Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security

Video When Your Data Absolutely, Positively has to be Destroyed (Video) 295

Video no longer available.
Here's a corporate motto for you: "Destroying data since 1959." Timothy ran into a company called Garner Products (which doesn't use that motto as far as we know), at a security conference. While most exhibitors were busily preserving or encrypting data one way or another, Garner was not only destroying data but delighting in it. And yes, they've really been doing this since 1959; they started out degaussing broadcast cartridges so broadcasters could re-use them without worrying about old cue tones creeping into new recordings. Now, you might ask, "Instead of spending $9,000 or more to render hard drives useless, couldn't you just use a $24 sledge hammer? And have the fun of destroying something physical as a free bonus?" Yes, you could. You'd get healthy exercise as well, and if you only wanted to destroy the data on the hard drives, so what? New drives are cheap these days. But some government agencies and financial institutions require degaussing before the physical destruction (and Garner has machines that do physical destruction, too -- which is how they deal with SSDs). Garner Products President Ron Stofan says in the interview that their destruction process is more certain than shooting a hard drive with a .45. But neither he nor Tim demonstrated a shooting vs. degaussing test for us, so we remain skeptical.

Tim: Ron, first could you introduce yourself, your title and your company.

Ron: Sure. My name is Ron Stofan, I am President of Garner Products Inc. We are manufacturers of degaussing and destruction equipment for hard drives.

Tim: Okay. Now how did you get into the business of destroying data?

Ron: Destroying data started in 1959. My father started the company to erase broadcast cartridges. They erased a few tons of broadcast cartridges. And that started off in the audio industry. Then that transferred up to the video industry, when the video tapes started coming into play up through the video cassettes and then finally into the diskette market. We are erasing all the diskettes for Dysan in the factories so far. And then hard drives came, and people needed a way to destroy data permanently off a hard drive.

Tim: So in a way, you are doing the opposite of what a lot of companies here are doing, which is basically preserving and hiding data.

Ron: Absolutely. Yes. Our main goal is to destroy data to make sure that it is not recoverable in any means either today or into the future.

Tim: Let’s take a look at some of the products that you’ve got that actually go about doing that destruction. Can you walk us through your line a little bit?

Ron: Certainly. This is our entry level degausser. It is our model HD2 degausser. It is a simple operation. You simply place the hard drive into the drawer, close the drawer and the degaussing process automatically starts. It takes about 45 seconds for this to fully erase the hard drive. Right now it executes charging of _____1:33 capacitors, when it is charged it will release all that energy through a coil which the hard drive is sitting in between or inside of, and there is a very strong magnetic field which erases or demagnetizes all of the data patterns on the disk platters inside the hard drive.

Tim: Now unlike the case with audiotape when you destroy the data on the hard drive, you’ve also rendered the drive itself inoperable; is that right?

Ron: That’s correct. So when we erase the data, we are also erasing the server tracks often known as timing tracks on the disk platters themselves. Those are inherent to have the function of the hard drive. So as we erase those magnetic data patterns, that renders the hard drive completely useless. In addition, the amount of field strength going through the hard drive itself is blowing _____2:25 up the read/write heads, it is also demagnetizing the magnets in the motor and the server drive itself.

Tim: Could you say that again? What are the numbers of the surge that is going through that drive?

Ron: On the HD2, it is approximately 9000 gauss or oersteds, these are two similar readings when measured in air. And it is similar to an MRI machine except it is in a small package. And the coil is configured in such a way and shielded in such a way that you can place a floppy disk on top of the degausser and it will not erase the disk. Keeping in mind the coercivity level which is a measurement of how strong the magnetic fields are on the hard disk platter, it is somewhere between 5000. The floppy disks are about 450 to 500 oersted. VHS tape is about 900. So you can see how a metal particle tape is about 1500 to 3000.

Tim: And this box is in a nice strong enclosure, does that mean that if a floppy is not protected that anything outside the field is pretty low shield as well?

Ron: That’s right. Anything I am standing inside, outside the environment everything is shielded, it is very much focused inside. We need all the power to be focused on the internal and this field chassis with some aluminum components inside is very much focused inside.

Tim: And this being your entry level machine, who is it sold to?

Ron: This will go to users that don’t have a high data volume, probably under 100 hard drives a month.

Tim: And in the end does the hard drive itself look any different?

Ron: No.

Tim: How do we know that it has been erased? Just stick it into a machine?

Ron: Yeah. The hard drive is definitely nonfunctional afterwards. It looks physically unchanged. So this hard drive has been erased probably about 50 or 60 times; internally though under a magnetic microscope you can actually see the data patterns on that. It could be imaged. And there would not be any data patterns. You can actually get a magnetic film or disk or liquid that could actually expose those domains.

