A
anonymous
LOL, yeah I've had a good sledgehammer on my shopping list for awhile
now too
That'll pretty much take care of the dumpster divers.
LOL, yeah I've had a good sledgehammer on my shopping list for awhile
now too
That'll pretty much take care of the dumpster divers.
A
Arno Wagner
Previously Mr. Grinch said:
Very risky without detailed study. 1T might not be enough for
modern drives.
For mass destruction, shred or melt the drives.
Arno
A
Arno Wagner
LOL, yeah I've had a good sledgehammer on my shopping list for awhile
now too
On the other hand, it is mostly useless for actually destroing the
data. It will just make it hard to access. Still a very good method
for low-to-medium level security.
A
Al Dykes
hard to access ?
I'd like to hear how someone with an unlimited budget can read a
platter that is bent like a pretzel and way way out of balance such
that it can't be spun, not to mention damage to parts of the magnetic
surface.
I'd assume the FBI/NSA folks can read parts of the data with an
electron microsocope, and that may be useful for a National Security
case where the recovery of even a few blocks of data can disclose a
hint at a crypto key that can unlock other data. In the commercial
world I consider major mechanical deformation adequate. And I've
handled crypto material at one of the largest banks in the world.
You didn't ask how big the sledgehammer is, or how much satisfaction I
get out smashing a disk that's just caused me grief.
One advantage of physical destruction is that your boss, and your
security office can see the damage. With disc erasure software
who knows what's happening.
A
Alexander Grigoriev
I think, like CD shredders, we'll see HDD shredders soon. Some machinery to
turn a HDD to a pile of shaves.
turn a HDD to a pile of shaves.
M
Mr India
Ron Reaugh said:
Or throw it into a hot curry?
A
Arno Wagner
Magnetic microscopy may be able to do it. May cost tens of millions
for a single HDD. And there is ECC on HDDs, so you do not need to read
every bit.
I agree, unless the data on the HDD is worth many millions or billions,
(which can happen in a commercial setting, but is unlikely) and
an attacker can have strong indication that the HDD is a worthwhile
target. That means for allmost all cases, and certainly for all private
use, bending the platter gives as good as absolute security.
That _is_ an additional benefit of the hammer-method, agreed.
Yes. I did not mean to say that the hammer method is bad. I quite like
it. The statement of it not being perfect was more a theoretical
observation of little practical impact. I am sorry if this was not
clear.
Arno
M
Mr. Grinch
Arno Wagner said:
Yep, it seems expensive to me. I only mention it because at one place I
worked, this was the "corporate standard" method of treating magnetic media
before handing it over to another company paid to destroy it (cook it, shred
it, not sure what happened next).
Just curious that no one had mentioned it yet. Another factor might be that
we use a lot more optical media today that wouldn't even be affected by this.
Might be hard to justify the cost of multiple media erasing methods when a
single method can work for everything.
F
Folkert Rienstra
You think that platters will bend like pretzels, do you?
Certainly not when they're shattered like a mirror.
After the platters have been glued together again.
Of course you do if it is to be of any use.
Sure, after you heated it up to red hot glow, probably.
Of course, bending it at that point doesn't add anything to it anymore.
Certainly not when they're shattered like a mirror.
After the platters have been glued together again.
Of course you do if it is to be of any use.
Sure, after you heated it up to red hot glow, probably.
Of course, bending it at that point doesn't add anything to it anymore.
S
Shailesh Humbad
Yep, it seems expensive to me. I only mention it because at one place I
I think no one mentioned it because my original post was for home
users, not big corporations or secret government agencies. The
destruction methods employed by the latter sure are fun to talk about,
but not all that practical.
Anyway, can it be safe to conclude, for the average home user selling
off an old hard drive, the statements below?
A. Simply formatting (conventional NTFS Quick/Long or FAT32) the hard
drive is insufficient to be sure no data remains on the drive.
B. For modern drives, lets say > 500MB, over-writing the entire drive
once with zeros using a special utility should be employed.
C. For older drives under 500MB, writing with random data at least
three times should be employed.
Make whatever qualifications needed to enhance the above statements.
I think no one mentioned it because my original post was for home
users, not big corporations or secret government agencies. The
destruction methods employed by the latter sure are fun to talk about,
but not all that practical.
Anyway, can it be safe to conclude, for the average home user selling
off an old hard drive, the statements below?
A. Simply formatting (conventional NTFS Quick/Long or FAT32) the hard
drive is insufficient to be sure no data remains on the drive.
B. For modern drives, lets say > 500MB, over-writing the entire drive
once with zeros using a special utility should be employed.
C. For older drives under 500MB, writing with random data at least
three times should be employed.
Make whatever qualifications needed to enhance the above statements.
M
Mr. Grinch
I would qualify it by saying that only the individual can decide how
important or valuble their data is, but for many people, the above steps are
enough. In many cases these are adequate deterrents such that any data
recovery would likely cost more than the value of the data.
But that's just me. I'm sure someone will say otherwise ;-)
A
Arno Wagner
Previously Shailesh Humbad said:
A. Is likely true. There are enough tools borderline idiots can use
to get data of a quick format. It is unclear (and probably not
worthwhile finding out) what a long format actually deletes.
B./C. Since we are talking home users here, unless there is
something with national security implications on the drive,
I would say that overwriting once with anything is enough.
