Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Data Storage IT

Why Millions of Usable Hard Drives Are Being Destroyed (bbc.com) 168

Posted by msmash from the PSA dept.
Millions of storage devices are being shredded each year, even though they could be reused. "You don't need an engineering degree to understand that's a bad thing," says Jonmichael Hands. From a report: He is the secretary and treasurer of the Circular Drive Initiative (CDI), a partnership of technology companies promoting the secure reuse of storage hardware. He also works at Chia Network, which provides a blockchain technology. Chia Network could easily reuse storage devices that large data centres have decided they no longer need. In 2021, the company approached IT Asset Disposition (ITAD) firms, who dispose of old technology for businesses that no longer need it. The answer came back: "Sorry, we have to shred old drives."

"What do you mean, you destroy them?" says Mr Hands, relating the story. "Just erase the data, and then sell them! They said the customers wouldn't let them do that. One ITAD provider said they were shredding five million drives for a single customer." Storage devices are typically sold with a five-year warranty, and large data centres retire them when the warranty expires. Drives that store less sensitive data are spared, but the CDI estimates that 90% of hard drives are destroyed when they are removed. The reason? "The cloud service providers we spoke to said security, but what they actually meant was risk management," says Mr Hands. "They have a zero-risk policy. It can't be one in a million drives, one in 10 million drives, one in 100 million drives that leaks. It has to be zero."
This discussion has been archived. No new comments can be posted.

Why Millions of Usable Hard Drives Are Being Destroyed More

Why Millions of Usable Hard Drives Are Being Destroyed

Comments Filter:

  • security (Score:5, Insightful)

    by sdinfoserv ( 1793266 ) on Tuesday June 06, 2023 @02:50PM (#63581201)
    We destroy them too. Zero chance anything can be recovered.
    But really, after 4 or 5 years of being in a high I/O production environment, do you really want to trust your data on a used drive?

    • Re:security (Score:5, Informative)

      by DarkRookie2 ( 5551422 ) on Tuesday June 06, 2023 @02:53PM (#63581213)
      Depending on what it is and how many I have.
      I built a NAS with 8/12 HDDs. Used for movies and the like. Stuff I would be annoyed to redownload, but nothing critical. The other 4 are spares.

      I would never run one in my main rig, nor trust it alone with stuff I want to keep.
      • I should say I got them from a server we decommissioned here. I took the drives how. All the test I have ran on them say old and used, but not failing yet.

        • Re: security (Score:2, Informative)

          by saloomy ( 2817221 )
          So one of the reasons they destroy these drives, for the ultimate fear of data exfiltration, is that on some old drives, if the data was wiped once, you could access firmware-level signal data and figure out where there were 0s and 1s because the magnetism of a bit was mostly gone but not totally gone. Government spooks who had a high interest in retrieval would basically get the sensor values of a full drive scan and use some ECC and other wizardry to undelete those bits of info. We run an MSP and we have

          • That has not been true for about 30 years now. Overwrite with zeros and it's gone forever. Any truly sensitive data should be on SED drives so just destroy the AES key and boom the data is as good as gone.

          • Re: (Score:2)

            by gweihir ( 88907 )

            That does not work with drives younger than 2 decades or so. The surface data capacities are just not there to keep two data layers (the overwrite and the old one). Historically, yes, this attack was possible, but there the actual media capacity was used to maybe 10%. This attack probably still works on modern tape though.

    • Re: (Score:2)

      by fermion ( 181285 )
      I am sure anyone here would be forgiving if google sold an old hard drive with your search history still accessible. No one here would take that opportunity to sue for millions

      Then there is the cost wipe them cleaner than clean. That appears to be closer to $100 than the 10 to shred it? Can you sell a hard drive for a $100?

      Then there is reliability. A hard drive that is left in rack and has been shown no sign of unusual wear for five years is likely not going to have any big issues crop up suddenly. A

    • Exactly. It's physically impossible to mistakenly fail to erase a hard drive which has been shredded into metal shavings. And the data is much, much more expensive than the hard disk.

    • Re: (Score:3, Interesting)

      by AmiMoJo ( 196126 )

      If you could wipe them in one second, would you not crush them?

      Some HDDs support that. Everything on the platters is encrypted, and wiping them is as easy and quick as overwriting the key. The drive generates and stores the key automatically, the computer only needs to send the erase command.

      It's a shame more drives don't support it. It's more common on SSDs. No affect on performance.

    • One? No. A RAID 6 or equivalent composed of them? Depending on the cost and availability requirements, maybe.

