Rich Freeman on 22 Oct 2017 12:36:57 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Securely destroy and responsibly recycling hardware


On Sun, Oct 22, 2017 at 3:24 PM, John Kreno <john.kreno@gmail.com> wrote:
>
> I'm not entirely sure, but I believe that drilling through the
> magnetic platters will shatter them. You may not destroy the actual
> data on them, but you have made life very difficult for someone trying
> to get at your data. You could also just write over the whole disk
> many times, but it takes time.
>

Before you go smashing and drilling holes, if the drive is accessible
I recommend sending it a secure erase command:
https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase

Yes, the NSA might have a back door, but anybody short of a national
government won't.  At the very least it won't hurt.  For an SSD this
is probably the most reliable way to ensure everything is overwritten.
For a hard drive it is very fast and provides a high level of security
if properly implemented.  (The proper way is for the drive to always
encrypt everything with a key stored in the firmware, and when it
receives the secure erase command it forgets the old key and generates
a new one.  It has the side effect of rendering drive platters
unreadable if divorced from their controller.)

By all means do whatever you want afterwards.

My personal approach is to issue a secure delete, run shred, and then
toss it in the trash.

A better approach still is to run software full disk encryption.  Then
you can just toss them in the trash without worrying about the
security of any underlying layers, unless you think the NSA snuck a
rootkit into your hard drive firmware (which apparently is a thing).
However, if they've done that chances are they're the only one who can
read the data stored encrypted on the drive, and they probably already
have a copy of everything they care about unless you're on the other
side of an air gap and are REALLY good at screening employees and
physical security.

--
Rich
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug