How about thermite? If it can burn through an engine block it would destroy a hard drive.
It's a lot cheaper, a lot more fun and I'm convinced it would be more effective too :-P
Disk drives are extraordinarily resilient. I've seen one that had been run over, dropped in a toilet and then thrown out of the window of a seven-storey office block. It looked unusable. Kroll Ontrack managed to recover virtually all the data on it by drying it and taking it apart. picture of hard disk crusher Hard disk …
Title's inaccurate. I wondered what good a 60/day drill would do -- I could sledge-hammer them faster than that. 60 an HOUR though... that's pretty decent. This would be great for excessive amounts of disk disposal. I wonder if it'll clamp onto the old 5 1/4" drives (yes, we still get those in too.)
When a hammerdrill + a bench vice = ~$100-150 (if that)
OK - might take slightly longer than a minute per drive, but at that price you could buy two, and hire two monkeys.... err.. I mean students to do it.
Not Paris, 'cos I wouldn't want to drill her, even for $11,500
I dunno, if I was a first- or second-world country and I came across one of these "drilled drives" in an embassy dumpster, and I suspected that it had something tasty on it (the drive, not the dumpster), I'll bet I could find some means of navigating the surface. Atomic force microscope? How effective would it be to run a drill bit backwards through the spindle hole? Would that flatten the ripples enough to enable some faster method of scanning the surface? Maybe...
IIRC, US DOD standards for retiring drives that may have contained classified information require the drive to be disassembled and the oxide removed with a belt sander or grinder. I don't think this new machine is more effective.
I like the thermite, though -- even if the entire disk didn't get melted into slag, I imagine the heat would effectively randomize any remaining media. Much quicker than a belt sander, too!
Invest in a set of Torx, and open the drive up.
If it's a multiplatter, I've heard from HD recovery people that the platters are aligned using information on the platters itself. If you twist them apart, then the alignment is screwed up, and basically no information can be read.
If it's single platter, just take the platter out, scratch it up, and use it as a coaster.
One of those ink re-filler Syringes a bottle of your fave fizzy drink (Irn-Bru for me)
Fill the syringe and pierce the "air hole" and fill the insides with the drink. wait a few hours or so and drain. The Fizzy drink has eaten some of the surface of the platters, and the sticky gunk makes the drive motors useless.
Heck see what those drinks can do to your teeth! :-\ :-/
But Thermite or Pick-Axe are better stress busting way's to go.....
I have drilled a drive once (for destruction reasons), but those platters are fscking hard, maybe you need a masonry drill - but that doesn' cut through the case.
Harddisks are amazingly tough things to destroy. For simple end user block, all you need to do it to spin it up and then drop (i.e. its head is unparked so you create a head crash), but that is easy for a recovery company - you need real physical damage to the platters before you can be sure it'll be hard work.
As for sledgehammer use - that doesn't guarantee unreadable platters but it's quite fun in a destructive sort of way. And you sure as hell won't do 60 an hour :-).
It's called Jamie (nearly 8) who, armed with a selection of my screwdrivers, can reduce a drive to it's component parts in less than 15 minutes.
Once the platters have been in his sand-pit for half a day, I defy anyone to recover significant data :-)
He's got to be worth 20 squids a drive, any takers?
If you have loads of drives to destroy then a shredder would be loads quicker and leave the platters in teeny little bits.
Plus a shredder could be used to destroy other useless IT bits.
And, shredders are fun:
Pissed off with that cranky office copier? These people can bring you joy!
Hire Large computer illiterate.
Punch a couple holes with a pick axe.
Fill holes with K2 paint remover or other industrial solvent.
It will disolve the top layer of the platters.
The other option is the 100ton hydraulic press.
Put disk in sideways and crush, turn 90 degrees and crush to cube.
Not sure why a *hammer* drill is needed, since they require special bits intended for pounding apart masonry which do a worse job of going through metal than a regular drill fitted with a twist bit optimised for the task. Still, whatever floats your boat.
Wouldn't sticking them in a demagnetiser, then switching the thing off while the disk was still inside work? There are all sorts of warnings about not doing this in the instructions for a demagnetiser. Something about allowing the hysteresis curve to collapse gracefully.
I wish I'd paid attention to Mr Miller's O level physics class now.
Alien because the hard sums involved might as well come from Arcturus for all I understand them.
I was under the impression thatThermit was the canonical method for the destruction of magnetic media.
Saying that though, I think the microwave idea is inspired and, since you could fit a fair few drives in an industrial microwave it ought to work.
My own idea (that just popped into my head) is to use induction-loop heating to melt them -- this should produce a similar result to Thermit, but without the need for combustion, I think the magnetic field might have some effect too.
For the money they charge the method is simply not good enough.
a new wafer fab was being built. One of the unix sysadmins walked out with a box full of dead drives, placed them side on and asked the road making team to run the road roller over them.
The mashed parts were shovelled up and mixed further on in the access road's concrete bed.
Eye protection due to flying plastic ;-)
Thermite has been suggested, but no-one seems to have thought of stacking drives and piling thermite on top. Depending on what the specific drives are made of, you could get through the whole lot in one run. Perhaps about 2 mins for 20 HDDs (pessimisstically).
Another possibility is to invest in a bolt driver or rivet gun. And for added extra carnage, power up the drive before-hand. A high-powered rivet smashing through spinning platters would be fun, spectaular and very, very effective.
Most people here seem to underestimate the durability of the average harddrive. It is easy to make sure that a drive isn't readable in a computer - just snap off a few of the surface mount components near the power jack. If you want to make sure that someone with some actual money to spend doesn't read them, you have to beat them up pretty hard.