    • Re: (Score:3)

      by Reziac ( 43301 ) *

      I have some +20 year old drives in everyday service. So long as they do the required job, I don't see why I shouldn't use them. So long as they keep running error-free, they're just as trustworthy as my much newer drives.

      My experience across hundreds of HDs is that provided they're in 24/7 use they either fail in the first month, or shortly after five years, or never. Drives that sit idle a long time are more likely to go bad, especially if they already had some years on them.

      But as someone once put it, the

  • ... Is another option.

  • What about reliability? (Score:3, Insightful)

    by SuperKendall ( 25149 ) on Tuesday June 06, 2023 @03:00PM (#63581239)

    There's a really good reason not to use older drives - reliability.

    The longer you use a hard drive the greater a chance of failure or dataloss. For most cases it does not make sense to take that risk.

    Maybe you could say, older drives could be used in highly redundant RAID systems, but even then you increase risk of more than one drive failure at once which could kill even a highly redundant RAID...

    • Re: (Score:3)

      by sjames ( 1099 )

      That's when you load from backup. Because an online RAID is not a backup.

    • My backup of an HPC system uses hundreds of old SAS hard drives that have been cycled down from primary storage. Most of the drives are from 2013. All are in 8D+2P RAID6, must have lost less than a handful in the last year. Of have boxes of spares ready to go.

  • Greater Fools (Score:5, Funny)

    by mabu ( 178417 ) on Tuesday June 06, 2023 @03:01PM (#63581241)

    Yea, give your old used hard drives to a crypto company. Would could possibly go wrong?

  • Required (Score:5, Interesting)

    by JBMcB ( 73720 ) on Tuesday June 06, 2023 @03:02PM (#63581245)

    For some contracts, destroying used drives is required, especially if federal agencies or contracts are involved. I knew someone who worked in IT for the army, and their procedure was to wipe the drive, drill holes in the case, then store them in a safe until a portable truck-mounted furnace would show up to melt them down on-site, then haul the sludge away.

    • Re:Required (Score:4, Funny)

      by pz ( 113803 ) on Tuesday June 06, 2023 @03:47PM (#63581355) Journal

      ... wipe the drives, drill holes in the cases, then store them in a safe until a portable truck-mounted furnace would show up to melt them down on-site ...

      Kill them dead three times to make sure they ain't comin' back!

    • For some contracts, destroying used drives is required, especially if federal agencies or contracts are involved. I knew someone who worked in IT for the army, and their procedure was to wipe the drive, drill holes in the case, then store them in a safe until a portable truck-mounted furnace would show up to melt them down on-site, then haul the sludge away.

      You'd have to! Otherwise a Chinese agent would dumpster dive them, whisk them off to China where they'd use Quantum computers to decode the data even if it was actually wiped securely and the data had been encrypted in the first place!

    • The only secure computer (or secured disk drive) is one which is powered off, shielded with lead, and fired in a rocket away from us at the speed of light.

  • Of it's so sensitive to begin with why don't they use disk encryption?

  • One of them might even be 512 MB, although it's been a few years since I pulled them.

    They're in the back of one of my closets. Just let me know the address to send them to.

  • Do SSDs have an easy or quick verifiable factory reset?

    I'm assuming HD manufacturers don't want reuse as it cuts into their bottom line.

    • Re: (Score:2)

      by Dwedit ( 232252 )

      Windows will TRIM a drive after you quick format it. Attempting to read back sectors through normal means will give you only zeroes afterwards.

      So then the issue becomes non-normal means of reading the data out (dumping the chips directly).

      • Re: (Score:2)

        by Bert64 ( 520050 )

        The whole point of TRIM is that the blocks are reset to 0. Flash has to be erased like this before it can be rewritten, so having already erased blocks is faster since you can write to them directly instead of having to erase them first. Dumping the chips directly will also return zeroes.

    • Do SSDs have an easy or quick verifiable factory reset?

      ATA secure erase command. Takes about 2 minutes and it overwrites the encryption key it was using all along to write the data. If you can't read one sector you can't read any because it means the key is gone.

  • Great (Score:5, Insightful)

    by Baron_Yam ( 643147 ) on Tuesday June 06, 2023 @03:27PM (#63581293)

    Another problem some idiot wants to solve with blockchains.

    Here's a clue: if someone thinks blockchains are important, you should avoid taking them seriously, doubly so if they're looking for money.