Tim: Can we take a look up the product line there? Your bigger devices there.

Ron: Certainly. Here we go. So here we have our model HD3. This is our high production degausser. This has about 9500 to 10,000 gauss or about 1 tesla and it is our high production degausser. It is simple operation. Simply drop the hard drive into the slot that initiates the capacitor and degaussing cycle to start. It is going to take about 9 seconds to just erase the hard drive. It is now verifying that the magnetic field was sufficient to erase that information, and when it does, it drops out the back. So on all of our products, each and every erase is verified after each magnetic field has gone off.

Tim: And again what does this machine cost? And who would buy it?

Ron: This machine here is $8975. It is purchased by banks, hospitals, government institutions, states, and as you can imagine the uses of hard drives is pretty much unlimited.

Tim: So that is for higher volume?

Ron: Higher volume. Data centersand that sort of thing.

Tim: Alright. And what’s next?

Ron: I’m sorry.

Tim: And what’s next?

Ron: Next we have our TS1 degausser. This has been evaluated, this is on the NSA evaluated products list. What that means is it has been tested and has passed the stringent tests for the National Security Agency to erase top secret data. So this would be more missile codes, any of the top secret data that the government would have. Many banks, institutions, and corporations also follow the guidelines that the NSA and DOD do follow because they do have information from these facilities, and so some require this type of degausser. Again this degausser is like the HD2 in that it is a drawer operation, simply place it in, close the door, and hit the erase button.

Tim: Now it is still really sending a huge flux through the data platform. What else does this do differently that would satisfy the NSA that it is actually more secure?

Ron: This has about twice the amount of field or 20000 gauss compared to the 8000 or 9000 gauss that the HD2 has. And what this does is the government required a larger margin of error. So they are looking at different items or consequences such as manufacturing differences in the hard drive, manufacturing differences in the degausser itself, power fluctuations, temperature fluctuations, and so they take all those variables into account and they come up with their guidelines or the numbers that they need and hence you need a bigger unit and stronger.

Tim: And they must be willing to pay a higher price too?

Ron: Absolutely.

Tim: What does this run?

Ron: This is $19975.

Tim: And I imagine it comes with some kind of a vehicle to move it?

Ron: No. It doesn’t come with a vehicle to move it. So we do have it comes in a carrying case, so these are transportable cases here on the sides, so that’s actually one of the cases that these will travel in. So you could take this from place to place. In addition, we have side handles that slip out for easy maneuverability. So there are two handles on each side that slide out.

Tim: So right now, lot of data is moving to solid state, I know you’ve got a machine that can work with that as well, can you demonstrate that?

Ron: Certainly. So this is our new model PD5. It is a hard drive and solid state destruction device. So first of all, I will demonstrate the destruction of hard drives. Let me grab two hard drives here. So it is really to do two hard drives at a time, it takes about 20 seconds to destroy two hard drives. Simply place them in, close the door, and hit the destroy button. That is putting over 20,000 lbs. of force through it to break the hard drives.

Tim: So you can’t just send that to one of the data recovery companies that is listed on the back of PC World?

Ron: No. No. And for some companies, this is sufficient for destruction. Other companies, this is a secondary operation after degaussing since degaussing actually gets rid of the information, destruction simply breaks it and makes it nonfunctional. And then for solid state devices, what we have is we have our new SSD destroyer which is an attachment that goes in, or an accessory that goes in to the PD5. So you simply slide that in, basically it is like a bed and ceiling of nails, it will go in and it will penetrate through the solid state device, through the PC boards and it erases and destroys all of the platters on it, here is a simulated solid state drive, and you simply place that in between the chambers, close the door, and no more data. And what is important these days is there are some hybrid drives as well so there are some magnetic drives, something that has a still rotational media that needs a degaussing, and then there is a portion on the board that actually still has memory and stores data even when it is apart. So this is the end result.

Tim: Can you turn that around a little bit in your hands?

Ron: Here we go.

Tim: Now it is pretty thorough.

Ron: It is completely thorough and we have had it tested by data recovery companies and also looked at by government agencies and they have all agreed that once the package the chips are pierced in this pattern and that closed tolerance that it is completely unrecoverable.

Tim: And what else have people done to destroy drives? I mean there are machines that you are selling. What are the alternatives if you want to get rid of data permanently?