I've heard that platters are pretty heat and chemical resistant, plus I doubt a microwave would even be able to penetrate the case (probably just damaged the external circutry in the above example.)
I don't know how these ripples work in the presented device, but I imagine that they wouldn't make recovery completely impossible. I do like the thermite ideas, or any other heat enough to actually melt the platters (could be difficult, those are made from some serious materials.) Nobody has suggested shaped charges though - just bend the drive into a doughnut, then melt it, within a fraction of a second. You could probably nail a few at a time too.
And explosives are far more fun than drills or hammers : -)
Do a search on YouTube for "hard disk crusher" and you can see the beast in action. While it makes a noise very much like a drill, and the conical ram does punch through rather than bend the casing, it is a crusher, not a drill. The ram does not rotate.
Then go and have a look all the related crushing and shredding videos! Whee! Fun!
The EDR site has a not so fun, FUD-filled flash presentation, explaining why theirs is the only solution. (Apparently degaussing a modern drive can fry the heads, but leave the data on the platters still readable(!). And those nasty hard drives might jam your heavy duty industrial shredder. Oooh!)
I think the main reason why a company would use one of these instead of more rough and ready methods is good old Health and Safety. *You* know that you can wield a hammer or pickaxe against a hard drive without causing self-injury, but H&S policy says you're not trusted to do this.
Going back to YouTube, did anyone consider the possibilities of the bench vice? It can crush a laptop drive sideways on, so a desktop drive held crosswise between the jaws could probably be crushed enough to buckle the platters.
"I have drilled a drive once (for destruction reasons), but those platters are fscking hard, maybe you need a masonry drill "
No a good quality metal speed bit is all you need. Takes me maybe 10 seconds to drill right through a drive with a 3/8" bit on my drill press.
Tried powering one up that I didn't drill through the board too. Boy did it sake!
Nothing like a 4000°C flame to make short work of a hard drive. You could line up a hundred drives and just burn right through the entire stack in no time. You can slice right through the heaviest gauge steel beams with one of them, a hard drive would not stand a chance.
Just put the drives in a hydraulic ram or log splitter and smash them lengthwise. Can get a decent one for a few hundred $. That ought to do it. For the really paranoid, drop the remains in a bucket of a fairly strong acid or base--like drain cleaner. Or spray the platters with oven cleaner---that would tend to do the trick too.
What you are paying for here, is not just a safe method of disposing of hard drives, but the peace of mind that you are not going to be sued by an employee who has just been mutilated beyond recognition by thermite, high caliber bullet ricochets or fizzy pop injections.
Whats the real 'cost of ownership' of your scrap heap challenge hard drive death machines?
When I was bored at work, I took an already damaged laptop HD--many bad sectors and wouldn't pass a chkdsk, but most of the data was still readable--and passed a bulk tape eraser over it. The tape eraser plugs in to the mains, and would violently pick up the drive and slam it into the sole plate of it, where it would hang and emit an angry buzzing sound, and even heat up some. I did this about 8 or so times on both sides, then tried to read the drive. It had a few more errors than before, but I was astonished to find that most of the data was undamaged and as readable as when I started.
That takes me back a bit... to the 1980s.
A friend in the military had taken an 8inch floppy disk to the range and shot it up with a 9mm. It must have had about 5 or so holes through the disk. He took this back to the office and pinned it to the wall. Some visiting general saw the disk and asked about it, so he concocted a story about how they were designing a fault tolerant file system so that computers could contine to function even after hit by enemy fire. The general was very impressed and even made reference to it in some speech he made a few days later.
Well said. Very eloquently spoken. And a F*ck you to all the haters who seem to think that they have a right to judge! FFS, i wouldn't mind betting that all the people, that commented negatively, would give their eye teeth for the ability to provide for their family as this man can. All you have to do is concentrate and work hard. A concept lost on most of the inhabitants of this green and pleasant land!
Not as much fun as my method... For years I've been destroying old hard drives for work... I used to take them apart and use the platters to make wind chimes. Given that most drives stripe data across multiple platters, once they're removed from the spindles and strung together (also involved having some small holes drilled in them), you'd really be hard pushed to get any sense out of them.
However, recently I had a big batch of them which the boss insisted I destroyed completely without any chance of data being recovered, he even asked for proof... Easy... Line the drives up and slice them in half (case and all) with an oxyacetylene cutting torch. Much fun... I took half a drive back to the office and asked if he'd like me to plug it in!
I'll admit thermite would be more spectacular, but with a torch you can be far more creative... I'll see what I can do...
The icon, well come one, it's gotta be hasn't it!
For you my friend, 75%! No, wait, wait, I know you, you honest man, try to make living yes? Family need Cococola, symbol of free western world, yes? For you half price! Absolutely ice-cold!
I reckon I can do 60 drives per hour with a trusty claw hammer, and I'll do it for hal price.
I defy anyone to read data off a platter that has been hammered into a U-shape.
You guys that suggest a drill or hammer are taking the piss.
At present, we are taking our faulty drives to a recycler, that runs them through some crazy-ass hard drive shredder.
"When a hammerdrill + a bench vice = ~$100-150 (if that)
OK - might take slightly longer than a minute per drive, but at that price you could buy two, and hire two monkeys.... err.. I mean students to do it."
Try "buy two per week". Hard drives are hard, we tried conventional drilling, and also a rotary saw, and the drives simply destroy the drills and saws. Fast. I think you could get a heavy-duty rig that'd work for under $11,000, but it's not going to cost like $100.
