GraniteBalls Aging fast 12262 Posts user info edit post |
So I was given the task of ensuring that this HDD's data is removed. It's a scsi drive.
Usually I'd just use a program like killdisk, but the catch here is that the drive is no longer recognized.
It's full of patient data and shit for a local doctor's office.
My question: Will it be sufficient to removed the platters from the drive and fuck'em up real good? I mean, I can scratch the everliving shit out of them, and I know it's not exactly conventional, but will it suffice? 3/15/2006 12:57:39 PM |
darkone (\/) (;,,,;) (\/) 11611 Posts user info edit post |
Just open the hard drive. Once you do that, someone would have to rebuild and repair the drive in a clean room environment. I don't think anyone wants your data badly enough to go through the effort. 3/15/2006 1:01:15 PM |
FroshKiller All American 51913 Posts user info edit post |
Drop it off a building. 3/15/2006 1:01:26 PM |
GraniteBalls Aging fast 12262 Posts user info edit post |
I was thinking about removing the platter and running it up and down the pavement outside.
but I wasnt sure if that was as good as a DoD wipe. 3/15/2006 1:08:59 PM |
30thAnnZ Suspended 31803 Posts user info edit post |
just smash the platters with a hammer 3/15/2006 1:12:25 PM |
Pyro Suspended 4836 Posts user info edit post |
Just take it home and throw it in your trash. Problem solved. 3/15/2006 1:12:44 PM |
GraniteBalls Aging fast 12262 Posts user info edit post |
^ He wants the drive back though.
I thought of the same thing.
I may just remove the platters and give the shell back to him. and take the platters home and fuck'em up. 3/15/2006 1:13:37 PM |
IROLA_BLUNT All American 535 Posts user info edit post |
Drill holes through the drive...maybe in the shape of a smiley face? or a dollar sign? get creative! 3/15/2006 1:19:19 PM |
GraniteBalls Aging fast 12262 Posts user info edit post |
I popped it open and scratched the fuck out of both sides of the platter.
and I put a hole or two in the platter as well.
and I broke off the R/W head.
and I took a magnet to the platter.
DoD's got nothing on this. 3/15/2006 1:21:02 PM |
Shaggy All American 17820 Posts user info edit post |
From the NIST Data Sanitation guide
Quote : | " IDE Hard Drives Overwrite media by using agency-approved and validated overwriting technologies/methods/tools.
Purge hard disk drives by either purging the hard disk drive in an NSA/CSS-approved automatic degausser or by disassembling the hard disk drive and purging the enclosed platters with an NSA/CSS-approved degaussing wand.
Destroy media in order of recommendations. 1. Disintegrate 2. Shred 3. Pulverize 4. Incinerate. Incinerate hard disk drives by burning the hard disk drives in an EPA-approved incinerator. " |
the doc can be found here: http://csrc.nist.gov/publications/drafts/DRAFT-sp800-88-Feb3_2006.pdf3/15/2006 1:23:47 PM |
GraniteBalls Aging fast 12262 Posts user info edit post |
So you're saying I should hammer the platter, then take a heat gun to it?
THE IS THE BEST $40 I'VE EVER EARNED. 3/15/2006 1:25:43 PM |
eraser All American 6733 Posts user info edit post |
The best way is to degauss it. Pass it through an extremely strong electromagnetic field. The data is on the disk using shifts in the polarity of a magnetic film. Exposing it to enough of a magnetic field will "shift" all of the bits to one polarity and the data will be gone.
[Edited on March 15, 2006 at 2:11 PM. Reason : +] 3/15/2006 2:06:58 PM |
Lokken All American 13361 Posts user info edit post |
what does the Department of Defense have to do with your hdd 3/15/2006 3:21:18 PM |
Incognegro Suspended 4172 Posts user info edit post |
take an electric sander to it while you're at it, sanding off the magnetic film promotes the reconstruction of that data to the realm of the damn near impossible
anything that doesn't involve warping, vaporizing, shredding, or otherwise physically mangling the magnetic film of the platters (if not the platters themselves) will leave partial polarizations of previous bit states in the film that, while very difficult and expensive to recover, is firmly within the realm of the possible
one of these days our security agencies will start relying on encryption to safeguard our national secrets, instead of really hoping nobody steals the hardware until they destroy it 3/15/2006 3:25:01 PM |
GraniteBalls Aging fast 12262 Posts user info edit post |
If anyone gets data off that drive, I'll shit myself.
