Software used revealed!
del *.*
Which? Computing has lost faith in wiping technology and advised punters to take a hammer to hard discs they intend to get rid of. Reg readers and experts have slammed the advice as misguided and irresponsible. The possibility that dodgy sorts might be able to recover deleted data with the help of specialist software from PCs …
I routinely have to get rid of drives - I use the hammer method not because of paranoia, but because it's quick, easy, and rather cathartic.
In general, a single good whack with a heavy hammer is enough to shatter the platter into a million glittery fragments, without producing much more than a dent in the external casing - you don't need to obliterate the entire drive...
Anyhow. Didn't the reg have an article about what amounted to ten grand's worth of vertical drill, intended to fulfil the same role?
Safety glasses, obviously...
www.dban.org
"The Government Of Canada recently awarded GEEP Ecosys a three-year National Master Standing Offer contract for the EBAN data sanitization product and its related portfolio of computer recycling, asset disposition, and data destruction services."
Should be good enough for most users then.
" has a long history of offering sensible advice " - yeah right. Crock o' shite. It's a very long time since their advice was sensible on just about anthing - it often sounds sensible, but on any topic I've known anything about, it's been clear that they know an awful lot less, and their advice is often pretty terrible.
Mediocre advice based on a poor understanding of the point of the products being reviewed more like. The sort of firm that is likely to make a car a best buy because it has a three cd changer whilst ignoring a poor reliability record.
And their main sales technique for about a decade was exactly the same inertia selling so beloved of all those book-of-the-month club pirates.
"Imagine the injuries people will sustain (especially with shattered glass platters), not to mention the waste of good hardware," Compton said.
Glass platters?? I've been doing IT for many years and taken apart dozens of hard drives (I have HD magnets all over my fridge), but have yet to encounter a disk platter made of anything but aluminum. If they were glass, it would make destruction a lot easier.
'Both Reg readers and experts...'
Surely there are more than two readers of the Register.
'...the BBC's decision to uncritically report on its findings, alongside a how to box-out.'
A How-To boxout? - detailing the weight of hammer to use, how high to lift your arm, which end to hold and who to get to hold the drive, no doubt.
Silly story on an inadequate testing regime (not regimen, BTW).
"Which? is published by the Consumer Association and has a long history of offering sensible advice on everything from car maintenance to home finance and computers"
Nope. Which? has a long history of offering worthless, crap, wrong-headed and misleading advice whenever it gets involved with anything technological.
Even when it brings it people who DO understand tech to try and turn things around, it's never long before they succumb to the mysterious quantum-Luddite field that apparently permeates Which? HQ.
Call me paranoid but I don't give used hard drives, I take them apart, and dispose of them in the local metal recycling bins.
Reconstructing them is beyond the means of most people, sure if the spooks want to get the data off they will but if the spooks are interested in what I'm doing then I've got bigger problems!
Disklabs just appear to be protecting their market.
On a 80GB hard drive, this takes less then an hour....
dd if=/dev/zero of=/dev/sda bs=100MB
erase hda, hdb, sda, sdb, or whatever your live distro designates as your hard drive. Avoid error by unpluging any useful hard drives. A 320GB hard drive took under 3 hours. Checked with some common recovery software and a hex editor. It's all zeros, unless someone has a real yen for spending serious cash and time on extreme data recovery methods, end of story. Just make sure your donated hard drive blends in with the majority of nothing on me useful hard drives.
You have just made my life even harder.
One of the things i do to help individuals and community projects around where i live is i recycle old PCs for those who need but can not afford them. in doing so i have helped children with school work, student finish university and the long term unemployed gain new skills and employment. And my biggest problem - hard drives. Every one gets so worried about what information is on the drive they remove them before passing them on ( despite the fact i received a pc last year with no hard drive but with a home made dvd left in it that although i did not view i guess from the title was not for public distribution) . i scrub drives and try to pull data off them if i can recover data i start again until i can not recover anything. I'm sure many people are better than me recovering data but the people i'm passing the Pcs on to are not among them. So the risk of data theft has to be minimal. But now i guess this will mean i have to go and buy more hard drives so thank you which...
"Having lost faith with data destruction, on the basis of its experience with one wiping tool,"
Important word missing here: "free".
Yeah...if I had data which, if it fell into the wrong hands, could significantly jeopardise my financial wellbeing and possible my personal security, then I don't think I'd be bothered to invest a few quid in a tool to delete the data properly.
Pay nothing, get nothing. Sounds like to data "destruction" software was perfect value for money
Despite a number of data-wipe tools available that meet US DoD criteria, and services from companies like DiskLabs, I still hear of companies that regularly take hammers to disk platters as part of their decommission process. And as for the environmental aspect, I'm also told there are companies simply advertising a disposal scheme where the kit is "sold" to 3rd world countries where the checks simply aren't in place and the cost of a getting a batch of a hundred drives hammered is on the peanuts scale.
One idea we have looked at for desktops is drive encryption - the week before disposal simply encrypt the whole drive, then format it, destroying the file table. Then, even if you get a data thief smart enough to work around the lack of volume information, all he's going to recover is encrypted data that he will need a supercomputer to crack. 256-bit AES should be good enough for a good few years.
There is a good argument for the protection against shrapnel etc but I'd have to agree with Which in that the only real *100%* way to destroy your data is to physically destroy the disks. Something many companies do in fact. If you want to read more information the problems involved in destroying and recovering data, particularly on an ntfs system you can go to the grc site and microsoft's aquired site sysinternals. One of the main issues is that on an ntfs (windows 2000, xp, vista, server family...etc) if you write different information to a particular byte in a file, the physical location where the information is written to is different than the original location. So writing 1's and then 0's to a particular byte in a file ends up with several physical entries in multiple physical locations on the disk. While there are tools to get around this (mainly by bypassing the os and file system), you still have the issue of removing the data effectivly from the disk material. Given that data can be recovered even from a burned disk, I'd be very sceptical of any tool saying that they can completely remove the data via software. Physical descruction is more and more looking like the only reliable way.