"14lb club hammer, a cold chisel and a steady-handed, fearless co-worker - everything you need to render a hard disk unreadable, and a lot less than $11.5k"
Until they are injured. Sledgehammering hard disks is fun as hell, chisel or no, but flying chunks are a significant risk.. it seems like someone almost got hit in the eye every time we did this.. and the sledgehammerer rapidly gets a sore arm. You cannot do many disks this way.
I too was once perplexed by this so I asked a contact who works in a data recovery centre about this a few years ago. It's called redundancy.
Now most people who know anything about how magnetic media store data understand the principle that a particle magnetised one way (N-S) represents a 0 and magnetised the other way (S-N) represents a 1. But then they imagine that 1 particle represents 1 bit of data, and this is not the case. What actually happens is that 1 bit can be represented by *dozens* of particles. When a 0 is written to what was previously a 1, *most* (but not all) of the particles are polarised to point in the 0-direction. Some are missed because of the speed at which the drive works. Even multiple writes won't change ALL of the particles - the number that do change with each write reduces with successive writes. All that matters as far as the drive controller is concerned is that if most of the particles are magnetised in the 0-direction, the bit is a 0, even if a few particles still point in the 1-direction.
Now a dedicated platter scanner (such as what my contact used at work) can scan a platter and read what the minority amount of particles are set to, rather than the majority as the drive head does. In this way, it is possible to retrieve overwritten data even if the drive has been zero-formatted multiple times.
the bastard dropped one call too many, so I had it run over by a fully loaded M1-A2 tank. The remains are in a baggy hanging over my desk.
That was simply the most liberating thing I've ever done, to destroy a piece of equipment.
Quite frankly all of the ideas for drive destruction are great, but the smart & most entertainment for the money definately has to go to Thermite.
On a side note, I think El Reg owes it to the world of IT to hold a contest for the most thorough AND verifiable method of toasting a drive. The person who does it cheapest wins technical immortality, fame, women (or men, or what ever trips your trigger), a pint hoisted in the winner's name and possibly a coffee mug or T-Shirt.
I'd be willing to pony up $3.00 to the prize pot...
The article (and one commentor) mentions that Degaussing doesn't (always) work, but still it's suggested a few times. Plus a heap of repeated variations on the smash/blowup protocol, and how it will cost between say 0 and 150 quid.
OK, done with the amateurism? If you make your own process, not only will it fail every so often (see above) but it will ruin your company's ISO 9001 (or similar) status, or require them an audit of the method costing, costing a multiple of said 11 500quid.
This method is (or should be) a certified method to both reliably DESTROY a HD and KEEP a record of this destruction.
Or are you satisfied and not doubtful at all if say the tax people, FBI or LLNL weapons techies claim that they have most assuredly destroyed sensitive records, and not mislaid them at all? Idiots.
My favourite method is to take the drive cover off, bridge both positive and both negative leads and hook them up to 2-12V car batteries wired up in series. I get the platters going nice and quick, then drop something abrasive or sharp on them. I find a dental pick works well, as does random bits of rocks (properly secured, of course). It's a helluva lot of fun, and I doubt anyone would want to bother with my data anyway. :-P
I've tried boot and nuke, it's fine until it comes across a bad sector, then it really really slows down.
Instead, I take the top off, and hit the platters and heads with a claw hammer, so I get lots of dents and buckled platters. (I was most suprised at the first IBM drive I came across, no dents just a load of shattered glass!)
I wasn't too suprised about the deguasser, inside the (desktop) hard drive is a powerful magnet used for moving the head about. It's a bit strange, for years been told keep data away from magnets, speakers etc etc, and there's a magnet inside the dam thing! Not sure about lappy drivers, I just hit them till they start rattling!
On the top of my machine's case sits a silver dog-turd shaped ornament. It is a solid lump of mazak (or similar soft metal) which is the melted-then-solidified remnant of a HDD casing.
My preferred method of HDD disposal is to first run DBAN (Daryk's Boot And Nuke) on it (details below). This is a little Linux app on a bootable floppy which over-writes the entire disk with a psuedo-random number sequence. I think it uses the Guttman algorithm.
DBAN is more practical with older, smaller drives because it takes a very long time - days not hours - to do a modern high capacity drive.
Then comes the fun bit - physical destruction of the drive.
In the summer I break it up. Rather than trying to dismantle it to its components, I use a 4lb club hammer. The main metal body of the drive is mazak (or a similiar whitemetal) and a few judicious blows with the hammer will shatter it. Putting it in the freezer compartment of the fridge overnight makes it more brittle.
With the case smashed, it's easy to prise out the platters, fold them over and hammer them flat, then repeat. You end up with buckled quadrants which then be dropped into a canal, buried in the garden or whatever.
This is a very therapeutic process. Smashing things - even small things - with a hand hammer is a great way of releasing aggression. I think of the bosses I've had as I wield the hammer.
In the winter, I simply put the DBAN-ed drive (complete) into the coal stove that heats my house and open the draught flap to get a good hot fire. The external components and connectors burn away first, then the cast case melts (and pours through the grate to settle in the ashpan as a turd-shaped blob).
By the time everything has cooled down only the steel top sheet, the spindle and its washers, and a few pressed steel components remain. Of the platters and the PCB circuit board with the firmware there is no trace.
Mind you, I suspect this is overkill. Running DBAN is enough. It renders data unrecoverable by most commonly available software recovery tools. Yes, data may still be recoverable by magnetic remanence scanning or by electron microscopy (the apocryphal example being data recovered from servers in the crushed wreckage of the World Trade Centre) but those high-end processes cost thousands of pounds. Be honest - is anyone *that* interested in your data?