The scratches, dents, and holes I put in it were beastly. 3/15/2006 3:30:54 PM |
eraser All American 6733 Posts user info edit post |
Quote : | "what does the Department of Defense have to do with your hdd" |
That DoD has standards for data destruction that many people in the civilian sector respect and abide by.3/15/2006 4:05:19 PM |
BobbyDigital Thots and Prayers 41777 Posts user info edit post |
and they created the TCP/IP suite 3/15/2006 4:15:13 PM |
MiniMe_877 All American 4414 Posts user info edit post |
Quote : | "what does the Department of Defense have to do with your hdd" |
he said it had patient data on it, and to comply with HIPAA regulations, you have to DoD wipe any storage medium since it contained patient data on it3/15/2006 5:00:56 PM |
gnu01 All American 874 Posts user info edit post |
best
Quote : | "The best way is to degauss it. Pass it through an extremely strong electromagnetic field. The data is on the disk using shifts in the polarity of a magnetic film. Exposing it to enough of a magnetic field will "shift" all of the bits to one polarity and the data will be gone." |
most fun (in order)
Quote : | "Drop it off a building." |
Quote : | "Drill holes through the drive...maybe in the shape of a smiley face? or a dollar sign? get creative!" |
3/15/2006 8:04:24 PM |
statepkt All American 3592 Posts user info edit post |
I believe your best choice is to shred the HD.....literally shed it.
If the doctors office is going to pay for it, there are several companies that will shed your HD into millions of little pieces 3/15/2006 8:06:16 PM |
Perlith All American 7620 Posts user info edit post |
^ Agreed. I don't know why he wants it back. If you can't destroy the drive with software, destroy it with hardware. If somebody wanted to badly enough, they could send that drive in to one of those "clean-room" recovery centers and get the data off of it.
Bobby, everybody knows we got TCP/IP from the Roswell aliens. 3/15/2006 8:42:10 PM |
KiLLm3rEd All American 1952 Posts user info edit post |
just take an acytalene cutting torch to it. 3/15/2006 8:46:21 PM |
eraser All American 6733 Posts user info edit post |
Quote : | "If somebody wanted to badly enough, they could send that drive in to one of those "clean-room" recovery centers and get the data off of it." |
Most of the things covered in this thread would destroy data to the point that it could not be recovered even by those means. Software methods are even capable of destroying data well enough that it could not be extracted in a clean-room.
The clean-room methods work if:
- The drive mechanism has failed. - The data has not been sufficiently overwritten. (3 times is still not enough)
If the platters are exposed and there is physical damage the chances of getting data back are close to nothing. (Which is why they need the "clean-room")3/15/2006 8:52:27 PM |
Aficionado Suspended 22518 Posts user info edit post |
thermite cures everything 3/15/2006 9:20:14 PM |
cheeze All American 892 Posts user info edit post |
wipe poop all over it. no way anyone will use it after that 3/15/2006 9:56:40 PM |
GraniteBalls Aging fast 12262 Posts user info edit post |
Yeah, I most def. fucked that drive up.
I only charged him $40, mainly because it was such a good time.
I took a heat gun to the controller card and the platters, removed a few capacitors with my pliers, and all the stuff I mentioned above.
That data is fucking gone.
