The Homemade Hard Disk Destroyer 497
Posted
by
CmdrTaco
from the if-you-can-recover-that-you-earned-it dept.
from the if-you-can-recover-that-you-earned-it dept.
Barence writes "All businesses have sensitive data they need to destroy when they replace PCs, but disposing of hard disks properly can be an expensive business. This has led one IT manager in the UK to come up with his own, homemade solution — Bustadrive. It uses a powerful 'hydraulic punch' to physically deform a hard disk, rendering it virtually unreadable, and requires nothing more than a pull of the lever on the front — similar to a drinks-can crusher. PC Pro tested the Bustadrive, and also sought the opinions of data destruction companies as to whether the device was really as effective as hoped, or just a fun way to mangle a hard disk or two."
Overkill? (Score:5, Insightful)
Underkill? (Score:3, Insightful)
Jokes aside, from the FA: "The Bustadrive, then, looks like itâ€(TM)ll thwart all but the wealthiest and most determined of hard disk hackers"
So what they're saying is, this doesn't do the job as well as something like one of those DOD disc scraper/shredder things, but it is more fun, which I guess makes it news worthy?
Re:Overkill? (Score:3, Insightful)
The paranoid crowd will argue that either method might still be able to be recovered. I thought I saw an article once here that in the real world basically debunked this myth. Physical destruction just takes the process one step further. Plus it's quicker then running some type of a disk wiping program.
lots of options out there! (Score:4, Insightful)
My drill press makes for a very effective drive killer.
Use what you got!
Not 100%, but otherwise cost-effective given risk? (Score:2, Insightful)
As the RTF states, data can be re recovered, given a financial budget & time.
But I wonder. I posed the same question to a buddy awhile back, and he suggested baking the disks in an oven at 250 degrees C for an hour. The idea being that well, yeah, sure the magnetic platters can theoretically be recovered given time, budget, and determination. But still, the printed circuit board, etc. would be melted and thus ruined. Seems just as sensible, and more cost effective given readily available tools, (and sufficient ventilation!!!)
Re:Overkill? (Score:4, Insightful)
Re:The Columbia test (Score:4, Insightful)
Re:Overkill? (Score:3, Insightful)
Someone should suggest that the Mythbusters "put this to the test," assuming their production company has the financial resources to pay for even modest data recovery services.
Even that might be effective. If you have like, a dozen drives, all of them similar, all of them wiped, one of which contains good data (or worse, a group of which once comprised like, a RAID 5 array so you need at least a few of them) you would be looking at a hypergeometric distribution, and the actual probable cost of recovering the data could grow extremely rapidly to something quite impractical. If instead, you had a big box full of used drives, five of which had been bent in half, it might actually be cheaper
Waste of Time, Money and Good Equipment (Score:2, Insightful)
Wipe the drive with software. Do it several times with different programs if you're paranoid. Set up an assembly line to do it if you have many, with each individual responsible for a separate step. Test drives prior to re-release.
People are so badly mistaken about how recoverable disk data is: they believe the same way they believe in Bigfoot or the Loch Ness monster. What a waste of good work.
Re:Overkill? (Score:2, Insightful)
Gross Overkill (Score:3, Insightful)
Re:Stand drill (Score:4, Insightful)
I'd guess the foundry people would object to contaminating their carefully selected alloy...
Re:Stand drill (Score:5, Insightful)
Dude, haven't you read the Trilogy? It takes half a book just to cross Mordor, plus there's Orcs and shit. That's way more trouble than it's worth. And have you ever tried to find Middle Earth on a map? Sure, lots of people have theories, but what with continental drift and such, it's all pretty obscure. How can you be sure the volcano you use is *really* Mount Doom in this late, degenerate age?
Re:Overkill? (Score:5, Insightful)
Re:This is just a controlled hammer (Score:3, Insightful)
Re:Overkill? (Score:3, Insightful)
Re:Gutmann was wrong (Score:5, Insightful)
Physically overwritten sectors are (almost) certainly unrecoverable. But what about remapped 'bad' sectors? AFAIK these cannot be accessed in any way by software wiping tools, but could be accessed and potentially read by tweaked drive firmware. They might be overwritten if you use the drive's own firmare erase command if it supports this.
Re:Overkill? (Score:3, Insightful)
Of course it's a security risk. If the disk fell into the wrong hands they my not be able to read everything from your system but they certainly could read bits of useful information. If it's from a RAID 5 or RAID 6 volume they may only get bits and pieces of data but something like a RAID 0 or RAID 1 volume could glean lots of useful data. Think of it sort of like a shredded classified document. RAID 5 or 6 means they may have a handful of the shreds of the document, and any of those could contain snippets of useful information like usernames, passwords, bank account numbers, etc. RAID 0 would mean you might have half or all of the shredded document. RAID 1 would pretty much guarantee that you have the full document.
In the real world, fire is a bad solution (Score:5, Insightful)
Which would be the better solution.
A small terracotta pot without a hole in the bottom of it + a small amount of thermite is the cheapest way, thermite is cheap and reasonably easy to make.
Ok, do that in your office and see how many minutes your job lasts once the fire's out.
Even if we did it outside at my place of work, we'd get complaints from the neighbors. A mechanical/hydraulic crusher/bender thing could be made into something that looks like an office appliance.
Nothing says "no data recovery" like a drive reduced to its elemental components.
Except it's not. Burning is generally a process of rapidly combining reactants, not dividing them up. Plus, it's rather environmentally unfriendly - having a cloud of smoke go up is frowned upon in most places these days.