Are they interested in mine? No, of course not. I just like destroying things ;)
"A self-contained boot disk that will automatically and completely delete the contents of any hard disk that it can detect... a means of ensuring due diligence in computer recycling, a way of preventing identity theft if you want to sell a computer, and a good way to totally clean a Microsoft Windows installation of viruses and spyware. DBAN prevents or thoroughly hinders all known techniques of hard disk forensic analysis."
The magnetic heads modify the magnetic patterns to within certain tolerances, but there will be traces of the old patterns left behind.
If you're just writing zeroes repeatedly, the pattern left on a "1" bit will be a bit stronger than that left on a "0" bit. There's also likely to be a bit of leakage around the edges due to imprecision in seeking the drive heads. The weakened pattern will likely be there even after multiple passes.
If you want to keep a drive in working order (but otherwise erased), you will want to write randomised data repeatedly over the entire drive, in such a fashion that the degree of "fading" will not be predictable.
So while writing zeroes is good enough for attempts to read data using the shipped drive electronics, it will not protect against a determined attacker with the right specialised tools.
> but those high-end processes cost thousands of pounds. Be honest - is anyone
> *that* interested in your data?
nail meet head,
a relative asked just the other day what he should do with his old harddrive, i recommended running 'boot & nuke' then pulling out the old drive and hitting it a few times with a lump hammer and then chucking it in the bin
even if 'imaginary criminal' got hold of every drive thrown away, i'm sure they'd be considerably wealthier if they didn't spend thousands on recovering the data from every damaged drive mostly full of holiday pictures, letters to aunt maud and malware which slowed the old pc down so much they end up buying a new pc
methinks most replies on here have a extra dose of paranoia mixed with geeky fun
I use a cheap 4 step method:
1st : dd if=/dev/random of=/dev/hdX
(just overwrite the data with RANDOM data, best a couple of times for the truly paranoid)
2nd: Use the torx set, open the case, and bend the platters
3rd: DO Not reassemble the drive
4th: Move them to your local used electronics disposal unit for metal recycling.
The last time I destroyed a hard drive, I took it round to my mate's house. He's a pyro-technician. We put it on a board in the garden and strapped a flare directly above it. 5 minutes at 3000 degrees later, that sucker was dead. Damn sight cheaper than 11 grand, too.
A microwave will fry the drive's electronics in a second, making it unusable by a computer, but the data on the actual glass or plastic platter would take a little more to render unreadable. Come to think of it, hard disk casings are Faraday cages, so the platters won't be affected at all unless the casing is seriously damaged. Getting there with a microwave would probably total the microwave before the data-carrying layers on the platters even notice anything is happening.
Shattering the platters sounds pretty safe to me; most magnetic methods are unsafe (unless we count the use of an induction oven -- that would vapourise the data-carrying layers on non-metallic carriers and the carriers themselves if metallic...)
Simple instructions for wrecking disks (simple to me anyway)
1. Use screwdriver to undo 6 (or more) screws.
2. Put flat blade screwdriver between platters or between platter and case
Disk are bent and unreadable.
60 per hour? Maybe not but its not $11500 either. Just depends how many you need wrecking.
In the Army we used to have thermite grenades in case of a base attack, forgetting just hard drives, these things would liquidate the insides of computers, bespoke hardware etc and just leave a molten mess in seconds!
The only faster / flasher method was the Russians who had nukes aimed at our bases...
These are tough bastards. One of an old 10GB model was pummled for 10 minutes. Such a good job was done the casing had practically broke in 2.
However a (non IT) manager tells us that there was users data on it (It beggars belief how many users will NOT save on the frigging network) and can we please get her data. After showing him the damage he still requests an attempt. One hour later I had managed to prise what was left of the case off to reveal un damaged platters!!!!!. Moved them to a good (same spec) drive and hey prestro, the users files back, well all frigging 25MB of it........;-)
Oh and I won a £50 bet as well.
Bashing with a hammer does not always work.....although it is fantastic fun.
/Penguin cause it has the IQ of a normal User
You only need to overwrite the data, and you only need to do it *once*. DBAN on this setting is quite quick. Alternatively, if re-deploying the HDD internally, jsut use mkfs -cc which will perform a full-surface write test and not bother to restore what was there before.
Yes, once is enough, no matter what you've heard. No data recovery company will take on a drive that really has been overwritten. It's just that certain operating systems are reluctant actually to overwrite data in case you might want to recover it. (Other operating systems just assume that if you typed rm, you meant rm.)
Every computer storage medium before the advent of solid-state RAM used to be magnetic. If it was really possible to recover overwritten data, somebody would have exploited the phenomenon to double their data storage capacity. The fact that they haven't, speaks volumes.
All this handwaving about microscopes and whatnot ..... get real. It's still orders of magnitude easier just to torture people to get information than to study the surface of a disk platter to find information that may not even be there anymore (improved tracking accuracy is one of the greatest contributing factors to modern storage densities ..... so no more data lurking around the edges of the tracks as in Gutmann's day).
"What you are paying for here, is not just a safe method of disposing of hard drives, but the peace of mind that you are not going to be sued by an employee who has just been mutilated beyond ecognition by thermite, high caliber bullet ricochets or fizzy pop injections."
Health and Safety?!?!?! You get the most enjoyment out of life by living dangerously. Besides, Work is meant to be fun!
Ability to retrieve data from old "destroyed" hard disks? How about this -- 99% of hard disk data recovered after Columbia crash:
Not mentioned if it was run-of-the-mill 24x7 enterprise/military model from X+5 years ago certified for space X years ago, or a premium line of 400M Seagate purpose-built for NASA? (either way, obvious publicity for Seagate?)