I seem to recall a story on here that even a 7 times random over-write is not enough to guarantee security. Personally I hold all that kind of stuff on an encrypted USB dongle (a couple of hard stamps with heavy boots on would sort that out).
Although I really doubt whether or not an ID theif has 1) the skills and 2) the patience to use the forensic methods needed to recover data from a programmatically wiped drive. My bet is that they would use Recuva (or similar) and see what turns up.
Drive destruction is the *ONLY* way to guarantee security (and I further recall a piece of puff on here for a device that mechanically did just that). Me? Disc open, platters out, goggles and gloves on, smashy-smashy.
I saw a gaming magazine article on hard drives, in which they threw one off a building, burnt it, drove over it with a car, and smashed it with a hammer. After all this, it was pretty easy for a professional recovery service to recover a large majority of the data on the HDD, and this was 5 years ago. Smashing it with a hammer surely isn't going to do that much to it unless you've magnetised the head.
While I've found that Which? isn't actually that bad at recommending things (and their legal team actually helped my parents recover about 2 grand for pretty much nothing in return), however recently they seem to have got more and more tabloidy in efforts to boost sales, and less and less objectively critical. It's a shame, because their reputation means that a lot of (possibly older) people) are going to believe anything they say.
Solution to the shrapnel in eye situation? Goggles.
And who throws away perfectly usable and working drives? If I'm going to throw a drive in the bin, it's because it's either broke, or too small to be usable by anyone - ie. a charity would likely ditch it anyway. Who, in this day and age, can actually make use of a 500MB hard drive?
Finally, if your intention was to throw a drive in the bin regardless, whether you smash it up or not beforehand doesn't mean a charity has lost out.
is truly a dangerous thing.
When I sold ultra-scsi drives from my Mac (yes, on eBay) I used the Mac's disk utility for a 7-pass overwrite on each drive. Left it running overnight as it's a loo-oo-oong job.
I suppose the well-funded spook fraternity just might have been able to glean some info from it (Whacqui's lads strike me as not having the competence) if they really, really, really wanted to.
I believe it is sufficiently secure to satisfy all but the most paranoid/obsessive - but if not, there's always the 35-pass overwrite, but that takes an eternity. Good option if you believe you have black helicopters in your belfry, though.
I can see the wisdom here, although it does seem a tad irresponsible.
AFAIK, there is a limit on how abrasive a delete program can be (I seem to recall Norton Utilities having a secure delete program that deleted files and overwrote them 7 times with random data.)
But since the writes are never in the same place, it may still be possible to use more in-depth tools to recover data, and brings the debate back into focus over how deleted really is 'deleted'? (It's a contentious issue since in the extreme pr0n debate it seems to be legal if you delete the material before the law is enforced and do so in a way that invalidates the ability to undelete it again.)
It has been said before elsewhere that the only *truly* secure method of destruction is to damage the media in such a way that it cannot be reconstructed, and indeed a hammer would do just that.
Some of those disk platters are made from glass, and when they shatter they pretty much explode a cloud of tiny, sharp fragments everywhere. That is really very, very dangerous. I have had this happen to me.. not a good experience.
Darik's Boot and Nuke - http://sourceforge.net/projects/dban/ - works well for me. Boot from a floppy or flash drive and just let it run.. the hard disk is utterly overwritten after a few hours.
Alternatively, take the old hard disk out and just put it in the loft or something. They don't exactly take up much space.
Overwrite all of your hard disk once with zeroes, using free software such as Darik's Boot and Nuke.
I guarantee that nobody at Which?, or indeed anyone else will be able to recover a single file.
The hard disks they bought from eBay must have been "erased" with something as trivial as a delete or a format.
Most people already have a hammer. Even if they don't, a hammer is probably cheaper to buy than a disk wiper, and is likely to be used far more often, and represents a much sounder investment. If someone really wants to stop someone else getting hold of data from an unwanted PC, it seems much more likely they'll take a hammer to the drive rather than go out and pay money that they won't see any return on.
I've done it myself on a couple of drives, though they've been failed ones and I've just been venting my frustration.
Hard drive technology has been marching apace, which means that by the time you come to replace yours it will probably be intrinsically worthless. No point selling it on eBay, then -- and the advice to dump it on the third world is arguably patronising and ungreen. If you can no longer find a use for it yourself -- get rid of it.
And before you do that you need to ensure the data on it is irrecoverable. Yes, I'm sure the channel would like to sell you some proprietary software to do this, and of course it will be "certified" by somebody or other. But the average end-user has no way of testing whether the software does what it says it does, and will just have to trust blindly the blurb that talks of "military-class data deletion" or whatever.
Forget it. Taking the usual precautions that would apply when using a hammer on anything at all, destroy the drive physically.
--
Chris
taking the back off, filling with petrol and setting a match to it is always my personal favourite - not much shrapnel either.
Alternatively, if you absolutely have to eliminate every last mother-**cking hard drive in the rook - AK47 - accept no substitutes.
Or if you can't get hold of one, take off and nuke the hdd from orbit - it's the only way to be sure.
Flames, flames flames :)
Just use an EEEPC701 (linux) for your personal stuff, banking details, Pr0n etc. and make an 8G SD card your /home drive.
If the computer goes titsup, then remove said card, and swallow it. After it spent a week or two in a Victorian sewer, even 'I' wouldn't want to get the data back. 'Specially if I'd washed it down with my local reastaurant's "Toilet Pan Pebbledash Splatter Special" (Beef Vindaloo and Guinness). And used the lavatory there - bring your own bogpaper, f'chrissake!)
That's what I'd do. Exept the eee hasn't broken. It's been nicked. Shafted that idea, but...
OK, maybe I'm missing the point here, but do Which? not test products and give the "low down" on those that work, those that don't, and those that are the Best Buy!
Would it not have made sense for them to test a rage of secure deletion software and then publish their findings.