  • It's nice to have people at the datacenter (Score:4, Interesting)

    by slaker ( 53818 ) on Tuesday June 06, 2023 @03:33PM (#63581309)

    I rent a half-rack in a small datacenter. I'm literally their only local customer, so when I come in, I usually spend some time bullshitting with whichever one of the four techs is handling ops that day.

    They get asked to dispose of EOL equipment pretty regularly, and EOL at this point can mean pretty awesome hardware. Every time I go in, I ask what they have sitting around. My last visit, I was able to grab some idiot's GPU mining setup (SMALL datacenter; they don't charge for power) for the price of their past-due bill, and other times, I've been able to snag some high capacity SAS drives they have stacked up to make their desks to make little forts.

    I don't care if this crap counts as having fallen off a truck or that there's a chance that it's got a billion power on hours. I think it has worked out very well for me to date.

  • Should Be DeManufactured (Score:5, Insightful)

    by BrendaEM ( 871664 ) on Tuesday June 06, 2023 @03:34PM (#63581313) Homepage
    Hard drives have Neodymium in them. They are often made of 6061 aluminum. The voice coil has copper in it. The screws are stainless steel. We need Neodymium for the present, for the future, and most of the United States Neodymium is in landfills.

  • When I was working as a contractor for the federal government, hard drives to be disposed of had to be sanitized. You know what deGaussing does? It kills the drive, too.

    Now, it'f they've got a production line to disassemble the hard drive, deGauss each platter individually, and rebuild them, that's one thing....

    • When I was working as a contractor for the federal government, hard drives to be disposed of had to be sanitized. You know what deGaussing does? It kills the drive, too.

      Now, it'f they've got a production line to disassemble the hard drive, deGauss each platter individually, and rebuild them, that's one thing....

      Because even if the data is encrypted and you STILL wipe them repeatedly with patterns, zero's, XOR's, those Chinese agents will swipe them, send them off to China and they'll use quantum computers to recover the data! Thats got to be it.

      (That, or laziness. Wait... Federal US government? Ahhhh)

      • Re: (Score:2)

        by Bert64 ( 520050 )

        If a well funded group wants at your disks, they will redirect the shipment to ensure the target drives never reach the shredding plant. You'll still get to see a pile of shreddings, but it won't be your drives.

        • If a well-funded group wants your drives, you're probably not shipping them anywhere to be destroyed. It's being done on site, under supervision.

    • Most of the firmware is on the platters (unless something has changed). If you wipe each platter individually, you still need a way to write the firmware back to the platters.

  • I can entirely understand the desire to just shred rather than try to erase a drive: it's much harder to mistake an unshredded drive for a shredded one than it is to mistake an unwiped drive for a wiped one; and there are a lot of model(or even silent-revision-under-same-model) specific considerations in terms of whether the 'secure erase' command actually works properly; what sort of remapping is going on internally such that overwrites might not actually be overwriting, etc.

    However, it is increasingly

  • Sorry, You're not getting old drives. (Score:4, Insightful)

    by Virtucon ( 127420 ) on Tuesday June 06, 2023 @03:44PM (#63581347)

    NIST has a specification 800-88 [duserswill...00-88r1pdf], and most contracts even Civilian rely on that standard for handling obsolete or damaged media. the lowest common denominator is destruction. When failures in other methods occur, it's usually because somebody didn't sanitize obsolete magnetic media following protocol and policy. If I refurb one of my old PCs for a family member or for charity, I always put in a new HDD or SSD, and the old storage is usually shot full of holes at the range.

    The only way to be sure is to shred it and avoid having your data accidentally recovered.

    • Indeed many compliance standards mandate destruction, this person suggesting recycling is a starry eyed greenie with no real world experience or knowledge.

      Data can be recovered from mag drives even after multiple overwrite by expensive means... if data is valuable enough the bad guy has motive and reason for investment.

      SSD? guess what, half of drives don't implement the erase spec properly and leave data after bios erase... and if wiping done from program in running OS there are blocks unavailable at any t

      • What utter tosh. It is easy to wipe drives securely, I do it all the time. Hundreds of the buggers. I am currently putting together my Driveinator MK4 as I have a few hundred more coming up and the motherboard on the MK3 packed in last week. Admittedly it was a nearly a decade old, so this time I am building from all new components.

    • Re:Sorry, You're not getting old drives. (Score:5, Interesting)

      by AmiMoJo ( 196126 ) on Tuesday June 06, 2023 @04:42PM (#63581527) Homepage Journal

      Years ago someone offered a prize if anyone could recover data from a HDD that had been fully formatted. Nobody ever claimed it, not even data recovery companies.