Tragic event it was, so many lessons learned. Highly recommend to read-up on the Columbia accident commission review and formal analysis of failure points. Enlightening. This late hard-disk data retrieval adds a memorable perspective to the "lessons learned" chapter.
Institutions suck at anticipation: usually takes a disaster (or large series of lesser accidents) to dig-out procedural, technical, or esp. systemic failures, and progress from findings. No amount of prior warning can do.
...now, where are those bloody disks with financial records crossed with medical check results from the Trans-Atlantic ACME Insurance Corp? Didn't Jake from HMRC promise they would be quietly posted last week???
This device is aimed at people who are SERIOUSLY paranoid about data being recovered. I don't mean medical and financial records, I mean solid evidence of trading with an enemy during war, Government involvement in illegal espionage, logistics trails and drop zones in an active war theatre etc. DBAN is great for internal redistribution of assets, or the odd Vista uninstall at home, but it's not good enough for these people. These people want to see a hard drive which is so completely unusable that they can start sleeping at night again.
$11.5k for a bench drill IS a lot of money, but a free CD image, or a magnetic wand, aren't enough reasurrance for the kind of industry this tool is aimed at.
Thermite is excessive and i'd class it as Emergency only (as in grenade-in-the-case when the base is under attack kind of emergency). It's not often that you have a reinforced floor on which you can safely carry out a thermite reaction; this may well be the next best thing.
Has any one here actually used thermite? Its effective for some things but not for this kinda thing.
Also the chemical fumes comming off a Hd being Roasted would be generally very very toxic.
We used to kill drives like this:
remove circuit board.
open drive. seperate platters, sand with belt sander then smash platter
the assemble the pile and place in bucket of cuastic soloution leave over night outside inthe air.. so u dont die also.
i dont think anyone would have the cash or resources to try to recover them
> take it to your local garage, ask to use the 50 ton bearing press ..... over in
> seconds and afterwards you can take home your ultra thin hard drive
i saw a documentary about that once,
it still kept coming and then somebody took the bits and rebuilt it
Da-da da da-da
Da-da da da-da
... its the only way to be sure.
As for overwriting... it IS possible to recover data from drives that have been overwritten. The theory goes like this:
Imagine that a hard drive data track is a circular motorway, and the data bits are cars stuck in a traffic jam. Cars (data) is parked (stored) on the middle lane and the inside and outside lanes are coned off to make the gaps between tracks. However, the data tracks on a hard drive are extremely narrow, so as to allow more data to be stored on a platter. In fact, they are so narrow that the hard drive magnetic heads can't actually stay in the middle lane all the time. The result is that the data (or cars) sometimes sit astride the white line between lanes.
An erase of a HDD is like a big satellite mounted laser (like the one in Akira) burning down the middle lane of the motorway. Now, because some of the cars are astride the white line, the vehicles are not completely destroyed. The inside and outside lanes will have the remains of the cars that were atstride the white lines sitting at their edges, marking where a car was parked. Take a fly-by picture of an 'erased' motorway and you will be able to see where quite a lot of the cars were parked before the erasing process. When the police sieze a hard drive, they will use special reading heads to scan the areas either side of the central data track and will pick up these remaining data marks.
Repeated erasing will help because the laser is actually the hard drive record head and so doesn't stick entirely to the middle lane. As the laser strays into the inside and outside lanes it will destroy the remains of cars missed on the first pass. Do this enough and there will be too little car remains left to put the data back together.
Of course, it is not the cars themselves that store the data - you need to know what the pattern of the cars is. Thus there are two ways to remove the data from a hard drive; the first is to blank the magnetic data bits, the second is to jumble up the data bits so that it is impossible to work out what order they are supposed to go in. Smashing the fragile hard drive platters with a hammer (pointy hammer + concrete floor + 'user error' enraged PFY) is the quickest and easiest way of doing this. The only way for anyone to read data from a smashed platter is to put all the bits back together, which is like completing an immensley complicated jigsaw with thousands of tiny peices and no picture to go by.
I would like to see some comparative studies of these two methods, because I suspect the hammer option is actually more effective than the method detailed in the article.
I can't post the link as darn work computers block YouTube (I think too much bandwidth was being consumed by watching cartoons), but its a handy 10 second video demonstrating what happens when a 20GB Toshiba laptop IDE HD drive gets caught between a standard claw hammer and a concrete paving slab.
£4 for hammer from B&Q, £2 for little brush to sweep up the many billions of shards of platter on the work surface (guaranteed unreadable), £3 for a pair of protective goggles for the safety conscious, fun.... priceless.
Paris, because some of those billions of unreadable shards contain her best moments!
Thanks for the theory, but the practice goes like this:
In a modern hard disk drive (i.e. one made any time since the Gutmann paper was written), the cars stay very tight in their lanes so almost nothing is straddling the white lines. And there are many, many, many lanes, and the white lines between them are very narrow, and can be intruded over from either side. Storage capacity has increased by some five orders of magnitude since that paper was written, and most of that is due to more accurate head positioning.
Add to that that "one" or "zero" isn't indicated simply by the colour of a car, but by the difference in colours between each car and the one before it; and if you can't see the colour of the car before the one you're looking at, then you still don't know whether your bit is a zero or a one. Or for that matter what file it's even part of, because there are just so many of them.
When the police seize a hard drive, they will use standard Windows tools on it, nothing more. Even a Linux ext3 file system will probably be alien to them. Since the abolition of "innocent until proven guilty", they needn't work too hard to secure a conviction; the tabloid press will do all that for them anyway.