Ron: The beautiful thing about this is it is a simple process anybody can use. We have people come in to our shows, so we do government shows, we do industry business shows like this, and some people come and say, oh we hit it with a hammer, they drill holes in it, or they shoot it with their gun. We had a customer at this show, came in with his laptop, showed us a picture of his hard drive that he shot with his 45 and he was surprised to see that the 45 didn’t go all the way through the hard drive; it was actually stuck in the data platters. We had one lady at a show in Washington, DC, who came to the show on a Tuesday, and she asked if she could bring her hard drive from home the following day; we said sure. So we put in, we degaussed it, on a TS1 then we put it into our PD5 and the next thing we knew there was water coming out of the bottom of our product. And she said oh don’t worry about that. We were all wondering where this water is coming from. And her security was to put her hard drive in the sink, fill the hard drive up with water, and then stick it in the freezer. So she had just recently taken it out of the freezer; by the time she got here, and we cracked it open and all the water came out. So people would do many different things to protect their data.

Tim: Anything else I should be talking about with you about it?

Ron: I think that should do it. Just make sure you don’t send your hard drives back when they break; these work on as opposed to overwriting which is not approved by the National Security Agency for top secret data. So just make sure you protect your data.

This discussion has been archived. No new comments can be posted.

When Your Data Absolutely, Positively has to be Destroyed (Video)

Comments Filter:
  • dd (Score:4, Informative)

    by Anonymous Coward on Thursday March 28, 2013 @01:33PM (#43305213)

    dd if=/dev/zero of=/dev/sda bs=1024 &

    • Re:dd (Score:5, Insightful)

      by Gordonjcp ( 186804 ) on Thursday March 28, 2013 @01:38PM (#43305249) Homepage

      Exactly. A single pass of /dev/zero will wipe all the data on the drive beyond any hope of recovery, and sure as hell doesn't cost nine grand.

      • Re:dd (Score:4, Informative)

        by SpectreBlofeld ( 886224 ) on Thursday March 28, 2013 @01:42PM (#43305309)

        I encourage anyone who has 20 minutes to spare to watch this short Frontline documentary on E-waste:

        http://www.pbs.org/frontlineworld/stories/ghana804/video/video_index.html [pbs.org]

        I bet lots of companies throwing out old hardware who are worried about data leakage could actually find use for their old drives in-house. Hell, just keep them in a closet somewhere until one of your in-use drives go bad (and they will).

        • by SpectreBlofeld ( 886224 ) on Thursday March 28, 2013 @01:43PM (#43305329)

          ...the first line of my above post got eaten somehow, which was: 'Not to mention the fact that destroying non-defective drives is FUCKING WASTEFUL'.

          • by Gordonjcp ( 186804 ) on Thursday March 28, 2013 @01:46PM (#43305361) Homepage

            'Not to mention the fact that destroying non-defective drives is FUCKING WASTEFUL'.

            A million times, this. You don't need a 2TB drive in your desktop that uses network shares for saving everything.

            • by fuzzyfuzzyfungus ( 1223518 ) on Thursday March 28, 2013 @01:54PM (#43305479) Journal

              I'm pretty sure that boring business desktops are why they still make 80 and 160 gig drives.

              On the network side, we can't shove more 2TB nearlines in fast enough to keep the users happy; but every desktop still goes out largely empty.

              • by nitehawk214 ( 222219 ) on Thursday March 28, 2013 @02:15PM (#43305715)

                I'm pretty sure that boring business desktops are why they still make 80 and 160 gig drives.

                On the network side, we can't shove more 2TB nearlines in fast enough to keep the users happy; but every desktop still goes out largely empty.

                And if you are buying your computers from a standard manufacturer, they cost the same as the TB drives. Might as well get the bigger drives.

                • Re:dd (Score:5, Interesting)

                  by Penguinisto ( 415985 ) on Thursday March 28, 2013 @02:39PM (#43305979) Journal

                  And if you are buying your computers from a standard manufacturer, they cost the same as the TB drives. Might as well get the bigger drives.

                  As a bonus, a really enterprising sysadmin will use the (aggregate) empty desktop disk space as a de-centralized near-term backup solution. Mind you, it should never replace tapes, snapshots, etc, but...

                  If you can park encrypted copies of critical data around redundantly on every desktop, deny the use of that space to the desktop user, and do it in a way that's automated? Sweet. Why do it? Because you could possibly recover lost data much faster than calling your offsite provider and waiting for a tape to arrive. It also serves as a last-ditch, everything-else-has-failed means of recovering whatever data it is that you deposited there. You;d have to set up some sort of RAID-like redundancy, and a means to automatically update that data on a semi-regular basis, but damn if it wouldn't work. As a bonus, you can put that disk space to legitimate use, instead of watching it get filled up with cat pictures and web cached files from facebook. If each desktop has a TB of drive, you could slash it to 300GB for the desktop user, and take 600GB+ (mind the overhead) from each desktop for company use. Even with only, say, 40 desktops? You could get up an easy 12 TB of aggregate storage with a RAID1-like redundancy - maybe 6 TB if you had 4 copies of each chunk of data, which is still nothing to sneeze at (especially if you've priced SAN shelving as a near-line backup depot...)