    • NIST SP 800-88:
      > "While most devices support some form of Clear, not all devices have a reliable Purge mechanism. For moderate confidentiality data, the media owner may choose to accept the risk of applying Clear techniques to the media, acknowledging that some data may be able to be retrieved by someone with the time, knowledge, and skills to do so. Purge (and Clear, where applicable) may be more appropriate than Destroy when factoring in environmental concerns"

      FIPS 199:
      > "Confidentiality High: The

  • Mr.Hands??? (Score:3)

    by Oryan Quest ( 10291375 ) on Tuesday June 06, 2023 @03:54PM (#63581395)

    "What do you mean, you destroy them?" says Mr Hands, relating the story. "Just erase the data, and then sell them!

    Oh thank god you’re alive I heard the craziest rumor about you!

  • It's easier to build a process around physical destruction.

    You see that pile of old drives there? Have they been scrubbed? I don't know.

    You see that pile of shredded metal? Have they been scrubbed? I'm pretty certain they have.

  • No exceptions, if it was in a data hall, it will be destroyed, even if it is an SD card storing a switch config.

  • Spinning platters don't last forever, making reuse somewhat questionable. SSDs might be a different story, as long as they still have spare sectors to replace the bad sections mapped out.

  • So why isnt the data fully encrypted on premise? Makes a leak even more unlikely. After all, employees of the shredder could power up drives and scrape for data.

    • today's encryption is tomorrows substitution cipher used in future class as trivial to break exercise or joke

  • "Erase them" the joker says.

    No, many compliance standards require their destruction.

    Older data from mag drives can be scavenged. An SSD has blocks unavailable to you at present during wiping that might contain historic data. Trusting the secure erase from BIOS? Ha, see the paper "Reliably Erasing Data From Flash-Based Solid State Drives" where half the drives tested didn't properly implement the ATA erase standard, so data still left intact.

    In short, destruction is the way if there is sensitive data on d

    • where is the hard disk degausser for SSD's?

    • There should be no sensitive data on any disk. NIST SP 800-88 specifies cryprographic erase. If the org has implemented a state-of-the-art security program, their storage servers should have HSMs that are used to encrypt said data. Simply separating the HSM from the drive meets NIST SP 800-88.

      • wrongheaded thinking.

        today's crypto is tomorrow's near plain text

        destroy the disks, leave nothing to chance!

  • sooner or later they all do, so sooner or later if you're not destroying them somebody's gonna skip the erase step to save time & money. All it takes is one bad quarter on the stock market and everybody's open to new risks.

    I know this doesn't make me popular around here, but it's kind of the same reason I'm nervous about privately owned and run nuclear power plants. The US Navy can run a plant safely all day long but I wouldn't trust your average skeezy American businessman with something that potent

  • by doing some things in this list
    Get the DFU tool to be certificated for wiping and maybe drop the need for an 2th system to be directly linked to it
    letting enterprise level customs destroy disks under RMA (dell, HP do have this) with an in the field hard wipe + sending the wiped disk out to recycling / shredding center
    putting storage on cards on all systems
    selling new storage cards for all systems (needs to run DFU to install)
    ----------
    if must be done at apple service / apple store then must allow customer

  • When their data centers are destroyed by a one-per-century storm, they won't appreciate the irony.

  • Nuke from orbit. Only way to be sure. (Score:5, Interesting)

    by NeumannCons ( 798322 ) on Tuesday June 06, 2023 @05:11PM (#63581589) Homepage
    One of the companies I worked for would purchase (large expensive) used drives/arrays. Occasionally we would find financial or medical information stored on them. I'm surprised at some the large names that apparently skipped the sanitizing step. I wonder if some unusual event happened in those cases that caused the company skip that step. Did the Omaha branch office closed after firing all staff and bean counter rushed to sell everything off without telling IT department?

    Bill: "Hey Bob the Beancounter - those Omaha racks with servers on them that you sold last week... who did you find to clean them?"
    Bob: "Um, what do you mean by cleaned?"
    • Once upon a time I worked for [redacted], in the [redacted] industry. We had a rack mounted device that supplied security tokens for [redacted] service. While looking for some of our other scarce and needed equipment on eBay, I spotted one of these and bought it for maybe $150. One of the parent company security guys was relieved when I physically handed the device back to him... partner lab decommissioned without oversight, exactly the "Omaha branch office" scenario.

  • It's not just security, it's also cost/benefit. How much am I going to get selling used, out of warranty drives in bulk? How much does it cost me to securely erase the data on them vs just running them through a shredder?

