke (Score:4, Informative)
Good hardware detection, GPL.
Re:DBAN - Darik's Boot and Nuke (Score:3, Informative)
Add eraser to the list of programs that might do the job.
Re:DBAN - Darik's Boot and Nuke (Score:5, Informative)
I run it from the Ultimate Boot CD, http://www.ultimatebootcd.com [ultimatebootcd.com], which has a ton of other diagnostic utilities on it, including the drive diag tools from all the major manufacturers. Extremely handy little CD to have around.
Norton Diskreet (Score:2, Informative)
Two Ways (Score:3, Insightful)
The second method is to set up a *nix box with some hot swap drive bays and use that (I actually prefer this method). You can find removable bays all over the place and use *nix to format the drive writing all 0s to it.
I don't think anyone makes a machine exactly like you describe, but both of these methods will do the trick. Good luck!
Re:Two Ways (Score:3, Informative)
As I recall, you're better off using a string of alternating 1s and 0s, followed by a string of 0s and 1s, like so: 10101010 followed by 01010101. This maximises the ``change'' you're making on each pass, and so it messes up the traces of the old information the fastest.
Back when we were still using Western Digital RLL boards, we used to write (and then read, of course) those patterns to a HD to stress
BCWipe (Score:5, Interesting)
Re:BCWipe (Score:2)
Re:BCWipe (Score:4, Interesting)
Re:BCWipe (Score:5, Informative)
That's easy...
NO.
BCWipe and other such applications will allow you to use a classified (up to SECRET only, nothing more sensitive) harddrive in an unclassified computer/network, but you must STILL track that harddrive, and physically destroy it when you excess the computer. The utility is approved for re-purposing the drive, but it must still be disposed of as any other classified storage, i.e., physically destroyed.
TS and higher drives may NOT be re-purposed like this, they must be physically destroyed.
Generally, "physically destroyed" means the drive must be disassembled, and the individual platters wiped with a magnet of a gauranteed minimum field strength. (Sorry, I'd tell you the required field strength, but I don't remember off hand.) After this, the platters can be disposed of just like shredded classified documents would be.
10 years ago using BCWipe-style software was approved in DOD for declassifying harddrives. This is not the case any more. Pay attention to how harddrives work. They've gotten too smart for this to be guaranteed to wipe data now. They ship with "excess" sectors, and can internally remap any bad sectors to these excess sectors, reading data from them and copying it when the sector is internally detected as "going bad but still accessible". Data in these "bad" remapped sectors can be accessed when the drive is connected in diagnostic mode. If you have a classified storage device, within certain boundaries, you won't know if the drive has performed such a remapping and hidden classified data that could be recovered by an intelligent operator. Therefor, BCWipe-style software is only approved for re-purposing where you maintain physical control of the harddrive. To dispose of the harddrive, you must physically destroy it, basically because the drives have gotten too smart.
Re:BCWipe (Score:4, Interesting)
Drives have been doing this for at least the past 10 years that I know of. My old WD Caviar and Maxtor 340MB drives did that around '94-'95.
This is the reason that hard drives suddenly started appearing on the market with seemingly no bad sectors to be marked by the file system to avoid. The days of seeing "B" blocks in Norton Disk Doctor and trying to "recover" them were mostly over. The truth was that there were bad sectors, but they were remapped to spares to make drives look good and help to guarantee minimum storage. Due to this, if you had a drive that did exhibit bad sectors, because the spares were all used up, then you had a really bad drive. I always took such drives back.
This is not new though.
Drill Press (Score:3, Funny)
Re:Drill Press (Score:2, Funny)
Degaussing is the way to go (Score:2, Informative)
These guys [ibas.com] will have a solution for you. They know how to recover the data. They know how to erase it past any hope of recovery.
Disclaimer: Affiliations from past work experience.
Use a freaking hammer (Score:3)
Uhh (Score:2)
Two Words (Score:2)
Unscrewed segment covered topic (Score:5, Informative)
have a few pieces of s/w and h/w mentioned there. use the floppy method on a standalone machine to plug your disk into and wipe it. try Darik's Boot and Nuke method: http://dban.sourceforge.net/ [sourceforge.net]
This will not work... (Score:2, Funny)
I am pretty sure that SATA drives need a priest, holy water, a crucifix, and a copy of the Roman rituals.
