User not logged in - login - register
Home Calendar Books School Tool Photo Gallery Message Boards Users Statistics Advertise Site Info
go to bottom | |
 Message Boards » » DoD equivalent Data destruction... Page [1]  
GraniteBalls
Aging fast
12262 Posts
user info
edit post

So I was given the task of ensuring that this HDD's data is removed. It's a scsi drive.

Usually I'd just use a program like killdisk, but the catch here is that the drive is no longer recognized.

It's full of patient data and shit for a local doctor's office.


My question: Will it be sufficient to removed the platters from the drive and fuck'em up real good? I mean, I can scratch the everliving shit out of them, and I know it's not exactly conventional, but will it suffice?

3/15/2006 12:57:39 PM

darkone
(\/) (;,,,;) (\/)
11611 Posts
user info
edit post

Just open the hard drive. Once you do that, someone would have to rebuild and repair the drive in a clean room environment. I don't think anyone wants your data badly enough to go through the effort.

3/15/2006 1:01:15 PM

FroshKiller
All American
51913 Posts
user info
edit post

Drop it off a building.

3/15/2006 1:01:26 PM

GraniteBalls
Aging fast
12262 Posts
user info
edit post

I was thinking about removing the platter and running it up and down the pavement outside.


but I wasnt sure if that was as good as a DoD wipe.

3/15/2006 1:08:59 PM

30thAnnZ
Suspended
31803 Posts
user info
edit post

just smash the platters with a hammer

3/15/2006 1:12:25 PM

Pyro
Suspended
4836 Posts
user info
edit post

Just take it home and throw it in your trash. Problem solved.

3/15/2006 1:12:44 PM

GraniteBalls
Aging fast
12262 Posts
user info
edit post

^ He wants the drive back though.


I thought of the same thing.


I may just remove the platters and give the shell back to him. and take the platters home and fuck'em up.

3/15/2006 1:13:37 PM

IROLA_BLUNT
All American
535 Posts
user info
edit post

Drill holes through the drive...maybe in the shape of a smiley face? or a dollar sign? get creative!

3/15/2006 1:19:19 PM

GraniteBalls
Aging fast
12262 Posts
user info
edit post

I popped it open and scratched the fuck out of both sides of the platter.


and I put a hole or two in the platter as well.

and I broke off the R/W head.

and I took a magnet to the platter.




DoD's got nothing on this.

3/15/2006 1:21:02 PM

Shaggy
All American
17820 Posts
user info
edit post

From the NIST Data Sanitation guide

Quote :
"
IDE Hard Drives
Overwrite media by using agency-approved and validated overwriting technologies/methods/tools.

Purge hard disk drives by either purging the hard disk drive in an NSA/CSS-approved automatic degausser or by disassembling the hard disk drive and purging the enclosed platters with an NSA/CSS-approved degaussing wand.

Destroy media in order of recommendations.
1. Disintegrate
2. Shred
3. Pulverize
4. Incinerate. Incinerate hard disk drives by burning the hard disk drives in an EPA-approved incinerator.
"


the doc can be found here:
http://csrc.nist.gov/publications/drafts/DRAFT-sp800-88-Feb3_2006.pdf

3/15/2006 1:23:47 PM

GraniteBalls
Aging fast
12262 Posts
user info
edit post

So you're saying I should hammer the platter, then take a heat gun to it?



THE IS THE BEST $40 I'VE EVER EARNED.

3/15/2006 1:25:43 PM

eraser
All American
6733 Posts
user info
edit post

The best way is to degauss it. Pass it through an extremely strong electromagnetic field. The data is on the disk using shifts in the polarity of a magnetic film. Exposing it to enough of a magnetic field will "shift" all of the bits to one polarity and the data will be gone.

[Edited on March 15, 2006 at 2:11 PM. Reason : +]

3/15/2006 2:06:58 PM

Lokken
All American
13361 Posts
user info
edit post

what does the Department of Defense have to do with your hdd

3/15/2006 3:21:18 PM

Incognegro
Suspended
4172 Posts
user info
edit post

take an electric sander to it while you're at it, sanding off the magnetic film promotes the reconstruction of that data to the realm of the damn near impossible

anything that doesn't involve warping, vaporizing, shredding, or otherwise physically mangling the magnetic film of the platters (if not the platters themselves) will leave partial polarizations of previous bit states in the film that, while very difficult and expensive to recover, is firmly within the realm of the possible

one of these days our security agencies will start relying on encryption to safeguard our national secrets, instead of really hoping nobody steals the hardware until they destroy it

3/15/2006 3:25:01 PM

GraniteBalls
Aging fast
12262 Posts
user info
edit post

If anyone gets data off that drive, I'll shit myself.