                  (...though if you were a true BOFH, you could do the same thing, say it's for company data, then use it for your own personal stash or whatever...)

                  • Re:dd (Score:5, Informative)

                    by Insightfill ( 554828 ) on Thursday March 28, 2013 @04:03PM (#43306737) Homepage

                    As a bonus, a really enterprising sysadmin will use the (aggregate) empty desktop disk space as a de-centralized near-term backup solution. Mind you, it should never replace tapes, snapshots, etc, but...

                    If you can park encrypted copies of critical data around redundantly on every desktop, deny the use of that space to the desktop user, and do it in a way that's automated? Sweet.

                    Many years ago, a company named "Mangosoft" had a product named "Medley" [mangosoft.com] which would do this.. Each user would allocate a certain amount of their disk drive to the "Medley" drive, and all of the users (up to 25 max) would share a really big drive together. Earlier versions of this technology worked by basically keeping two copies of every file, and moving a copy to the local drive of the last user who accessed it. If a machine holding a file went down (power, etc.) then the list of files it held would be pushed around from other working machines to always ensure duplicates are still around.

                    Current versions of this would probably be GlusterFS, Coda and Tahoe.

        • by Synerg1y ( 2169962 ) on Thursday March 28, 2013 @01:52PM (#43305439)

          Most of those legacy hard drives everybody always think can be re used are actually far lower RPM IDE hard drives. I'd be delighted to give one to somebody I don't like, but I think you get my point, they're not re-usable due to extremely poor performance.

          • by whoever57 ( 658626 ) on Thursday March 28, 2013 @02:23PM (#43305805) Journal

            Most of those legacy hard drives everybody always think can be re used are actually far lower RPM IDE hard drives.

            Wow! You must have some really old drives. Just looked at the 120GB hard drive that is sitting on my desk -- it's a 7200 RPM drive and was announced in 2001.

          • by gman003 ( 1693318 ) on Thursday March 28, 2013 @02:41PM (#43305993)

            No. RPM hasn't changed much. I've seen 15KRPM drives that are as old as I am, and I've seen 5400RPM drives that came out yesterday.

            What does change is data density, which does affect sequential read/write speeds (and to a much lesser extent random). So a modern desktop 7200RPM drive can have similar performance to a 10,000RPM server drive from 2004 (date pulled OOMA, use loosely).

            • by Synerg1y ( 2169962 ) on Thursday March 28, 2013 @03:05PM (#43306231)

              But lower RPM coupled with an IDE interface should eliminate ANY consideration on re-using the drives I'm referring to.

                RPM has to do with how fast a hard drive can retrieve data (access times) so that's where the data density would come in, if I'm retrieving more data per rotation, say 2x (theoretical) more, suddenly 7200rpm looks more like 14400RPM, which obviously > 10k SAS.

        • Re:dd (Score:4, Insightful)

          by h4rr4r ( 612664 ) on Thursday March 28, 2013 @01:54PM (#43305467)

          What are you going to do with several hundred 40GB IDE drives?
          How about some SCSI320 drives?

          No one has enough room to store all this crap.

        • Re:dd (Score:4, Insightful)

          by mindcandy ( 1252124 ) on Thursday March 28, 2013 @02:44PM (#43306037)
          If it's old, then it's out of warranty. Yeah, I get the whole e-waste thing, and I'm sure it pains people to see a pallet of otherwise good 1TB drives headed off to be shredded into chips .. but remember they are 3-4 years old and having one go bad while is a far bigger PITA in terms of lost productivity, lost data, etc. than it is to just buy a new one for $100 and pay $1 for the old one to get securely scrapped.
      • by eln ( 21727 ) on Thursday March 28, 2013 @01:53PM (#43305455)
        Not to DoD standards. Several (usually 3-7 passes with /dev/random (or /dev/urandom) followed by /dev/zero will erase data well enough for any standard out there other than those that specifically require physical destruction, though.
        • Re:dd (Score:4, Interesting)

          by Hatta ( 162192 ) on Thursday March 28, 2013 @01:56PM (#43305505) Journal

          Does the DoD have evidence that data can be recovered from a zeroed drive? Or do the recommend overkill just because they can?

          • by dave562 ( 969951 ) on Thursday March 28, 2013 @02:01PM (#43305573) Journal

            My experience has been that they recommend it just because they can. I have dealt with this in the past in consultation with the risk management teams of various financial industry clients of ours. The first couple of times they asked me to do 7 pass zeroing on multiple terabytes of data, I tried to push back on it. Not a single one of them could produce any proof that a single pass was insufficient to render the data unreadable. Yet they all insist that it must be done to DoD standard, 7 pass wipe. It is just one of those idiocies that comes from the "security and risk" people who do not really understand what the risk is and are just checking off boxes on a form that they do not really understand.

            • by flyingfsck ( 986395 ) on Thursday March 28, 2013 @02:21PM (#43305785)
              Not to mention that the 'DoD Standard' is a myth. They actually have different erase and destroy requirements depending on the media type, but none of them require 7 times over write, since that is just a waste of time. The worst iIknow of is a 3 times overwrite if you want to re-use magnetic media at the same (or higher) classification level.
            • by mabhatter654 ( 561290 ) on Thursday March 28, 2013 @02:21PM (#43305789)

              Because their buddies in the CIA heard on a TV show that the NSA did this one thing and used it to recover the whole drive full of data and valid time stamps that sent a politician to jail!!!

            • We Sandblasted ours (Score:4, Interesting)

              by billstewart ( 78916 ) on Thursday March 28, 2013 @03:21PM (#43306385) Journal

              Back in the 80s I ran a computer center that handled classified data, and we used DEC RM05 removable-disk-pack drives on a VAX. The AR380-380 regs for declassifying storage media gave us a few choices

              - Degaussing with NSA-certified Big Magnets (not in MY computer lab, where I still have disks I want to keep!)
              - NSA-certified software. The big deal isn't just overwriting it 3-7 times to prevent the KGB from using electron microscopes on it, it's making sure that you've really erased all the data, including the spare and bad blocks remapped by the disk controllers, and if you only had one disk drive in the machine, the software needed to be able to keep running from RAM even after you'd erased the operating system including the files for your disk-wiping commands. (Too much paperwork required.)
              - Physical destruction. Why, yes, we're a large company with a machine shop down in the basement, and they have Sandblasters! Win!

              I was no longer sysadmin by the time they closed the classified processing system. My successor got to disassemble the dozen or so disk packs we had and take them down to the machine shop for sandblasting.

              Remember how ever sysadmin in the 80s used to have a disk on their wall with decorative scratches on it from a head crash? Hers was pure shiny metal.

          • Re:dd (Score:4, Interesting)

            by Anubis IV ( 1279820 ) on Thursday March 28, 2013 @02:34PM (#43305911)

            The theory regarding how data could be recovered from a zeroed drive seems sound enough, namely that by measuring the difference between the analog signal captured directly from the head before it is converted to a digital signal, and then taking the difference between it and the digital signal, one can determine what the previous state was for each of those bits. And it also stands to reason that the various intelligence agencies who are purported to possess such capabilities would not be forthcoming in revealing their ability to do so.

            That said, regardless of whether the technology exists or not, people who advocate 7-pass and 35-pass overwrites are just wasting their time, since even the author of the paper that proposed the 35-pass method acknowledged that only a subset of those passes are necessary for any particular drive, and that with modern drives a simple series of random rewrites would be more than sufficient. He even referred to the way that many people were using his technique as "a kind of voodoo incantation" [wikipedia.org].

          • by LordLimecat ( 1103839 ) on Thursday March 28, 2013 @02:47PM (#43306073)

            Do you have evidence that any of the failed SHA-3 candidates are crackable? Because security is about a whole lot more than "addressing confirmed threats".

            Magnetic domains remain on overwritten harddrives, this is indisputable. The only question is whether anyone has the capability to recover data from them; but assuming "nah, its too difficult" seems to be making a whole lot of assumptions about tomorrow's technology.

        • Re:dd (Score:5, Funny)

          by Frank T. Lofaro Jr. ( 142215 ) on Thursday March 28, 2013 @01:57PM (#43305517) Homepage

          Just store your data using ReiserFS, kill the power and your data's dead too.

      • by Synerg1y ( 2169962 ) on Thursday March 28, 2013 @02:01PM (#43305575)

        People who use these services justify the cost because they get a certificate.

        In all honesty though, you're completely right, that whole industry is one giant scare scam.

        It's supposedly possible in a lab environment to try and recover deleted data off a wiped drive by comparing the digital and analog signal differentials I believe... but if the NSA has interest in you, that's the least of your problems.