And I just use a shotgun (or chainsaw) on my CD-RW's because the only way to stop them is by "remov
Drive Duplicator... (Score:5, Informative)
Its primarily a hard drive duplicator but it also has DoD 5220.22-M level wipe. Sorry to plug a specific product
Re:Drive Duplicator... (Score:2)
Re:Drive Duplicator... (Score:2, Informative)
I have.. (Score:3, Funny)
also a great stress relief tool, ala "Office Space"
Gnu coreutils provides `shred' (Score:2, Informative)
Shred is not complicated enough to waste files that has been stored on a journaled filesystem, which includes NTFS, ext3, ReiserFS and friends. This doesn't stand in the way of you plugging in a device, for example by USB/Firewire enoclosure), having it automount, according to your distribution's setup, be
hardware solution, no computer required (Score:2)
The ONLY current method proven to be secure (Score:4, Interesting)
http://driveslag.eecue.com [eecue.com]
Is the drive dead or not? (Score:2)
Seems to me the drive is either working or it isn't.
If it's not working, software erasure isn't going to work. If it is working, it's not broken.
Just my $0.02
Michael
If it's that important, destroy the drive (Score:2, Interesting)
Another possiblity i
Have you tried... (Score:2)
An embedded PC-driven entropy rewriter/degausser (Score:4, Interesting)
Already Covered the Best Method (Score:3, Informative)
Drive Slagging [eecue.com]!
One word: Thermite (Score:2, Interesting)
Two words (Score:2)
Shotgun
It also does wonders on zombies
Cheers,
Adolfo
curie point (Score:2, Informative)
There is no substitute for heat.
Cook the drive past the Curie Point with a
blowtorch. You'd be amazed what folks can recover
from drives even if they've been "destroyed."
use the shotgun method. (Score:2, Funny)
But if it's a dead drive.. (Score:2)
You have been trolled. (Score:2)
And no external magnet is going to erase it either. Well, not short of the kind of magnets they use for MRI scans.
If you just want to make sure the drive is unreadable before disposing of it, use a drill press.
ObKarmaWhoring (Score:2)
There's a self-booting CD diskzapper [diskzapper.com] that looks like it ought to do the trick, though I have not used it.
Other posters mentioned Darik's Boot and Nuke [sourceforge.net] as a floppy-boot solution.
The ultimate boot cd [ultimatebootcd.com] has a number of different disk wipers on it -- and a ton of other useful utilities on it. No self respecting geek should be without a copy.
The Recovery Is Possible [tux.org] bootable CD has a copy of wipe [sourceforge.net] on it.
I wouldn't be suprised if Knoppix-S [knoppix-std.org]
Degaussing alternative (Score:2)
Let's stipulate that my solution to the literal question is let the pros do it [experteraser.com] (which also addresses the liability issues).
So I have another question. Heat is hard on magnetism. What if we hit the drive with an oxy-acetylene torch? Would you have to melt it (expensive), or would the hard drive stop being recoverably with an electron microscope long before then?
I'd prefer this be answered by someone with experi
CSC repair device does it (Score:2)
Anyways, it can repair as well as delete.
Old PC + DBAN or Eraser (Score:2)
But I like that USB-IDE idea... in combination with the GPL'd Eraser [heidi.ie] it should make wiping old drives a lot easier for me, and let me get rid of that dusty dinosaur I keep around for wiping drives.
Destroy them (Score:3, Informative)
a big heavy magnet? (Score:2)
these are my hard drive wiping utilities (Score:2)
For those old MFM and SCSI drives though.... [btfh.net]
How about Pointsec? (Score:2)
What about wipe and set an ATA password? (Score:2)
According to the article, resetting the password wipes the drive automatically via the drive's firmware.
csc duplicator (Score:2)
No RMAs are the cost of doing business (Score:5, Informative)
Most governments have arrangements to either get a discount up front, or to get the manufacturer to accept the top cover as proof the drive is destroyed, and then provide a warranty replacement.
For everyone else it is the cost of doing business. Depending on your business the risk is measured in years in court, 7+ digit claims and real impacts on stock price. Replacing failed harddrives out of pocket is cheap.
Best thing to do is remove the platters and store them as they take up less space, and once you have enough pay a degauss service to blast the entire box. Even then, get an artist to turn them into a piece of art for your front lobby.
Re:No RMAs are the cost of doing business (Score:5, Informative)
We then let the geeks have fun destroying the disks.