As for breaking up the hard disk with a hammer - unless you destroy the patter, there are still companies that can retrieve data from the disk (yes, expensive, and would probably only be done by MI5, CIA, MOSAD, but it can be done). So the Which? advice to physically break up the disk is flawed
Personal injury from flying glass from disk platters? Disks are encased in steel, so I would expect a bang or 2 from a sledgehammer to crush the case & break the glass within, but I wouldn't expect any flying glass. You could even tie it in a plastic bag or 2 first to be doubly sure.
Paranoia over used drives seems such a waste.
Neighbours called on me a while ago, holding a shiny silver disc and asking to borrow a hacksaw to cut it up. They had upgraded their Mac and destroyed a fully-functional drive that was only a few months old.
Perhaps the computing museum at Bletchley Park could be persuaded to host a small range of security software and advice on their website. This ought to be be one of the better places to provide public education.
...there ARE such needs, but these usually fall into the State level of importance (either military or espionage). In which case, where the adversary has state-level resources to recover even the most microscopic iota of potentially useful information, then indeed physical destruction has its uses, though the preferred method in this case would probably be an incinerator rather than a crusher.
Nonsense, risk of injury. I happen to work in a pc shop, and have whacked a lot of old drives with hammers. No injury jet- as pointed out above, you dont take them apart and hit the platters individually. It is a reliable method of data destruction, but the main reason i prefer it is that it's fast - running a 35-pass guttman over all the old drives would also be reliable enough, but take days.
Beaten to it :)
They manage to make the Gadget show look like experts presenting in depth reviews. Its frightening reading descriptions with only a passing similarity to tech toys I own and their inability to notice glaring bugs is unbelievable.
The only thing Which? get right is the reliability figures for long lived items. IT toys are obsolete long before Which? readers can submit enough reports so even that doesn't work. They're part of the decline in standards, so happy that anything works at all they ignore glaring faults and drag their readers along with them.
While his paper on the recovery of overwritten data may have been useful to the "security services" and those who oppose them recovering data that has been overwritten using dd or similar is beyond the reach of any "identity thief".
If you're smashing drives to remove data then you're just throwing away assets -- though admittedly hard drives aren't worth all that much on the second-hand market.
Please, just stop hammering drives and enable full-drive encryption or dd zeros all over the drive or, if you're ultra-paranoid, get a wiper that'll wipre the drive to DOD standards.
You would think in today's "Carbons" mad society people would be against such waste.
Clearly the solution is to turn the drive into a flea
put the flea into a box ... put that box into another box ... mail it to yourself ... and when it arrives ...
SMASH IT WITH A HAMMER
http://uk.youtube.com/watch?v=5Cx7jzq2Bx4
If you want 100% confidence the data is destroyed that is, most of us are content with less that 100%.
If you want 100% confidence in things, you best not leave the house, cos you cant be 100% sure you want explode if you do ...
How dare stupid idiots like Reg readers try to dispose of or recycle hard drives themselves. Imagine one such dim-wit hitting his own finger. Or picture the horror of getting a glass sliver in one's eye. Don't think that the glass inside a hard drive is inaccessible. One hit with a hammer, and it may escape the case and rush into your eye. Blindness, hurt fingers and even madness can be the only results of such a foolish enterprise.
Instead, use a professional tool provided by our sponsors, which for only £500 or so will have some chance or recovering your data, and without that terrible chance of personal injury.
Now thank us for saving your life.
Back at HackCon #2 a couple of years ago, and he said that overwriting the entire disk TWICE is enough. As long as it's NOT just writing Zeroes, of course.
Random data, or an odd/even bit-pattern will all work well.
(This guy worked mainly on data recovery)
Mine's the one with the pass to Hackcon #4...
Surely your hard drive is already encrypted anyway so why do you care?
ps. The 7 level of zero-random-zero etc is a holdover from MFM drives when it was quite easy to read data underneath a zero, they were also famous for head wander so the new track didn't align over the old track. With modern high capacity GMR drives there is no need to multiple write.
The reason classified drives have to be thermited is that data might exist in a sector which has been flagged as bad by the disk controller so the overwrite software will miss it.
There is also potentially useful data such as fist/last read/write date stored in the SMART controller that might be useful for three-letter-agency types.
I've used a 5 lb sledge hammer to flatten the drive (still in its case, mind. No shrapnel risk that way--but most drives do not use glass platters these days).
A better way is to disassemble the drive. Lacking the tiny torx driver needed to remove the platters completely, I simply took a pair of pliers and bent each (aluminum) platter until the platter assembly wouldn't turn anymore.
For good measure I removed the circut board and ripped the heads/arms out with the pliers and removed the drive magnets too.
I'm sure the CIA/NSA/KGB/spook agency of choice could still have recovered some data from the 8 year old drives--but happily this is not a major security threat in my industry. :)
Stick your wife's lover's details on the 'puter. Bank, SSN etc. Plus the home pr0n videos they've made together. Photos of his kids would be the "Cherry on the cake" (Oops-sorry. Gorra pop out to sign the Bike-shagging register.)
Make the hard drive almost "virgo intacta" with something like "shred" from - e.g. a knobbix disk. Except from anything mentioned above. Plus Vista, to ensure effective 'penetration' (chortle) of the box (snick, snick, I kill myself, I really do!)
THEN flog the fuc*king thing on e-Bay
Preferably to the News of The Screws 'newspaper' (titter)
MWAHAHAHAHAHA!
From what I've read on professional drive recovery techniques, recovery after a wipe with zeroes is easier than after a wipe with random data.
If you're worried about professional recovery then spend the time and use a couple of passes of /dev/urandom. Alternatively, just format it and relax, safe in the knowledge no-one other than Which? will spend valuable time and energy trying to recover your old porn.
Detail from Mac Disk Utility:-
"Writing data over the data 7 times meets the U.S. Department of Defense (DoD) 5220-22-M standard for securely erasing magnetic media."