        My preference is to use OP's unix command, except I tend to like to use /dev/urandom instead and then put them on the curb at the biz during earth day, problem solved. I'd also consider if the hard drive at some point had such sensitive data that somebody would try to do a signal differential DR on it, it may be wise to wipe it and then hold on to it in the IT closet (non-criminal data of course).

        • by mabhatter654 ( 561290 ) on Thursday March 28, 2013 @02:28PM (#43305851)

          Non-criminal is the tricky part. Much of what one group orders done BECOMES criminal when political circumstance changes. As this happens quite often it being its all three sides if they just agree to destroy everything all the time.

      • by Andy Dodd ( 701 ) <atd7&cornell,edu> on Thursday March 28, 2013 @02:26PM (#43305839) Homepage

        Not guaranteed if the device does any form of block remapping...

        Which every modern drive for the past decade has done...

      • by LordLimecat ( 1103839 ) on Thursday March 28, 2013 @02:44PM (#43306029)

        Information of some kind is left on those hard drives, and I do not know that anyone has proven one way or the other that the information can be used to recover the original data.

        But last I checked, "Good security" wasnt "theres definately a side-channel here, but I think we can ignore it because noone's abused it YET".

      • by wiedzmin ( 1269816 ) on Thursday March 28, 2013 @02:50PM (#43306107)

        Unless it's an SSD drive, in which case you will end up with about 1% of data still left on the drive. For a terabyte drive, that's 10 gigs of your favorite home movies, on eBay: http://static.usenix.org/events/fast11/tech/full_papers/Wei.pdf [usenix.org]

      • There are two basic threat models here - the DriveSavers level and the KGB level. dd will overwrite most of the bits on your drive, but remember that modern hard drives don't actually let you write physical blocks on the drive; the disk controllers remap requests, replace bad blocks with spares, move stuff around, hide stuff in hidden partitions like the Host Protected Area that standard Linux tools can't access, etc. Commercial data recovery companies like DriveSavers aren't going to find much after a dd, but there may be some data left in the good parts of bad blocks, and if you're dealing with military secrets, that may be enough to be dangerous.

        (I've got a 500 GB PATA drive which some cretinous external-drive hardware remapped down to 200 GB when I replaced a bad disk; Linux tools weren't able to fix it, even though we rebuilt the kernel to fix a few things, because it didn't know how to ask the BIOS nicely, nor did WinXP. Linux was able to shrink the usable partition further, though :-)

        The other issue is the KGB threat model. DriveSavers isn't going to drag out electron microscopes and other ridiculously high-tech stuff to catch the magnetic images of that 1 bit that weren't quite wiped out by writing a 0 bit over it. Your commercial data's just not worth that much. Military secrets might be. But sandblasting the disk means never having to say you're sorry.

      • by RMingin ( 985478 ) on Thursday March 28, 2013 @03:09PM (#43306271) Homepage

        Wrong. A single pass of zero is often recoverable. Not for civilians, sure, but recoverable nonetheless.

        DOD published their specs for proper wiping of a hard disk. Those are still good baselines.

    • Re:dd (Score:5, Insightful)

      by sexconker ( 1179573 ) on Thursday March 28, 2013 @02:13PM (#43305689)

      dd if=/dev/zero of=/dev/sda bs=1024 &

      Won't work on an SSD. You have no idea what the controller is doing behind the scenes. There is capacity on the SSD that is completely and utterly inaccessible to the host. When you write 256 GB of zeros to your 256 GB SSD, you've probably got 16 or 32 GB the controller hasn't told you about, with data you know nothing about. You have to issue the ATA SECURE ERASE command, and even then you'll have no idea if the controller actually respected it and wiped everything.

      For SSDs there are two reliable options.

      1: Encrypt everything in software so the key nor a hash of it could never possibly be stored on the drive in unencrypted form.
      2: Physical destruction.

    • by omnichad ( 1198475 ) on Thursday March 28, 2013 @02:36PM (#43305933) Homepage

      If the drive still works.

    • by mindcandy ( 1252124 ) on Thursday March 28, 2013 @02:41PM (#43306001)
      You forgot the while().
      You have to pay by the hour for the while().
  • by goldspider ( 445116 ) on Thursday March 28, 2013 @01:34PM (#43305219) Homepage

    I still find the old fashioned way, "whack the drive real hard with a hammer and shatter the platter" combines the best parts of effectiveness and gratification.

    • by PolygamousRanchKid ( 1290638 ) on Thursday March 28, 2013 @02:03PM (#43305589)

      combines the best parts of effectiveness and gratification.

      Yeah, they said:

      their destruction process is more certain than shooting a hard drive with a .45.

      But plinking hard drives is more fun. Good, wholesome, family fun.