The scratches, dents, and holes I put in it were beastly.

3/15/2006 3:30:54 PM

eraser
All American
6733 Posts
user info
edit post

Quote :
"what does the Department of Defense have to do with your hdd"


That DoD has standards for data destruction that many people in the civilian sector respect and abide by.

3/15/2006 4:05:19 PM

BobbyDigital
Thots and Prayers
41777 Posts
user info
edit post

and they created the TCP/IP suite

3/15/2006 4:15:13 PM

MiniMe_877
All American
4414 Posts
user info
edit post

Quote :
"what does the Department of Defense have to do with your hdd"


he said it had patient data on it, and to comply with HIPAA regulations, you have to DoD wipe any storage medium since it contained patient data on it

3/15/2006 5:00:56 PM

gnu01
All American
874 Posts
user info
edit post

best

Quote :
"The best way is to degauss it. Pass it through an extremely strong electromagnetic field. The data is on the disk using shifts in the polarity of a magnetic film. Exposing it to enough of a magnetic field will "shift" all of the bits to one polarity and the data will be gone."


most fun (in order)

Quote :
"Drop it off a building."


Quote :
"Drill holes through the drive...maybe in the shape of a smiley face? or a dollar sign? get creative!"

3/15/2006 8:04:24 PM

statepkt
All American
3592 Posts
user info
edit post

I believe your best choice is to shred the HD.....literally shed it.

If the doctors office is going to pay for it, there are several companies that will shed your HD into millions of little pieces

3/15/2006 8:06:16 PM

Perlith
All American
7620 Posts
user info
edit post

^
Agreed. I don't know why he wants it back. If you can't destroy the drive with software, destroy it with hardware. If somebody wanted to badly enough, they could send that drive in to one of those "clean-room" recovery centers and get the data off of it.

Bobby, everybody knows we got TCP/IP from the Roswell aliens.

3/15/2006 8:42:10 PM

KiLLm3rEd
All American
1952 Posts
user info
edit post

just take an acytalene cutting torch to it.

3/15/2006 8:46:21 PM

eraser
All American
6733 Posts
user info
edit post

Quote :
"If somebody wanted to badly enough, they could send that drive in to one of those "clean-room" recovery centers and get the data off of it."


Most of the things covered in this thread would destroy data to the point that it could not be recovered even by those means. Software methods are even capable of destroying data well enough that it could not be extracted in a clean-room.

The clean-room methods work if:

- The drive mechanism has failed.
- The data has not been sufficiently overwritten. (3 times is still not enough)

If the platters are exposed and there is physical damage the chances of getting data back are close to nothing. (Which is why they need the "clean-room")

3/15/2006 8:52:27 PM

Aficionado
Suspended
22518 Posts
user info
edit post

thermite cures everything

3/15/2006 9:20:14 PM

cheeze
All American
892 Posts
user info
edit post

wipe poop all over it. no way anyone will use it after that

3/15/2006 9:56:40 PM

GraniteBalls
Aging fast
12262 Posts
user info
edit post

Yeah, I most def. fucked that drive up.


I only charged him $40, mainly because it was such a good time.

I took a heat gun to the controller card and the platters, removed a few capacitors with my pliers, and all the stuff I mentioned above.

That data is fucking gone.

I KNOCKED IT'S FUCKING THROAT OFF.

3/15/2006 10:17:33 PM

0
Suspended
3198 Posts
user info
edit post

best idea so far:

Quote :
"thermite"

3/15/2006 11:11:08 PM

J_Gatsby
All American
1336 Posts
user info
edit post

I'll have to agree, thermite ALWAYS wins

3/15/2006 11:15:42 PM

GraniteBalls
Aging fast
12262 Posts
user info
edit post

TOO BAD IT TAKES FOREVER TO FUCKING MAKE.