I haven't troubled myself to check out the standard, but with all the paranoia associated with the military - especially since the inception of the DoHS, I reckon it's probably safe enough for general use.
My understanding is that the data actually written to the disk is essentially analog. (Say between -128 and +128). Each write move it to nearly fully positive or negative, however there is some trace of the previous value. Eg a "1" overwritten with a "0" will be at analog -110, whereas 1 "0" overwritten with another "0" would be at analog -120. Both will normally read back as logic zero, but careful data recovery can tell the difference.
1. Is this correct?
2. If so, is an external tool (eg MFM) required, or can the disk's own hardware be programmed to report the analog value?
3. Also, if there is any such redundancy available, why aren't the HDD manufacturers already exploiting it together with error-correcting-codes, as a way to increase capacity?
4. Is a single pass with dd really good enough for deletion? Or is the page at
http://16systems.com/zero/ just irrelevant?
5. If the drive is merely opened, and then the platter bent double with pliers, is that good enough to frustrate most data-recovery tools?
[Incidentally, a very few disks do have glass platters; namely the older IBM De{sk,ath}Stars. The nice thing here is that you can shatter the platter without even having to open the disk. Most drives have aluminum platters.]
I work for organisations which store details on children... when the servers are decomissioned the drives are destroyed with hammers... then disposed of with the rest of the confidential documents... there is no way I could risk my position with the use of some disk erasing software...
I know the feasibility of recovering data from a properly wiped drive, and the odds are noone is really going to try too hard at it, but it requires a lot more skill to piece together broken controler boards, chipped, delaminated and bent platters and then recover data...
as with many organisations, no hard drive with our data would EVER go to any charity...
Perhaps you should read the link David Stark posted earlier (Here it is again for you: http://16systems.com/zero/) Three separate data retrieval companies said they couldn't get a single thing off a disk that had been overwritten with zeros just once. As of yet, no other data retrieval company has contacted them claiming to have the ability to do it.
Ergo, one assumes that it is safe to do just the one overwrite, and that the multiple (random data) passes of DBaN are not only sufficient, but massive overkill.
Take out plateers and apply sandpaper - now THAT's what a call wiping a disk clean!
How about filling the disk with epoxy resin or silicon sealant? It'd be a bitch to recover that.
Blow-torch/oven/crematorium - melt the thing down.
Look into suitable chemicals to dissolve platters - plenty of fun to be had experimenting.
Take it to PC World - if the disk was readable before, you're damn sure it won't be afterwards. Unless, of course, your Gary Glitter.....
The witch from Which? is on the radio now and has not mentioned any secure erase process - only the delete key. So it might well be that opening the recycle bin and "restore" would work.
These idiots need to find real jobs.
Paris - because she knows all about protecting her information.
Hammers? You guys are crazy. Every so often we take discarded drives and shoot them with our handguns. Incidentally the .40 caliber bullets do go further into a platter then the 9mm ones. I still prefer 9mm ammo though for its price and convenience. Anxious to try out my new Glock 26 my wife got me for Christmas on some hard drives soon. I'll try to post some pics.
Are you really trying to protect your data from the NSA and GCHQ? Do you really think that they want the information on your disks?
If not, then read some of the comments about wiping and DoD standards above. You could also try watching the BBC report about the Which report in which a spokesman for a data recovery company states that a drive overwritten with zeros can't be recovered.
Could anyone who is advocating hammers please point me to one source that states that data has been recovered from a drive overwritten with zeros?
I'm not some bleeding-heart "charidy" type person or a "Carbons" head but not giving hard drives to charity or selling them because a guy once said it /might/ be possible to recover data from hard drives that have been overwritten with zeros is paranoia bordering on clinical.
Easy enough to play on the paranoia of people who have no knowledge or experience of the topic. Last time I caught "Which" at this it was a report about finding e-coli on a popular beach. Horrors! Of course e-coli is one of the most widespread bacteria in existence, and no one is ever more than an arm's length away from it (it lives in your colon, hence the name). The general public and most journalists have not twigged that there are different strains, and that only the 0147 strain and a few others which are NOT common are dangerous.
The e-coli-on-a-beach story got "Which" national media coverage. Looks like this has as well. That's the point of it. They are not as ignorant as they make out. Probably.
Not any more. Modern drives use glass platters - smash them and there is 100% no way to recover the data.
As for deleting in general, it depends what you want to do. overwriting 7 times will prevent recovery by any data recovery software (free or otherwise) and 30x is good against commercial disk labs, leaving only governments (and out of world governments, I suspect only the USA and friends)
Of course, a much more sensible approach is to have always had it encrypted anyway.
We're not using MFM or RLL drives any more. Secret voodoo data pattern guys please take note. This has been done to death and the consensus is that DBAN on 3 (if you're in a hurry) or 7 (quite safe) pass random+zero is sufficient for any modern drive. Anyone using the Gutmann 35 pass either doesn't know what he's doing or has far too much time on his or her hands, and this was decided back in 1996 by the man himself. dd if=/dev/urandom of=/dev/hdN a few times followed by dd if=/dev/zero of=/dev/hdN will achieve exactly the same thing. DBAN gives you a progress indicator and a nice interface, though, and since it's free there's no reason not to use it, apart from possibly predictable entropy using a live CD.
http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
Back in the '80s I know that while the US was happy to declassify drives after they'd had an approved wipe algorithm run on them, the UK's MOD considered that there was no guaranteed secure way to erase a drive. I once saw a service tech take a hammer to a defunct 20MB drive in the presence of the site security chief. Old floppy disks were destined for the shredder. It makes me wonder whether:
1. The UK's GCHQ was better at data recovery than the US's NSA, or
2. The US knew they could still read it but that noone else could, and gained benefit from everyone adopting the US standard wiping algorithm.