      • by Bob the Super Hamste ( 1152367 ) on Thursday March 28, 2013 @02:57PM (#43306171) Homepage

        their destruction process is more certain than shooting a hard drive with a .45.

        Sounds like they need to have better aim and/or use more than one shot. As powerful as a .45 may seem (probably .45ACP) they really aren't that impressive. For example I have seen one of my buddies shoot an old hard drive with a 20 slug and it dented the case and platters nicely but really didn't go in and sent the drive bouncing down range. The drive had 3 aluminum platters a steel cover and aluminum case. Now granted a .45 ACP and a 20 gauge slug (about .61) aren't exactly the same but from some quick searching the 20 gauge slug [hornady.com] delivers substantially more energy (typically about 3 times as much) than a .45 ACP [wikipedia.org]. As such I would assume that the increased cross sectional area of the 20 gauge slug is compensated for by the increased velocity and by extension energy and thus a .45 ACP would produce similar damage to the 20 gauge only on a smaller scale. If they are talking about a .45 long colt [wikipedia.org] then it is pointless but a .454 casull [wikipedia.org] is an entirely different beast.

        • by LDAPMAN ( 930041 ) on Thursday March 28, 2013 @03:15PM (#43306317)

          It's not the energy of the round that counts, it's the energy actually spent destructively on the target. The formula for maximum destruction in this case is to have the maximum kinetic energy energy delivered to the smallest area with high efficiency. So, you don't want a 20 gauge slug. It's easily deformed, has a large impact area, and unless you have the drive held very securely would just knock it downrange. I'd use a small caliber, high speed rifle cartridge. 7mm mag or even .223 would do nicely!

    • by sandytaru ( 1158959 ) on Thursday March 28, 2013 @02:50PM (#43306097) Journal
      We do that for systems retired from medical offices, but we give the drive a good DBAN first. THEN we disassemble it (a coworker of mine collects the magnets for some reason) and then smash the platters a few times with a hammer for funsies.
    • by LordLimecat ( 1103839 ) on Thursday March 28, 2013 @02:52PM (#43306121)

      If its a laptop drive, a quick thwack with the handle of a screwdriver will result in the platters shattering in a satisfying manner. I might recommend covering the platter with paper, unless you enjoy shrapnel going every which way.

  • Thermite (Score:5, Funny)

    by 2starr ( 202647 ) on Thursday March 28, 2013 @01:37PM (#43305237) Homepage
    No, no, no. When it absolutely has to be destroyed, you use thermite [ck.cx].
  • by Dancindan84 ( 1056246 ) on Thursday March 28, 2013 @01:38PM (#43305255)

    Will it blend? Since 1959.

  • by morcego ( 260031 ) on Thursday March 28, 2013 @01:39PM (#43305273)

    I find a bath in NaOH to be a very effective way to destroy media past any possible recovery. Specially if you are going to incinerate it afterwards.

    NaOH is also very cheap, and available everywhere, making it a wonderful low budget solution to use in the less cosmopolitan parts of the world.

  • by Billly Gates ( 198444 ) on Thursday March 28, 2013 @01:41PM (#43305291) Journal

    Problem solved

  • by bobstreo ( 1320787 ) on Thursday March 28, 2013 @01:43PM (#43305313)

    Relabel them as disk duplicators.

    Let the hilarity ensue.

  • by rodrigoandrade ( 713371 ) on Thursday March 28, 2013 @01:50PM (#43305405)

    This is a company that leeches off government contractors (Lockheed et al.) that have virtually infinite budgets paid by our tax dollars.

    Thus, $9000 for a low-level wipe.

  • by markhahn ( 122033 ) on Thursday March 28, 2013 @01:51PM (#43305431)

    sure, you can pound or melt, but for my money, sandpapering the platters by hand is the best way to pay homage to your dearly departed bits.

  • by hey ( 83763 ) on Thursday March 28, 2013 @01:55PM (#43305483) Journal

    Would be nifty if it spray painted the drive to show it was degaussed.

  • COAL (Score:4, Informative)

    by Charliemopps ( 1157495 ) on Thursday March 28, 2013 @02:00PM (#43305557)

    Coal is about $80/ton. Take about 1lb of that, light it, set a bunch of hard drives in the middle of it, put a house fan next to it... hard drives are a puddle of molten steel/plastic in about 10min and it cost you pennies. You can do the same with propane, but you'll need to build a burner and such.

    And before anyone gets on their high horse about burning coal, keep in mind the little device they're using her was most likely powered by coal generated electricity.