This strikes me as an attempt to drum up sales on the back of paranoia, like many other 'security' issues.
It has been pointed out that hard drive contents can still be recovered even if the contents were reset to zero. This can only be true for areas of the drive that have only been written to once, because previous '0' values will be unambiguously '0' and previous '1' values may leave traces. However, if some/all the bits have previously had a '1' value at some time, this distinction is not possible. If an 'erase' process toggled every bit between '1' and '0', you would have nothing to work with.
At one employer a couple of collegues were sent on a data recovery course. In those days, recovering from floppies.
As part of the day they were given floppies and told to destroy them, rules, must keep all the parts, can't leave the room.
The latter because they did the course at a military chemical weapons place and the IT blokes took the disk out and returned with a smoking slag pile on the end of some very long tongs. So why not take your harddisks somewhere similar. Even if it doesn't erase all the data it'll make the units undesirable to be near.
Oddly enough you dont need to spin a disk to get the data from it, Forensic recovery can image the mag patterns on bent or even fragmented platters specialist software can then rebuild those images into data tracks and hey presto you have data.
The only methods I accept are to break the platter into many many fragments (Via Shredder) or to melt them, (the gas axe cost a lot less than 11k and is more fun! I think it runs at about 1 min per drive also, - clamp the torch and hold the drives with tongs! plug em in for more fun.. once they go off balance the platters usually mush..)
Man, I want a job where you work!
"[ ... ] run over, dropped in a toilet and then thrown out of the window of a seven-storey office block [...]"
I just can't imagine any way that could have happened that doesn't involve drinking copious quantities of alcohol during office hours!
"Every computer storage medium before the advent of solid-state RAM used to be magnetic. If it was really possible to recover overwritten data, somebody would have exploited the phenomenon to double their data storage capacity. The fact that they haven't, speaks volumes."
In a sense, I think they have. Apparently, modern hard drives use some interesting statistical techniques on the analog signal from the read head to cram in as much data as possible. Older drives, though, didn't, and it's theoretically possible to recover overwritten data on those. (The thing is, older hardware couldn't get anywhere near the theoretical limits of the media, and besides the equipment that'd be needed to read overwritten data would be prohibitively expensive.)
Take your box of junk (sorry unwanted hard drives) to the nice man at the local scrap yard and ask him to push it through the metal shredder, if you ask nicely they may even let you drive. I'd defy anyone to reassemble a disk that's been chewed into 1/4" chunks.
Hi, I seem to remember that hard drive platters are coated with Ferric oxide, Iron Oxide or plain rust to you and me. How about injecting Rust remover into the air hole. I use this product all the time and it really dissolve away any rust and its safe and biodegradable. Organic oxygen scavenger...just inject and throw it away. No need to drain it either. I will try it and then open and check the platters, I bet they will be have no surface at all.
DBAN, Eraser and similar tools are perfectly adequate software methods for anyone short of professional criminals, paedophiles, espionage agents or military.
For complete confidence or if you are one of the above (and thus likely to want to hide the data from people with long arms and big budgets) the only satisfactory method is complete destruction of the platters, ideally melting or turning into fine particulate.
Particularly of note is that putting high calibre rounds through the drive, bending the platters, using solvent on the platters or even belt sanding do not actually guarantee that data is completely destroyed (trust me on this).
For those of you with the "I have a cheaper method than 11.5k!..." if it one of the above covered suggestions, consider it already discounted as suitable and if it does cover the criteria but involves hazardous procedures, bear in mind that whilst you might not care about H&S your company does and you will eventually when you injure yourself or worse someone else. Also, in most cases it is necessary to have a safe and effective method which can be certified as such and where you can retain evidence that destruction took place; most of the suggestions above do not qualify without some serious added burdens, whereas this 11.5k kit plus a minimum of written procedures and paperwork will.
Our method :-)
3.5' long stainless steel bar with 45deg point ground on the one end.
Smashes straight through the drive casing and punches a whole and surrounding dent on the platters.
Line the drives up on a concrete floor and you can do about 10 per minute.
And hours of fun for anyone who has worked in computers for long enough.
"To all the pyromaniacs and volcano lovers: what will the greenies say about your terrible polluting ways! "
A charcoal fired homemade furnace is almost perfectly green - you can even reuse the aluminium as tent pegs or something. I will remove the casing and only be melting aluminium platters - I just bought a bag of fire clay to try it out.
Give them to me, I'll stick them on an ROV and 5,000m of downwards motion later, they're thoroughly unrecoverable. 6000psi (>4,500 tonnes per square meter) of pressure in an otherwise unreachable, corrosive environment (plus a good crushing with our manipulators...) on the other side of the world would see to that!
Mine's the boiler suit with the company logo on...
I do contract work for a few local businesses that store customer data, and I am a bit overly careful with drive disposal (as I am one of those customers in most cases). However one of the businesses I do work for is a car dealership owned by my family so I have full access to the machine shop. (See were this is headed?)
1) I cut the drive in half length ways using a really big circular saw thing
2) I use the plasma cutter to destroy the platters (whats left of them)
3) I place whats left in some kind of heated acid that they use for something or other
The results are not pretty even the cases are generally pretty well gone. Not a good solution for high volume destruction (I do maybe one a month), but it even if you could find all the bits you would have a hard enough time trying to decide what it was.
You do not have to physically destroy a hard drive. Multipass random rewrite is effective.