The border below which (an expensive) recovery becomes
possible might be more in the 20GB-range, but that does not
really matter, since nobody will spend tens of thousands or
more on a drive bought cheaply.
It is something else, if you want to destroy data somebody
is actually looking for. If it is worth investing, say,
is likely to know that, then you should probably destroy
the drive.
Commercial settings are different. Still 4 random overwrites
or the like should be enough for stuff that was not too sensitive.
Getting this type of info by bribing some employees is possibly
a lot cheaper.
Arno
E
Eric Gisin
It has been explained several times. Quick and long format write exactly theArno Wagner said:
same sectors.
T
ttl
~> Yep, it seems expensive to me. I only mention it because at one place I
~> worked, this was the "corporate standard" method of treating magnetic media
~> before handing it over to another company paid to destroy it (cook it, shred
~> it, not sure what happened next).
~>
~> Just curious that no one had mentioned it yet. Another factor might be that
~> we use a lot more optical media today that wouldn't even be affected by this.
~> Might be hard to justify the cost of multiple media erasing methods when a
~> single method can work for everything.
~>
~
~I think no one mentioned it because my original post was for home
~users, not big corporations or secret government agencies. The
~destruction methods employed by the latter sure are fun to talk about,
~but not all that practical.
~
~Anyway, can it be safe to conclude, for the average home user selling
~off an old hard drive, the statements below?
~
~A. Simply formatting (conventional NTFS Quick/Long or FAT32) the hard
~drive is insufficient to be sure no data remains on the drive.
~B. For modern drives, lets say > 500MB, over-writing the entire drive
~once with zeros using a special utility should be employed.
~C. For older drives under 500MB, writing with random data at least
~three times should be employed.
~
~Make whatever qualifications needed to enhance the above statements.
Look for a freeware applet called eraser. http://www.heidi.ie/eraser/ You can
overwrite files, clustertips, directory entries and freespace using default
overwrite profiles or your own custom profiles. I have tested the basic
functionality of Eraser using Disk Inspector http://www.theabsolute.net/sware/
to look for files that I erased using different custom patterns. In every test
the directory entry and file were erased. I tested this using a small partition
and created a file that contained a unique searchable string. I then used Disk
Investigator to find the file by searching for the string. I noted the address
of the file and used Eraser to delete the file. I then used Eraser to overwrite
the file using the US DoD 3x overwrite. When I looked at the specific addresses
there was nothing but random data. I tried a variety of tests against specific
files and against freespace and at no time could I find any trace of the
original file.
I have high confidence in Eraser, however I cannot test the advanced techniques
that use signal processing to predict what the Nth generation bit might have
been. I did indirectly verify that overwrite X times does perform as stated by
creating a custom overwrite with specific bit patterns, running this overwrite
and cancelling it before it completed. I then inspect the file address on the
disk to see what bit patterns are in evidence and how they correlate to the
order of the bit patterns in my test case.
Be careful beating old platters with a hammer. Some manufactures switched to
glass platters a few years back. No point in getting shards of glass in your
eye.
~> worked, this was the "corporate standard" method of treating magnetic media
~> before handing it over to another company paid to destroy it (cook it, shred
~> it, not sure what happened next).
~>
~> Just curious that no one had mentioned it yet. Another factor might be that
~> we use a lot more optical media today that wouldn't even be affected by this.
~> Might be hard to justify the cost of multiple media erasing methods when a
~> single method can work for everything.
~>
~
~I think no one mentioned it because my original post was for home
~users, not big corporations or secret government agencies. The
~destruction methods employed by the latter sure are fun to talk about,
~but not all that practical.
~
~Anyway, can it be safe to conclude, for the average home user selling
~off an old hard drive, the statements below?
~
~A. Simply formatting (conventional NTFS Quick/Long or FAT32) the hard
~drive is insufficient to be sure no data remains on the drive.
~B. For modern drives, lets say > 500MB, over-writing the entire drive
~once with zeros using a special utility should be employed.
~C. For older drives under 500MB, writing with random data at least
~three times should be employed.
~
~Make whatever qualifications needed to enhance the above statements.
Look for a freeware applet called eraser. http://www.heidi.ie/eraser/ You can
overwrite files, clustertips, directory entries and freespace using default
overwrite profiles or your own custom profiles. I have tested the basic
functionality of Eraser using Disk Inspector http://www.theabsolute.net/sware/
to look for files that I erased using different custom patterns. In every test
the directory entry and file were erased. I tested this using a small partition
and created a file that contained a unique searchable string. I then used Disk
Investigator to find the file by searching for the string. I noted the address
of the file and used Eraser to delete the file. I then used Eraser to overwrite
the file using the US DoD 3x overwrite. When I looked at the specific addresses
there was nothing but random data. I tried a variety of tests against specific
files and against freespace and at no time could I find any trace of the
original file.
I have high confidence in Eraser, however I cannot test the advanced techniques
that use signal processing to predict what the Nth generation bit might have
been. I did indirectly verify that overwrite X times does perform as stated by
creating a custom overwrite with specific bit patterns, running this overwrite
and cancelling it before it completed. I then inspect the file address on the
disk to see what bit patterns are in evidence and how they correlate to the
order of the bit patterns in my test case.
Be careful beating old platters with a hammer. Some manufactures switched to
glass platters a few years back. No point in getting shards of glass in your
eye.