3. Both of the above (as in the UK didn't let on and the US didn't consider that perhaps they weren't the best)
Certainly it's possible to recover data after a simple wipe to zero. Even a random data wipe is recoverable with the correct (but expensive) kit - a '1' in a magnetic domain is slightly different strength depending on whether the last write kept it at 1 or changed it from 0, and if you're good enough you can detect longer sequences.
Wiping the hard drive works great if the hard drive is fully functioning. I'm usually throwing them out because they aren't.
The sharp end of a slate bar stabbed through the hard drive works great and keeps your face clear of the platters. Yes, many are glass now. Not window glass, but non-crystalline solid.
What most commenters seem to overlook is that if you take a hammer to the platters, there is a chance the info is still in the platter, intact. Sufficiently advanced forensics might actually extract the data if the platters remain undamaged, as most average users will assume that hammering the outer shell until the HD is in an unworkable state is enough.
If you really have to do this, *first* do the datawipe, *then* do the BOFH treatment on the thing. Oh, and damage the actual platters, not just the outer shell.
Overwriting ONE time is enough to make data unreadable. Any data recovery expert will tell you that.
If it was possible to recover previously-written data, then someone would certainly have exploited the phenomenon in order to increase storage capacity. At some point in the past, this would have been the cheapest way to do it.
Methinks this report was sponsored by a HDD manufacturer .....
What's wrong with dd, you may ask? Though it will totally and entirely destroy your data in no time and for free (and is installed on pretty much any box worth that name), it's no fun. I say, 10N acetic acid, then potent electromagnet, then shotgun, then thermite. Then axe. And sledgehammer. And blender. Only way to be sure (at least that's what I told the missus).
Of course anyone able to recover data after a pass with dd would also be able to recover it after the funnier procedure.
Yeah thermite is fun, but if its home made, you have to be very careful.
I also like to use the hard drive as a target.
A 7mm Rem Mag round through the drive definitely gets the job done. As to shrapnel, not really a problem when shooting 100+ yrds away.
Yes, its lots of fun and yes it takes some skill to hit these smaller drives at that distance.
They obviously used some simple file deletion tool rather than actually wiping the drive.
Any complete drive wipe prevents software-only solutions, but possibly not hook-up-a-sensor-to-the-drive-circuitry-and-read-off-the-analogue-value-of-each-bit solutions
3 pass random fill will pretty much prevent that, and possibly prevent magnetic force microscopy (which may or may not be actually used by intelligence agencies, but certainly isn't used by identity thieves#
This is sufficient for drives you're passing on. For ones that are going in the bin anyway, I suppose hitting them with a hammer AS WELL can't hurt, but physical damage certainly isn't as effective as a proper wipe. (For people saying that newer drives are glass and shatter easily, people mostly throw away older drives). I only attack drives which have failed so badly I can't boot my computer up with them connected
OK, so the theory is that whatever is first written on a hard disk can be read even if random gibbering is superimposed. So ... when you first get the disk, fill it up with random gibbering. Or with jpgsof Jacqui Smith, if that floats your boat. Then use it for your oh-so-secret data and do another overwrite when you've finished. The best the Bad Men will be able to recover is the initial randomness or pictures of the Wacky One, which may be offensive but aren't illegal.
Today we got this piece, one of many hard disk scare stories.
Yesterday we got a new 'we can clone the dodo' story.
Both cloning the dodo and recovering data after overwriting are roughly* of the same difficulty and cost.
Why do we not get articles from Which? suggesting we take our dead pets to the nearest biological research establishment and ask how much they charge to clone a new one?
*OK, within an order of magnitude or three. But with these odds the difference isn't significant.
Throw it in a BlendTec? Now that's a thought.
And A J Stiles, while it is possible, given sufficient resources, to attempt to recover data that has been overwritten even multiple times, it is not only time consuming but NOT GUARANTEED. But in the realm of secrets, you may not need the whole secret to deduce what's missing. Or the secret may reside on a part of disk the controller skips because it thinks it's bad, and so on. Like I said, at the state level, the only safe method of ensuring the destruction of sensitive data (and the hamnmer doesn't suffice here--state-level adversaries may have the time and resources to analyze fragments or even recover the pieces) is extreme-temperature consumption either though a high-temperature incinerator (what I mentioned) or by coating in burning thermite or the like (what someone else mentioned).
I like the following prescription for destroying old Data on Hard drives:
Purchase aluminium powder off EBAY
Purchase Iron oxide powder off EBAY
Mix together in equal amounts
Place Hard drive on concrete surface or old Bricks - at least 3 meters from anything flammable
pour aluminium and iron oxide mixture in a pile on old hard drive
stick a couple of sparklers in the top
Light sparklers and stand well back....
Enjoy!
Not as satisfying as hitting with a hammer but still quite fun to watch anyway
Some contributors here ought to get a clue or STFU.
I haven't noticed anyone here pointing out that the advice re multi-pass erases might well have been relevant to drives from the 1970s but is irrelevant to recent drives. Back in the 1970s you could get a few MB on a disk drive that filled the whole width of a 19" rack, and given the right kit and a following wind you did have a bit of a chance of reading data that had allegedly been overwritten. One popular tactic was to position the read head so that it was slightly off track center, and hope that the resulting signal revealed something about what had previously been there. Multipass overwriting reduced the chances of that kind of tactic revealing anything useful.
Drives these days fit hundreds of GB in a 3" diameter platter using entirely different recording technology and aren't vulnerable to the same data recovery exploits. Go read about (for example) PRML, where the miracle is that you can read the data at all, and there's no way you could read data on a given track once it had been overwritten, and not much chance you could meaningfully reconstruct a chunk of an identifiable file from a few fragments of disk surface.
The most effective and dramatic demonstration of "wiping" a disk of confidential information I ever saw was when one one of our technical support people used a cordless drill to drive a deck screw completely through the case and platters of a disk drive being retired.
Given that it would have taken something like 18 hours to write/rewrite the drive (using "dd"), as well as the staff time it would have taken to install the drive and then remove it afterwords (about an hour), it was cheaper for our organization to simply scrap the drive than send it out through channels for re-use.