If you see someone claiming "oh but in some hypothetical way maybe something can be gotten off", then ask them a simple question:
Do you know of any hard drive in the history of mankind that has ever had data recovered off of it after successfully completing a multipass random write? There's a reason there exists a standard for doing this, because the pros did try to recover the data and could not.
On the other hand, certain types of drive failure will prevent it from being able to do this overwrite and then the drive will need physically destroyed still.
I have to agree with some who think the cost of this product is excessive, an enclosed drill press with a vice shouldn't cost more than $3000. Not even that much actually but this considers the low volume and higher end product able to withstand constantly drilling, you can't very well have your drive destroyer break at an inconvenient moment.
Drill the casing, insert a largish firecracker, light the fuse and retire to a safe distance.
Drill the casing and insert a lit sparkler, bloody hot that.
Drill the casing and drop in some of that wonderful magnesium we used to burn at school, light and watch the destruction
Sledge hammer, second step may require wire cutters to finish the platter(s)
Pick axe, pointy end, straight through, a couple of hits should do it.
Take the casing apart and shred the platter, or take the wire-cutters mentioned earlier to it.
Drop the thing in a kiln.
Drop the thing in a furnace - there's a reason to get to know your local blacksmith.
Take the pile of useless drives to a local crematoria and see what happens when a coffin load of them gets the treatment.
Take the platters out and fire up your grill/charcoal grill (BBQ for UK readers), that should be warm enough to destroy the platter pretty effectively.
If you simply want to make sure that information on the drive can't be recovered unless the people have the resources of the NSA, you could always low level format the sucker, format it and install Vista, then enable volume compression and encryption and fill the drive with junk.
I still like the idea someone posted of a good heavy hammer and cold chisel. Personally I favor the dismantling and shredding approach, though I have used the low level format/re-install windows approach with moderate success against casual snoopers;
My wife's ex-husband stole her computer during their divorce. I had previously guided her through a simple wipe operation on the drive, then a low level format and windows re-install. The twit and his lawyer employed a data recovery service and they got nothing. No that there was anything to get, but it's still an invasion of privacy. That said, there was also a spare HDD supplied by Gateway as a 'new' replacement for a secondary HDD in the system. It was found to have some interesting images on it, but it was still in it's packaging so no harm there...
Most of the suggested approaches aren't usable in an office environment. Pretty much anything involving high heat or strong chemicals can't be used. Either OSHA or insurance policy rules prevent most things that we consider fun.
Even a drill press is actively dangerous, as is swinging a hammer.
Transporting drives somewhere to destroy them increases the risk of loss and cost.
The safest, quickest approach is a hand-operated hydraulic press. For under $200 you can buy one that will take care of even ancient 14" drives. A hand-pumped one avoids most safety issues, such as guards and safety switches, and you can still crush 2 or 3 drives a minute. Even a sledge takes more time to line up the drives and clean up after.
We use a 20 ton press, which far stronger than required. Anything above 4 tons should be strong enough.
How about DBANing the drive then attacking it with a compound angle grinder. If you make the first cut gently and off centre it will spin the disc and bounce all those lovely carbide particles round the casing.
Then chop the biggest bit in half again and hit the bits with a lump hammer for good measure,
"Do you know of any hard drive in the history of mankind that has ever had data recovered off of it after successfully completing a multipass random write?"
No, not personally, not so far. Nobody had ever been convicted on DNA evidence in the 1960's but people recently have been convicted of 1960's crimes on DNA evidence. There are reports that claim to have but regardless of that you are comparing your current counter security measures against future recovery techniques which could be unknowably harder to evade.
I don't know whether people can truly read data from a shredded or platter-bent hard drive but they do claim to be able to. I do know they will never ever be able to retrieve data from molten slag because of the law of entropy, unless that law has been repealed by Blair. You can't unmelt a disk and melting leaves no fragment intact that can be read. To be honest, sanding off the platters is probably overkill, I just like building stoves so want to build a furnace anyway. It's not a great solution for business although business could take their defunct drives to an existing local forge.
There are different solutions for differing degrees of carefulness:
1) Careless and carefree - Dump the HD as is and rely on the fact so many HDs are dumped that noone will ever have the time to analyse them all in your lifetime, or 'security through obscurity'..
2) Cautious but busy - Overwrite the disk with the best available software.
3) Professionally cautious - Remove the casing , and finely sandpaper both sides of the individual platters.
4) Liable to arrest - Open the drive, melt the platters.
The reason for a forge over any other fire is mainly efficency so ease in achieving the required temperature. It takes a pretty big bonfire to melt one hard disk, and you can't rely on the heat warping the data. A forge can geometrically reduce fuel consumption for applied energy if it is enclosed, insulted and 'blown' with air. You can reach 660 celsius in a big heap of coal, but a bucket sized furnace should only require small amounts of charcoal.
"There's a reason 'first world' militaries only accept physical destruction of media, mate"
Yes, and that reason is to make it **look** as though they have a method of recovering data from anything else. For two reasons: Firstly to put the wind up the enemy (and waste their money destroying serviceable hard drives and buying new ones), and secondly to distract attention from the methods they **really** use to recover data.
A single-pass overwrite with random data is plenty. If you really want to go multiple-pass, save the PRNG seed before the first pass and make the second pass with the complement of the data written on the first pass.
"A charcoal fired homemade furnace is almost perfectly green - you can even reuse the aluminium as tent pegs or something. I will remove the casing and only be melting aluminium platters - I just bought a bag of fire clay to try it out."