    • by Bob the Super Hamste ( 1152367 ) on Thursday March 28, 2013 @03:01PM (#43306211) Homepage
      Hell you don't need to build a burner. A cheap propane/MAPP dual fuel brazing torch will do the same thing in just seconds as well.
  • Crazy System Admin (Score:4, Insightful)

    by scribblej ( 195445 ) on Thursday March 28, 2013 @02:01PM (#43305571)

    Our former sysadmin purchased a drill press for the purpose of rendering old hard drives unrecoverable. Seemed both fun and practical.

  • by Sponge Bath ( 413667 ) on Thursday March 28, 2013 @02:05PM (#43305615)
    Hammer time is therapy. Sweet vengeful therapy.
  • by u64 ( 1450711 ) on Thursday March 28, 2013 @02:08PM (#43305647) Homepage

    Just hand it over to any teenager - they usually destroy most things that comes anywhere near them.
    To guarantee swift and total destruction make sure to tell them to *please* be careful with it.
    And that it is fragile and expensive.

  • by djbckr ( 673156 ) on Thursday March 28, 2013 @02:17PM (#43305739)
    I think BlendTec Will it Blend? [willitblend.com] would work quite well, don't you?
  • by SoundGuyNoise ( 864550 ) on Thursday March 28, 2013 @02:18PM (#43305745) Homepage
    We have one of the hard drive degaussers in my company. It's like the trap cleaner in Ghostbusters!
  • by mindcandy ( 1252124 ) on Thursday March 28, 2013 @02:38PM (#43305961)
    There is a reason for this sort of gear
    Time is money.

    As an example, we have a couple thousand PCs that are dumped each year due to lifecycle replacement. Yes, these are perfectly good PCs that could be wiped and loaded with (whatever) and donated .. but THAT COSTS MONEY. Loosing even ONE hard drive with data on it puts us in the newspaper, hence the policy is :

    No data storage device leaves intact, ever.

    We have the guys in facilities run them through a giant metal bandsaw, and that's BEFORE they go to be shredded/recycled (which, ironically, we pay THEM for, despite the fact that we're talking about tons of aluminum/steel/whatever .. but they won't burn off the insulation out back like JimBob either).

    The reason you don't use .45ACP or sledgehammers is one of liability. Before the bandsaw method we used sledgehammers until some idiot hurt himself. When somebody looses a finger due to stupidity we'll probably buy one of these.
  • by dgharmon ( 2564621 ) on Thursday March 28, 2013 @02:50PM (#43306109) Homepage
    Data Shredder [themushroomkingdom.net]
  • by paranoid123 ( 633401 ) on Thursday March 28, 2013 @02:55PM (#43306155)
    I worked in a legal firm which specialized in e-discovery and forensics, they weren't data-recovery specialists, but they were able to pull data from slack space and previously rewritten areas. But that is besides the point. For client-privacy reasons, legal reasons, and corporate policy, they ended up with hundreds of hard drives per month that needed to be destroyed with no possible way to recover the data. A $24 sledgehammer is certainly a cheap and fun sounding answer. But after smashing five hard drives, this stops being fun, you're making a lot of noise, and someone would need to clean up the mess. I'm sure OSHA wouldn't approve of that either. We were in a corporate office in the middle of New York City, so smart-ass solutions like thermite; sodium hydroxide; shooting them with a .45, a shotgun, or a bazooka aren't going to fly. Because of chain of custody, you couldn't even take the hard disks into an empty field to do this. The guy responsible for destruction started unscrewing everything, taking out the platters, then punching a hole in the platters with a screw-press. But like the sledgehammer solution, this was slow labor-intensive. I believe they ended up using a qualified HD destruction service, who would come to your office once a month, and give you metal confetti back. This of course isn't cheap. Eventually, purchasing one of these Garner devices would make economic sense. My point is, sure, given our own devices, we can think of quick and fun ways to destroy a hard disk. But when you are limited by government and corporate rules, companies like Garner aren't just greedy, but filling a real need.
  • by MMC Monster ( 602931 ) on Thursday March 28, 2013 @03:07PM (#43306249)

    If you absolutely, positively must destroy your data, you must succeed in destroying the universe.

    Baring that, perhaps access to a black hole could be of benefit.

  • by A well known coward ( 2835 ) on Thursday March 28, 2013 @03:12PM (#43306297) Homepage

    I sometimes need to destroy hard drives at work. I do it right in front of the user so they know their old data isn't going anywhere. I open the computer, pull out the drive, open the drive, get a screw driver under the disk plate and use it as a lever. The plates will either bend or shatter depending on material.

FORTUNE'S FUN FACTS TO KNOW AND TELL: A black panther is really a leopard that has a solid black coat rather then a spotted one.

Working...