I KNOCKED IT'S FUCKING THROAT OFF. 3/15/2006 10:17:33 PM |
0 Suspended 3198 Posts user info edit post |
best idea so far:
3/15/2006 11:11:08 PM |
J_Gatsby All American 1336 Posts user info edit post |
I'll have to agree, thermite ALWAYS wins 3/15/2006 11:15:42 PM |
GraniteBalls Aging fast 12262 Posts user info edit post |
TOO BAD IT TAKES FOREVER TO FUCKING MAKE. 3/16/2006 9:12:14 AM |
quagmire02 All American 44225 Posts user info edit post |
will standard ide hd platters shatter when you hammer them? i had a laptop hd that pulled apart and left the platter on the floor (for whatever dumb reason)...i rolled over it with my desk chair and the damnable thing shattered all over the place...took forever to pick up the pieces 3/16/2006 9:37:13 AM |
JonHGuth Suspended 39171 Posts user info edit post |
if i paid someone to DoD a hd in compliance with HIPAA regs i would expect them to actually follow DoD standards and not just scratch it on the pavement and run a heat gun over it 3/16/2006 10:25:38 AM |
quagmire02 All American 44225 Posts user info edit post |
and yet...i'm betting GraniteBalls' method was more effective than any simple removal of data...besides, his boss doesn't know jack about DoD standards, he's probably just copying some television show 3/16/2006 10:48:24 AM |
JonHGuth Suspended 39171 Posts user info edit post |
yeah but you cant go playing around with "just as good" methods when it comes to HIPAA regs 3/16/2006 10:52:03 AM |
tjoshea All American 4906 Posts user info edit post |
SHRED(1) User Commands SHRED(1)
NAME shred - delete a file securely, first overwriting it to hide its contents
SYNOPSIS shred [OPTIONS] FILE [...]
DESCRIPTION Overwrite the specified FILE(s) repeatedly, in order to make it harder for even very expensive hardware probing to recover the data.
Mandatory arguments to long options are mandatory for short options too.
-f, --force change permissions to allow writing if necessary
-n, --iterations=N Overwrite N times instead of the default (25)
-s, --size=N shred this many bytes (suffixes like K, M, G accepted)
-u, --remove truncate and remove file after overwriting
-v, --verbose show progress
-x, --exact do not round file sizes up to the next full block;
this is the default for non-regular files
-z, --zero add a final overwrite with zeros to hide shredding
- shred standard output
--help display this help and exit
--version output version information and exit
Delete FILE(s) if --remove (-u) is specified. The default is not to remove the files because it is common to operate on device files like /dev/hda, and those files usually should not be removed. When operating on regular files, most people use the --remove option.
CAUTION: Note that shred relies on a very important assumption: that the filesystem overwrites data in place. This is the tradi- tional way to do things, but many modern filesystem designs do not satisfy this assumption. The following are examples of filesys- tems on which shred is not effective:
* log-structured or journaled filesystems, such as those supplied with
AIX and Solaris (and JFS, ReiserFS, XFS, Ext3, etc.)
* filesystems that write redundant data and carry on even if some writes
fail, such as RAID-based filesystems
* filesystems that make snapshots, such as Network Appliance's NFS server
* filesystems that cache in temporary locations, such as NFS
version 3 clients
* compressed filesystems
In addition, file system backups and remote mirrors may contain copies of the file that cannot be removed, and that will allow a shredded file to be recovered later.
AUTHOR Written by Colin Plumb.
REPORTING BUGS Report bugs to <bug-coreutils@gnu.org>.
COPYRIGHT Copyright (C) 2004 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
SEE ALSO The full documentation for shred is maintained as a Texinfo manual. If the info and shred programs are properly installed at your site, the command
info coreutils shred
should give you access to the complete manual. shred (coreutils) 5.2.1 July 2004 SHRED(1)
(works in cygwin) 3/16/2006 10:53:41 AM |
GraniteBalls Aging fast 12262 Posts user info edit post |
Quote : | "yeah but you cant go playing around with "just as good" methods when it comes to HIPAA regs" |
That's what I was worried about too.
but I dont think my method is "just as good". I think my method is "better than that".
If the DoD had the time to dedicate to each drive they wanted to destroy, I'm sure they would've done the exact same thing.
and many of the things I did to this drive are listed in the DoD standard anyway.
Quote : | "Destroy media in order of recommendations. 1. Disintegrate 2. Shred 3. Pulverize 4. Incinerate. Incinerate hard disk drives by burning the hard disk drives in an EPA-approved incinerator. " |
I def. Pulverized and shredded it (the cheese holes I put in it with my dremel qualify, since there are about 5-6)
I would've done more, but I thought that I had met/exceeded the standards. The scratches I put in that platter weren't small scratches that could be buffed out or anything, i put gouges in them to the point were my knuckles were turning white.3/16/2006 11:39:48 AM |