It was astonishing to see how fast the deck screw burrowed its way through the case.
My god! Someone think of the children!
If you use a software package to destroy your data, you could expose yourself to severe injury if a mulberry-enraged bull elephant runs through your room while you are running the software! Or lightining could strike you through the keyboard! Or you could be hit by falling space debris! Or the LHC could suddenly come on line and create a strangelet chunk that will destroy the universe! Or God may exist and the Second Coming will occur! Or someone could switch off 'The Matrix' and we all vanish! Or....
Oh, Fur Fock's Sake, EYE DAMAGE? Wear eye protection: SOLVED!
Icon - safety glasses. Heard of 'em?
Sorry, a sparkler WON'T start a thermite mixture. I know this from personal experience. Of course for those of you who desire to use this method, a simple road flare, or gunpowder WILL (again from personal experience) start a thermite mixture.
Pyrotechnics are fun!
Yes, I did try this at home. I also did it in chemistry class (over 40 years ago) and it was quite a sight to burn a divot in the chemistry lab table (with the teacher starting the process!).
"If you need absolute assurance the data is gone forever, this method will do that"
Actually, this might work in about half of cases, but a lot of the desktop-type drives I take apart still use aluminium platters so hitting them with a hammer would still leave plenty to recover. Even smashing a glass platter would probably leave enough fragments so that a forensic data recovery team could recover some of your data.
Despite Which's claim (with little knowledge or investigation), a series of wipes/writes will destroy your data enough to make it practically impossible for the would-be data thieves to get to. The only ways to be absolutely sure would be to either grind your platter back into dust or melt it, both of which would pretty much guarantee to leave no readable trace of data.
Wiping software honestly is horribly ineffective against some of the more advanced recovery programs such as FTK (Forensic ToolKit). I've seen disks wiped with DoD-certified wiping routines get overwritten 25 times and still get recovered by FTK. I don't imagine DBAN would do any better. Fact of the matter is, the only way to ensure it's not coming back is physical destruction. Even basic software like GetDataBack NTFS can often recover several layers down.
Consider this very-real scenario: you sell your computer or give it to someone. They suffer a data disaster. Either their partition gets corrupted, gets deleted, or gets reformatted, and they need their data back. So they buy some fairly inexpensive data recovery software to get their stuff back. This software recovers not only their own data, but YOUR data which was buried a few layers deep. Now they have access to all sorts of things about you that they shouldn't have.
For reasons above, I will never sell or give away a hard disk. My old hard disks go in storage in case I need to recover something off of them or use them in another build, and at the end of their useful life are physically destroyed through any of various means. If I am giving a system as a gift, I will purchase a virgin hard disk and configure it. It also gives me the peace of mind knowing that they have a reliable drive.
Prove it. No handwaving or weasel words. Show me some evidence of data being recovered from a modern hard disk drive after even just one overwrite. You can't, because it's never been done -- and it never will be.
The laws of physics say that data overwritten once is unrecoverable with the unmodified drive, and twice is unrecoverable with any fancy analogue electronics hooked up to the drive. (The graph of magnetic field vs current applied is a hysteresis loop, so there might be a difference between a 1 that was always a 1 and a 1 that used to be a 0 before; but a digital device deliberately uses the closed ends of the loop anyway, and is designed not to be able to see the difference. Two overwrites with complementary data ensure the drive is filled with 1s that used to be 0s and 0s that used to be 1s, so even using fancy analogue electronics won't tell you anything. And the shape of the loop means you can't see anything more than one overwrite ago.) Magnetic force microscopy, if you've actually studied the papers, is so technically unfeasible as to be a non-threat.
If The Authorities do indeed have methods of recovering data that has been overwritten multiple times, then they're ultimately getting it from somewhere other than the overwritten drive -- which nonetheless constitutes a useful blind to divert attention from the *real* "data recovery" methods employed.
You're also dead wrong about high-temperature incineration. You need only demagnetise it, either with a strong alternating field (the BBC used Weircliffe machines on their audio and video tapes) or by heating it to its Curie point.
But it's still overkill, and you're still depriving someone of a useful instrument.
I'm not sure whether thermite's up to the job; I notice from an IT documentary series I've been watching that it's best practice to *first remove* the control chip *before* burning a Terminator's body with thermite. That suggests to me that it's considered insufficient to destroy the really important bits.
(A boot heel is apparently the better option.)
Analogue? well - there's this thing in magnetics called "Hysteresis" which - 30 years ago, I was told it translated as "Lagging Behind". I.e., there's only two states in magnetic material. The hysteresis relates to the curve shape as it moves from 1-->0 or vice versa.
So, check my first post in the thread about the "Toilet Pan Pebbledash Splatter Special"
Now, that's a Lagging Behind even the BOFH would be proud of!
[Wikipedia confirms:
The term derives from an ancient Greek word ὑστέρησις, meaning "deficiency", or "lagging behind"]
All you gun-happy yanks are just making me jealous (Glock 26, 7mm Rem Mag etc.)
My .22 air rifle just can't seem get the required penetration, and I'm too scared of ricochets to try my crossbow.
Damn you Britain and your draconian firearm control laws!
Paris, because apparently she doesn't get penetrated either.
When I saw the original article on the BBC site I knew it wouldn't be long before it was being hammered on here. Pun intended.
It looks like they've updated it since the original with advice from someone sensible from ZDNet.
My favourite bit is "It must be done with caution because those smithereens contain environmentally harmful materials so they should be recycled - for instance at the vendor from whom a new hard drive is purchased."
I'd love to see someone unloading a bag of hard drive smithereens onto the counter of their local PC World saying "recycle this lot will you please".
You know, it depends on who you want to keep the data from. There are data forensic experts who can read through several layers of "destruction" done using various programs. The only way to be absolutely sure that no one can ever recover any date from a drive is to destroy the platters. That's simply a fact. Of course if you're just trying to hide from a casual user without access to a lab, software destruction will probably work.