Re:Not eco friendly (Score:3, Insightful)
I agree...
There was an article on 2600 recently about ATA Security Specification. You can apparently use it to perform a secure wipe which is what the DoD uses these days. Two passes at different offsets (-10% and +10%) to prevent recovery of magnetic data from the 'edges' of the sectors with a scanning electron microscope or something crazy like that. Rather than the crazy 36-pass wipe or something they used back in the day.
If it's good enough for the government spooks, its a good place to start for us.
There was an interesting bugtraq thread in 2005. (Score:5, Insightful)
Let me pull a bugtraq posting from 2005 out for perusal. There are other interesting tidbits in that thread too.
http://seclists.org/bugtraq/2005/Jul/0464.html [seclists.org]
===
From: dave kleiman
Date: Sun, 24 Jul 2005 15:30:30 -0400
Here is a quote directly from Peter I received Saturday, he asked to have it
passed on to the list.
-Snip-
>I'd love to hear some thoughts on this from security and data experts
>out there.
People should note the epilogue to the paper:
Epilogue
In the time since this paper was published, some people have treated the
35-
pass overwrite technique described in it more as a kind of voodoo
incantation to banish evil spirits than the result of a technical analysis
of drive encoding techniques. As a result, they advocate applying the
voodoo to PRML and EPRML drives even though it will have no more effect
than
a simple scrubbing with random data. In fact performing the full 35-pass
overwrite is pointless for any drive since it targets a blend of scenarios
involving all types of (normally-used) encoding technology, which covers
everything back to 30+-year-old MFM methods (if you don't understand that
statement, re-read the paper). If you're using a drive which uses
encoding
technology X, you only need to perform the passes specific to X, and you
never need to perform all 35 passes. For any modern PRML/EPRML drive, a
few
passes of random scrubbing is the best you can do. As the paper says, "A
good scrubbing with random data will do about as well as can be expected".
This was true in 1996, and is still true now.
Looking at this from the other point of view, with the ever-increasing
data
density on disk platters and a corresponding reduction in feature size and
use of exotic techniques to record data on the medium, it's unlikely that
anything can be recovered from any recent drive except perhaps one or two
levels via basic error-cancelling techniques. In particular the the
drives
in use at the time that this paper was originally written have mostly
fallen
out of use, so the methods that applied specifically to the older, lower-
density technology don't apply any more. Conversely, with modern high-
density drives, even if you've got 10KB of sensitive data on a drive and
can't erase it with 100% certainty, the chances of an adversary being able
to find the erased traces of that 10KB in 80GB of other erased traces are
close to zero.
Peter.
===
Re:Overkill? (Score:5, Insightful)
There is one simple thing about physical destruction. It is obvious to an observer that the drive is unusable. If someone has a pile of drives, one before DBAN, one after, it wouldn't be hard for someone to move some drives into the after pile either as a prank, or perhaps to get the information once it leaves the location. Physical destruction prevents this from happening, because almost anyone can tell the difference between a pile of scrap metal and a hard disk that looks like it might function.
Re:Overkill? (Score:5, Insightful)
Re:Overkill? (Score:3, Insightful)
With normal FS format options, that would only take care of a very small portion of the drive (FS metadata doesn't consume that much space) - it would be pretty easy extracting useful data using plain old software. A single-pass disk wipe would be a lot more useful :)
Re:Gutmann was wrong (Score:5, Insightful)
Re:Overkill? (Score:5, Insightful)
Also, NIST has three levels of HDD "wiping". The destruction of the drive is only called for with highly classified data. One can imagine that if a drive had the plans for a suitcase sized nuke then yeah you want to be ultra paranoid about it and shred it. For 99.99% of the home users there is no need to physically destroy a drive. Further, the risk of hurting yourself (flying shrapnel etc) is MUCH greater than someone recovering data from your properly wiped drive.
Re:Overkill? (Score:3, Insightful)
Last time I needed to really kill a drive, I put it in the lathe, and turned the platters - nice snall swarf chips
Re:Gutmann was wrong (Score:2, Insightful)
Every ATA/SATA drive made since around 2001 supports the "secure erase" feature. This will overwrite everything, including remapped sectors and the host protected area (HPA). NIST considers this to be as effective as degaussing. It has the added advantage that you can re-use or sell the erased drive. On Linux, you can activate this feature with hdparm's --security-erase switch.
It's actually more effective than crushing or similar physical destruction techniques, as it will protect against "laboratory" attacks (magnetoscopy etc). The only physical technique which is completely effective against a determined attacker is incineration (even grinding can leave recoverable fragments if you don't know what you're doing; it's quite easy to end up with flakes of the magnetic medium which are large enough to extract data from).
Physical destruction is primarily masturbation; it's done because it feels good rather than because it's particularly effective.
Reduce, Reuse, Recycle (Score:5, Insightful)
Reduce - Buy the biggest disks you can afford, they're worth repurposing and you won't have to spend as much on successors or the attendant labor.
Reuse - Repurpose disks for other purposes. Use last years' disks as part of your backup solution. Secure-format them on a low-power machine and put them on eBay.
Recycle - There must be SOMEONE willing to break the drives down and give you back the platters for destruction. There's significant aluminum in some of those drives.
All this crushing, drilling, and shooting of drives is fun. But it's also extremely wasteful. I understand destroying the drives if lives are at stake, but otherwise, stop.