3/16/2006 9:12:14 AM

quagmire02
All American
44225 Posts
user info
edit post

will standard ide hd platters shatter when you hammer them? i had a laptop hd that pulled apart and left the platter on the floor (for whatever dumb reason)...i rolled over it with my desk chair and the damnable thing shattered all over the place...took forever to pick up the pieces

3/16/2006 9:37:13 AM

JonHGuth
Suspended
39171 Posts
user info
edit post

if i paid someone to DoD a hd in compliance with HIPAA regs i would expect them to actually follow DoD standards and not just scratch it on the pavement and run a heat gun over it

3/16/2006 10:25:38 AM

quagmire02
All American
44225 Posts
user info
edit post

and yet...i'm betting GraniteBalls' method was more effective than any simple removal of data...besides, his boss doesn't know jack about DoD standards, he's probably just copying some television show

3/16/2006 10:48:24 AM

JonHGuth
Suspended
39171 Posts
user info
edit post

yeah but you cant go playing around with "just as good" methods when it comes to HIPAA regs

3/16/2006 10:52:03 AM

tjoshea
All American
4906 Posts
user info
edit post

SHRED(1) User Commands SHRED(1)

NAME
shred - delete a file securely, first overwriting it to hide its contents

SYNOPSIS
shred [OPTIONS] FILE [...]

DESCRIPTION
Overwrite the specified FILE(s) repeatedly, in order to make it harder for even very expensive hardware probing to recover the data.

Mandatory arguments to long options are mandatory for short options too.

-f, --force
change permissions to allow writing if necessary

-n, --iterations=N
Overwrite N times instead of the default (25)

-s, --size=N
shred this many bytes (suffixes like K, M, G accepted)

-u, --remove
truncate and remove file after overwriting

-v, --verbose
show progress

-x, --exact
do not round file sizes up to the next full block;

this is the default for non-regular files

-z, --zero
add a final overwrite with zeros to hide shredding

- shred standard output

--help display this help and exit

--version
output version information and exit

Delete FILE(s) if --remove (-u) is specified. The default is not to remove the files because it is common to operate on device
files like /dev/hda, and those files usually should not be removed. When operating on regular files, most people use the --remove
option.

CAUTION: Note that shred relies on a very important assumption: that the filesystem overwrites data in place. This is the tradi-
tional way to do things, but many modern filesystem designs do not satisfy this assumption. The following are examples of filesys- tems on which shred is not effective:

* log-structured or journaled filesystems, such as those supplied with

AIX and Solaris (and JFS, ReiserFS, XFS, Ext3, etc.)

* filesystems that write redundant data and carry on even if some writes

fail, such as RAID-based filesystems

* filesystems that make snapshots, such as Network Appliance's NFS server

* filesystems that cache in temporary locations, such as NFS

version 3 clients

* compressed filesystems

In addition, file system backups and remote mirrors may contain copies of the file that cannot be removed, and that will allow a
shredded file to be recovered later.

AUTHOR
Written by Colin Plumb.

REPORTING BUGS
Report bugs to <bug-coreutils@gnu.org>.

COPYRIGHT
Copyright (C) 2004 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.

SEE ALSO
The full documentation for shred is maintained as a Texinfo manual. If the info and shred programs are properly installed at your
site, the command

info coreutils shred

should give you access to the complete manual.
shred (coreutils) 5.2.1 July 2004 SHRED(1)

(works in cygwin)

3/16/2006 10:53:41 AM

GraniteBalls
Aging fast
12262 Posts
user info
edit post

Quote :
"yeah but you cant go playing around with "just as good" methods when it comes to HIPAA regs"


That's what I was worried about too.


but I dont think my method is "just as good". I think my method is "better than that".

If the DoD had the time to dedicate to each drive they wanted to destroy, I'm sure they would've done the exact same thing.

and many of the things I did to this drive are listed in the DoD standard anyway.

Quote :
"Destroy media in order of recommendations.
1. Disintegrate
2. Shred
3. Pulverize
4. Incinerate. Incinerate hard disk drives by burning the hard disk drives in an EPA-approved incinerator.
"


I def. Pulverized and shredded it (the cheese holes I put in it with my dremel qualify, since there are about 5-6)

I would've done more, but I thought that I had met/exceeded the standards. The scratches I put in that platter weren't small scratches that could be buffed out or anything, i put gouges in them to the point were my knuckles were turning white.

3/16/2006 11:39:48 AM

 Message Boards » Tech Talk » DoD equivalent Data destruction... Page [1]  
go to top | |
Admin Options : move topic | lock topic

© 2024 by The Wolf Web - All Rights Reserved.
The material located at this site is not endorsed, sponsored or provided by or on behalf of North Carolina State University.
Powered by CrazyWeb v2.39 - our disclaimer.