Save the lot! I operate a charcoal furnace and do a lot of casting with aluminium, and thus far I have had no issues with mixing old AL stock and HDD casings ("meket" or "meerkat" or sumn I believe someone said the metal was called, which is funny becuase I have always assumed they were made of a 90/10 mix of AL and some other metal, or a similarly high AL/something alloy). I guts the spindles and steel posts out with a vice and some monkey grips, smash the chassis into quarters with a sledgehammer and in the crucible they go. Drive cases with that black shenannigans over the metal are ok as well, the paint they use simply boils off and when you skim the top of the melt, it all comes out.
I make components for robots and various other mech projects I amuse myself with, and so far I have had not a single failure due to the weird alloy i'm apparently making. Also, thanks to the correctly dropped set of words to the CTO here at work, as well as the IT lads at a school a friend works at, I get $20(AUD) per drive destroyed because im melting them down to nothing. I'm sure they are taking a gamble using me, but I have the trust here at work, and my mate does where he works. Also I cast a small HDD keychain for the CTO here ^_^
And I have honestly never bothered trying to access any of the drives. I just couldnt be arsed really.
Seriously though, ask around, you seething mass of unwashed, mirthful, incredible geeks. If you do operate a furnace it may be worth checking to see if you can set yourself up like this. Recycling for cash, plus free metal stock? Nice!
In other news, I think the green reference comes from the fumes that would come off the PCB's, silicon and case paint. There is a reason money smoke smells bad. :)
Epoxy the spindles face to face and then epoxy them onto a shaft. Put that into one standard issue lathe. Set up a tiny cut depth and a tiny feed. Your data will end up as several miles of aluminium (note the correct spelling) swarf.
I understand that aluminium lends itself very well to being recycled.....
To quote the classic 70's show title; "Get out of that"
I suppose it depends on who you think might try to read the data. If its another worker in the gvmt etc then simply doing a delete on all the files would work... hell, putting them into a new folder would confuse the sh*t outta them.
But, yeah, thermite gets my vote.... mmmm liquidy
Paris, coz she would be confused by the moving of files into a new folder
Drive cases seem to be made of various materials, some are aluminium and some are steel, usually older ones.
Thermite is very good for destroying drives tho, and very cheap.
http://www.ev4.org/thermite/ contains a few pictures and a very low quality video of the aftermath of 3 hard drives being thermited. One steel cases 9GB IDE drive, one aluminium cased 4GB IDE drive and one 2.5" 30GB laptop drive...
The 4GB drive melted to a pool of liquid that was stirrable with a stick for several minutes afterwards...
The laptop drive seemed to completely disappear, i assume it was completely melted and merged with the other drive.
The steel one stood up a lot better, and just had about 1/4 of the drive left as a stub while the rest had been melted away.
Some of the magnets were still identifiable after the melting, i guess we should have used more thermite!
For anyone who's interested, the components of thermite are readily available on ebay.
I was going to ridicule your conspiracy theory but someone else has beaten me to it, so allow me to simply confirm that from first hand experience as well as anecdotal evidence, if you are up against people with the money and technical expertise of a government, software methods are not going to suffice (at least not without a _lot_ of repeated overwriting).
In fact, if you happen to encounter the wrong (or right, depending on perspective) police force, you're in a similar boat; many are hopeless at digital forensics but quite a few are not and several employ professionals to assist them who are anything but Uni students with a server or two and some open source tools.
As I said originally, it all depends on what you are trying to hide and from whom; if it's your pictures of the ex-girlfriend from a determined or tech-savvy (and presumably quite creepy!) new squeeze, DBAN will do nicely (although if you want to keep them, TruCrypt volume is the way to go ;¬) ). If you are handling the kind of stuff that ought to attract the attention of well funded police operations, intelligence services or well-heeled crime syndicates, and you want the data gone, physical destruction of the drive is called for and to be effective and certain, that means total destruction of the platters (and on modern drives you want to toast the silicon too, to get the cache, just in case, as has previously been pointed out). Of course if you simply want to keep it and prevent access, correct use of TruCrypt, again, is the way to go.
So, your suggestion is perfectly reasonable for most people, I mean, who really has to worry about digital forensics being used on their drives? However, it is not the foolproof method you seem to believe. If I were recycling drives I'd use DBAN, if I were expected to _destroy the data beyond all recovery_ then those platters are going to become liquid and the drive electronics are going to become ash.
[Black Helicopter because of conspiracy theories and repeated reference to 'the powers that be' ;¬)]
"Save the lot!"
Thanks for the tips, I will do. Is your furnace homemade and if so can I ask you some other questions ? Is is a bucket forge big enough for melting three hard drives simultaneously ? I am about to mix two different forge refractory mix, one with vermicilite and one just 3 parts fireclay to one part cement, the one ingredient I don't have is cement - I build camp stoves and so have never needed it. I also have no safety gear - where do you buy leather aprons and eye glasses that can withstand molten metal splashes ? Do you preheat the air input and how many air inputs do you have ? Can your furnace melt steel or iron ?
"And I have honestly never bothered trying to access any of the drives. I just couldnt be arsed really."
I have old drives, some of them other peoples, all of them broken. I have kept them in the hope of repairing them and recovering the odd bit of data/ nostalgia as recovery techniques progress
"I get $20(AUD) per drive destroyed because im melting them down to nothing."
That's £9.49. If my forge does work then I'll melt down disks for that price for folk here, in front of the owner if they wish.
"I'm sure they are taking a gamble using me, but I have the trust here at work, and my mate does where he works."
Any data deletion service could be used to intercept disks - being able to see the process would be reassuring to customers who don't know you.
"Also I cast a small HDD keychain for the CTO here"
Cool idea. How much metal does a complete hard drive produce ?
Biting the hand that feeds IT © 1998–2019