That's just nonsense. What is implied here is that there are several layers of magnetism to each physical bit on a platter. Of course we know this is not possible. Each bit, like any magnet in the known universe has just a north and a south pole. If the state of that bit and all other bits that relate to it are changed then it's simply impossible to to know what state or states it has ever been in.
It's not mystical 'layers' that are exploited but the physical (as opposed to logical) storage characteristics with their error detection and correction technologies (amongst other aspects). Decent erasure software is of course aware of these methods and also exploits them in such a way that there will be no going back.
Applying a proper erasure method to the contents of a hard disk is just as effective as physical destruction but of course retains the functionality of the hard disk. This is what should be encouraged and it would be a fine thing indeed to find such functionality built into operating systems, or maybe even the hard disks themselves, right from the start.
Jesus H. Corbett. There’s so much conflicting advice here that most people won’t know what to think.
But here’s the ultimate solution for future reference.
When you buy your next computer, get one with a solid state drive (SSD). Then use TrueCrypt’s full disk encryption (FDE) to secure it (using a strong password of course).
When the time comes to dispose of the computer/drive, simply destroy/forget the password.
Mike for his glorious:
"Wiping software honestly is horribly ineffective against some of the more advanced recovery programs such as FTK (Forensic ToolKit). I've seen disks wiped with DoD-certified wiping routines get overwritten 25 times and still get recovered by FTK. I don't imagine DBAN would do any better. Fact of the matter is, the only way to ensure it's not coming back is physical destruction. Even basic software like GetDataBack NTFS can often recover several layers down.
Consider this very-real scenario: you sell your computer or give it to someone. They suffer a data disaster. Either their partition gets corrupted, gets deleted, or gets reformatted, and they need their data back. So they buy some fairly inexpensive data recovery software to get their stuff back. This software recovers not only their own data, but YOUR data which was buried a few layers deep. Now they have access to all sorts of things about you that they shouldn't have."
It's all good, nothing to discard here! Every sentence is a pile of steaming bullcrap. Nice one. I would add that the only way to REALLY destroy the data is to melt the whole computer, powercord included. Never know which kind of personal data can remain stuck in all those wires.
"It's all good, nothing to discard here! Every sentence is a pile of steaming bullcrap. Nice one. I would add that the only way to REALLY destroy the data is to melt the whole computer, powercord included. Never know which kind of personal data can remain stuck in all those wires."
And you accuse me of being a troll? Do YOU have a degree in Information Systems Security? I do. I've worked with all the software I mentioned. It's very real. I've recovered data from disks that were wiped above and beyond the recommended number of passes with government-approved wiping schemes. Don't believe me? Dig up a demo copy of FTK (they're out there) and try it. See how you feel about data security then when you get it ALL back. Fact is, you may be able to wipe a disk with software enough times so that you cannot recover the data, but on modern hard drives this would take several days and it is far faster and far safer to just destroy the drive. Do YOU want to risk it, particularly with the cheap prices of hard drives nowadays?
Isn't there any hard scientific information out there?
Either you can't recover a sausage after only a casual over-write with zeros OR you can recover everything even after over-writing repeatedly with specially-selected data for weeks.
So that's settled then.
You know what's really sad? There isn't a shred of evidence (published papers or even, err, Wikipedia articles) cited by either side. You can't decide issues like this by debate folks! You need hard evidence.
Anyone know of any? If not, I suggest someone should set up a lab and get some. Maybe that's what Which? should have done. Given what we spend on securing our data, you'd think we'd know what we were doing, but it seems not.
I can hardly believe it.
I know that if you are a private citizen, DBAN was the only really safe economical way to go:
http://sourceforge.net/projects/dban/
http://www.dban.org/node/40
It seems that actually using the 'teh google' is too much for people, much less actually reading instructions, technical data, and knowing what you are doing while doing it.
This seems to prove that Darwin is right. Give grenades to people and see how many pull the pin, and then throw the pin instead of the nade.
To succeed in this world, you have to be smarter than the tools you are using.
As we can see from this thread, there are many different opinions about what is the best means to eliminate legacy data. Yet, none cite any active standard or recognized best practice, and all are subjective to what the writer has experienced. So, why are there such varying views on the best practice for the destruction of Digital data? This is due to the mass of confusing guidance out in the wild. Between potentially biased vendor claims, outdated standards, often half baked and potentially dangerous personal opinions, it is clear that there is a general misunderstanding about the proper means to assure that data is properly purged,
So, how does one determine what are the true best practices for Data Destruction? This is not as simple as it may seem. With a lack of common criteria, many look to reference reliable guidance that is published by an authoritative source that presents practice pertinent to the users specific needs. Although this may sound pretty straight forward, it in not always as simple as it appears.
Considering the often referenced US DoD 5220M guidance, the methods prescribed are out dated, and if anyone bothers to read the 2006 amendment, it will be noted that the DoD refers readers to build their policies on information provided by the National institute for Standards and Technology, in their special report 800-88. SP800-88 is a good start for those looking to define their sanitization policy. As a document containing guidance from government, private and academic sources, The information presented arms the reader with qualified reference for the establishment of data sanitization specific to the users own environment.
Like cars or food, no one method can be deemed the right way to sanitize data. What I mean by this is that depending on the nature of the contents of the users drive, and their regulatory obligations to protect this data, the means to handle a device can vary from simply repurposing the device within a department, the use of clear based overwrite software, or the need to purge on site and physically destroy the drive using technology that reduces the media surface to particulate no larger than 1/250th of an inch. It is entirely subjective to the data classification and determining the method necessary to sanitize data of that specific security level.
Looking at the common techniques available we can see that there are 3 levels of sanitization (as referenced by the NIST) these being CLEAR, PURGE and DESTROY. Each having different levels of effectiveness and handling issues.