    • DBAN usually takes a pretty long while to run. Also you have user error , you want to wipe 100 drives , what if you make a mistake and forget to wipe one? You plug it in , get distracted come back later and put it in the wiped pile with out it being wiped? At some point its just faster/cheaper to shred them. It takes only a couple min , and less chance of a screw up. Also now you have to sell 100 hard drives who is going to buy them? and for how much? If you are paying an employee to sell 100 drives , you
  • You could degauss the platters. Once done, you'd end up with a perfectly "smooth" magnetic flux field from which no previous data could be recovered. Re-install the platters and re-format.

    Alas, it's probably not "economically viable," as it would be labor-intensive and require a clean room.

    • Re: (Score:2, Informative)

      by Anonymous Coward

      You could degauss the platters. Once done, you'd end up with a perfectly "smooth" magnetic flux field from which no previous data could be recovered. Re-install the platters and re-format.
      Alas, it's probably not "economically viable," as it would be labor-intensive and require a clean room.

      Modern hard drives, everything since IDE was invented, don't have the ability to low-level format their platters. They don't have the hardware to do it, they have no software to do so, and without the factory low-level formatted tracks laid out, the drive isn't capable of using those platters.

      There's completely different machinery to lay out the low level tracks, in a way that the drive hardware isn't strong enough to modify.
      It's as close to "permanent" as magnetic media can have.

      If your degausser worked,

  • Hard drives are being destroyed because after a few years they're too small to be useful, even if they were as reliable as a new drive (which they aren't).
    Add in the risk of data leaking, and old drives become less than worthless.

    It might be possible to engineer drives with (relatively) easy to remove platters.
    That way, we could could recycle the rest of the drive and still be confident that the data was unrecoverable.
    But I doubt they'd be economical even so -- it would probably increase the cost more than

  • A lot of people are mentioning the hassle of wiping. I think if you rely on wiping, you're Doing It Wrong.

    (This is from a technical PoV only. If you're required to wipe due to an imposed policy, then like it says on the motivational poster: "You gotta do what you gotta do.")

    Some types of drive failures don't let you wipe the drive. The drive won't run. Thus, if you want to RMA a dead drive which is still under warranty, then you might have to send it back to the manufacturer with whatever is on the platters

    • If you are large enough customer, you negotiate warranty without sending it back. As long as you don't claim a lot more drives than statistically plausible, nobody will care. Manufacturers don't want the drives back either, again, unless there are more failures than expected, then they want a few random samples of failed drives to investigate.
  • I've have two cases I got used, where the drive had been removed to be destroyed... along with the sliding drive tray. What makes this especially stupid is that they were tool-less trays. You could remove the hard drive by simply bending it a little bit, then put the tray back. Fortunately one was a major brand and I was able to buy a replacement that fit a 3.5" SSD, but it still bothers me.

  • These devices are EOL, i.e. their reliability goes down. A storage device failing is usually a major event and a major pain. That said, as long as generic secure erasing of devices is still a mystery to even a lot of tech people, physical destruction is the only reliable approach.

    There is also an other factor: Old DC HDDs are usually power hogs, loud, vibrate, have high cooling needs and have small capacity compared to the current generation. Best re-use would probably be as paperweight.

  • Yes, please destroy the SMR drives.

    For the rest why isn't every bit preencrypted before hitting the data bus?

    I can just give a buddy of mine any of my drives with no worries as he doesn't have the magic 32 bytes.

    No surprise that .gov is a hugely wasteful polluter on this too.

  • Chia (Score:2)

    by t00le ( 136364 )

    With the size of the chia plots, even on 20tb+ drives simply copying a single tb, then wiping would make plot recovery close to impossible. Then, you would still need to have the ability to load the plot via a crypto secured method oob.

    Yes, I had a large Chia farm like a moron that was 1.5pb. Yes, I used to work for a hard drive (platter and nand) company. Yes, I think destroying drives unless under contract is stupid.

    Yes, I work in NAND now and most would think I have a vested interest in purging the platt

  • They actually recycle the valuable parts: https://quantumlifecycle.com/e... [quantumlifecycle.com].

    It is not like "shredding" means it is lost forever. In fact, given these are 5+ year old drives, it is likely the newly built drive "from the ashes" will make better use of these resources. That 10TB drive can become a 20TB today.

Slashdot Top Deals

THEGODDESSOFTHENETHASTWISTINGFINGERSANDHERVOICEISLIKEAJAVELININTHENIGHTDUDE

Close