Oh puh-lease... (Score:2)
If it's dead, it is DEAD. No plugging it into a box to write zeros and ones.
Your BEST bet is to eat the cost of the drives, and then degauss and then melt/feed to industrial grinder the remains.
Maybe you can cut some kind of deal with the bendor to just return the PCB top part, or maybe part of the drive case, but most likely they will laugh at you for trying to waste their time.
Degausser (Score:5, Interesting)
The drive housing may, in fact, shunt the field around the drive if it is ferromagnetic. (See if a magnet sticks to it)
If it were me, I'd make a nonmagnetic aluminum housing to screw the drive onto, pad the hell out of it (just incase I slipped), and head on over to Radiology, and use a 10 Tesla (or stronger) MRI to erase that bad boy. I'd rotate it in all 3 dimensions, more than once, just to make sure.
If the field you use demagnetizes to the servo and drive magnets, it'll probably be safe to return for replacement.
I agree that it's probably better to eat the cost of the drives than to risk the getting made the poster child for HIPAA. (You just know they'll looking for someone pull a Martha Stewart on.)
--Mike--
VIDEO - Destroying Drives with Acid and Thermite (Score:4, Interesting)
Watch it here [g4tv.com]
Bad Sectors are Your Enemy (Score:3, Interesting)
For example, in any situation that deals with classified data, once classified the disks can never, ever be unclassified without physical destruction. Part of the reason is that data recovery technology is VERY good, a few years ago, state of the art was the ability to recover data that had been overwritten up to 20 times.
In a nutshell, it worked by looking at the "edges" of the data tracks, because of the minute variations in head positioning, each time the drive wrote out data, the write head was not perfectly centered so there would be enough "splash" on the sides of the track to be able to recover the information. And that was a few years ago, who knows how good the tools are today.
Another thing to watch out for with all of these software solutions - you can only over-write what you can access. If the disk has acquired new bad sectors during its use, the controller automagically copies the data to a spare sector and then puts the bad sector on the "grown defect list." Generally, through software, you can't get to the sectors on the grown defect list - the controller has them remapped to the new sectors But, someone with the right tools can usually read those sectors well enough to extract the data from them.
Do you care about that level of security? I don't know, but you should at least be aware of fragility of most solutions proposed here so far.
Re:Bad Sectors are Your Enemy (Score:3, Interesting)
It may have been true in the 80s, but modern drives arent like those old stepper things where thermal expansion would lead to misaligned tracks that arent totaly overwriten, and modern drives dont have any real space between the tracks that can have any information. Today, a bit is saved in little more that is needed to be termally stable. Any remains of an old bit (even if it was the l
Re:Bad Sectors are Your Enemy (Score:3, Interesting)
Finally someone in this discussion who gets it. Apart from that, the speed of an AFM/MFM microscope would be a couple of bytes per second. Good luck recovering a 40 GB harddisk with that. Nobody has ever demonstrated a successful recovery of overwritten data [nber.org].
AFA
Re:Bad Sectors are Your Enemy (Score:3, Interesting)
That was an interesting link. However, I quote:
That is five minutes of acquisition time for around one byte of information. I actually thought it would be a few bytes per second, but it's even worse than that: five minutes per byte! That'd only be useful if you know where to look within many G
One Word ....... Knoppix (Score:3, Informative)
# shred [options] *
man shred for specifics but shred does NSA style wipes of HDD with as many overwrites as you want (25 is stock) then follow it up with rm -Rf * (since shred destroys the data not the "name") then once all files on all partitions are "wiped" fdisk it, one big partition and put a new file system on it.
This can be done to NSA standards with a little bit of effort.
shred is beyond any doubt the most overlooked utility in Linux/Unix.
The best hard-drive deletion device money can buy (Score:3, Insightful)
Discussed to death by experts (Score:4, Informative)
Sorry folks, I'd rather rely on my community there than a bunch of fellow /.'s (grin). Elitist? Yar!
Re:You could have... (Score:5, Informative)
Re:You could have... (Score:3, Funny)
Too late, [bbc.co.uk]man. They already did it.
Re:You could have... (Score:4, Informative)
Try the Health & Human Services - Office for Civil Right - HIPAA [hhs.gov] for some information. HIPAA is relevant to the article because it strengthened medical privacy laws.
Re:You could have... (Score:2)