CLEAR is typically conducted by overwriting the data storage regions of the drive with sequences of obfuscating data. This can be patterns of like or random data, or many passes with varying patterns, as is prescribed in DoD5220. As a Clear technology, the contents of the drive ARE subject to recovery by laboratory or forensic effort. Likewise, as software is often incapable of accessing Protected Service Areas (PSA) of the drive, information will be often left in the Host Protected Area, and in G-List sectors.
PURGE based technologies include Secure Erase and Degaussing. Degaussing is hte practice of exposing the media surface to sufficient levels of magnetic energy to achieve coercion of the individual data bits. This practice although effective when properly conducted does have a few concerns. Specifically, the fact that as drives increase in capacity, the energy required for effective coercion increases. As such, the means to degauss a current production high capacity drive will require a device upward of $50,000 USD that may not be best suited for use in a common office. Add to this the fact that this is a connectionless technology, and that the electromechanical components are often deactivated before the media surface is effectively sanitized, and the means to validate proper sanitization becomes a very complicated and costly process. Effectively, the operator of the degausser should be trained and aware of hte capabilities of the machine, so that only devices that the degausser can effectively purge are processed.
Secure Erase is a standards based purge technology that is embedded in all ATA compliant devices produced from 2001 onward. Developed at the University of California San Diego's Center for Magnetic Recording Research in conjunction with 6 major drive manufacturers, and with the guidance of the NSA, SE is a command based process that purges data from all storage regions of hte media surface including PSA information (HPA, G-LIST and DCO). This technology is the most effective means to purge data from a drive short of physical destruction. As an added bonus, the device is reusable at the end of the process. Recognized by most governments as an effective data purge technology, and the need to find green alternatives to eWaste production the use of SE is becoming a more popular option for most.
SE is not without issues, As a command based process, many BIOS and system vendors have inhibited SE from being communicated to the drive. This is as a cautionary measure to assure that no malware or virus code invokes SE and eliminates the users data in the blink of an eye. Accordingly, due to these concerns, the commercial application of SE as software has not become a reality. Accordingly, the most effective means to launch SE is through the use of purpose built appliances such as that manufactured by Ensconce Data Technology of Portsmouth New Hampshire (www.deadondemand.com ). In an appliance model, SE is not limited by host incompatibilities, and the SE process is assured to purge all media surface data storage regions. Currently, the EDT Digital Shredder is contracted for procurement (on standing offer) by Canadian Federal Government clients for the next 3 years; and is in use by a wide range of government, banking and enterprise clients worldwide.
PHYSICAL DESTRUCTION seems like a quick and easy means to assure data loss, but like the other technologies, it has it's share of issues as well. Aside from the potential for personal harm when doing it yourself, professionally contracted services need to be evaluated as well. In environments where high level classified data is handled, often the sanitization policy will dictate that the device is processed using a means that assures that the data will not be recovered ever, by any means. Sounds simple... well perhaps not..... if the device is to be shredded, the media surface must be ground to a screen size of no larger than 1/250th of an inch. This is a diameter slightly smaller than a complete data block, the smallest recoverable particle of data. Smeltering at a proper facility will surely accomplish this, but not all contractors offer such services.
As effective physical destruction is not readily available at most offices, contracted services for off-site destruction are often engaged. However, handing off unprotected storage hardware to a contractor, or their carrier poses a very significant liability for the owner of the data. The potential for the loss of the storage asset in the hands of a third party should be a very serious concern. Should a device go missing from a delivery, it will be the asset owner making the mandatory disclosure, not the carrier of the contractor... How often does this occur? More often than might be expected. One need only go to attrition.org and download their DLDOS database for a current list of third party and owner based data loss events.
For a current list of physical destruction recommendations ranging from relaibel to half baked, one need only go to youtube and search on the topic. The array of schemes presented is astounding.
Now a bit about me, I am a partner at Converge Net, a Canadian service provider that specializes in the delivery of secure efficient distributed networks. Our clients range from large enterprise to government. In an effort to aid our clients in establishing reliable security policy I had collected all available guidance from academic, gov, and industry sources and with the collaboration of a variety of industry experts, I had co-authored a guide titled 'The Best Practices for the Destruction of Digital Data' along with Dr. Gordon Hughes of the UCSD CMRR. This 55 page guide includes references to current and valid practice, and provides the concepts and references necessary for the development and justification of effective sanitization practice by security professionals, using practice that is suitable for specific security levels.
I welcome anyone interested in this guide to contact me at ryk@converge-net.com for a personal copy at no cost. Likewise, presentations on The paper are available on request.
Sorry for the wordy post.... I am just passionate about the topic.
Bleat all you like fanbois
A 4 inch masonry nail through the platters works just fine.
A technique I have used for some time, simple and effective.
We are not talking government secrets hers, putting the bits into two separate bins collected at different times makes it not worth the while of the non-secret agent to bother.
Well let's consider how and induction cook top works.... The Induction cooktop is essentially an incomplete magnetic coil, where by placing a pan with a base with iron content will complete the coil, and create heat.
The important consideration here is that the component that completes the circuit must be of sufficienf diameter and composition to effectively complete the inductive pathes. The cook top would most likely sense the completion of the
path and apply sufficient energy to heat the pan. leaving the cook top energized at full power without the presence of a pan would most likely not occur.
As a hard drive Head Disk Assembly, and platters are not iron, then it would stand to reason that placing a drive on an inductive cooktop will not accomplish much.
If the amount of energy that is required to degauss a recent production hard drive requires greater than 6,000 Oerstead, and as much as 11,000 for drives above 750 Gb, and that degaussers of this energy level are very costly, and not recommended for
in office use, then it would be doubtful that a cooktop would produce the same energy levels.
IMHO.
Take HDD, drill hole into case or remove any flaps to expose inside.
Take bucket and fill with salty pool water
Immerse HDD in said bucket, watch for bubbles
Season to taste with more pool salt
Add half cup of pool acid and stir gently
Leave stand for 1-2 weeks
Dispose of thoughtfully.
Easy